Executive Summary
The rise of web3 could become a defining moment in the energy industry's evolution – but we have limited understanding of the potential this new, blockchain-based iteration of the internet holds for the sector. What are the opportunities and challenges presented by web3 for the energy industry, and what should policymakers do to respond to them?
In this explainer, we examine what makes web3 different and show how it can improve energy-related transactions through automation, transparency, verifiability and democratization. We also explore the policy challenges, including innovation and regulatory risks.
Despite web3's potential, significant hurdles remain to maximizing its benefits for the energy sector – so we conclude by setting out next steps for governments to consider when developing their approach. Policymakers must update energy-market regulations to allow web3 to flourish while addressing areas where existing laws are no longer appropriate or relevant.
What Makes Web3 Different?
The term web3 refers to a vision for what the internet could look like in its next iteration – decentralized, and underpinned by blockchain technology. Having evolved from the days when it served read-only content into today’s version where social interactions thrive, the internet is soon to enter this third generation. It will see advanced technologies from artificial intelligence (AI), the Internet of Things (IoT) and distributed ledger technologies (DLT) colliding with traditional web technologies. Different labels are already being applied – the semantic web, the spatial web, the decentralized web and others – but these do not necessarily help us understand the impact. Nonetheless, as with previous internet generations, web3 is likely to be transformative.
Continue reading: https://institute.global/policy/web3-and-energy-transition-policy-primer

Web3 is the kitschy term that refers to the next iteration of our internet—including cryptocurrencies, decentralized networks, the blockchain and more. While for many people the concept of Web3 seems a futuristic, light-years-away idea, the truth is that it’s much more impending than we think, with many elements already firmly entrenched in the wider public consciousness. Nine countries have already launched Central Bank Digital Currencies (CBDC)—virtual currency backed and issued by a central bank.
The cutting-edge technologies of Web3 are revolutionizing industries and parts of everyday life, which also means they bring with them novel security threats. This begs the question: With such nascent technology, what other kinds of emerging threats are out there? And how do we protect ourselves?
Cryptojacking
As with all popular trends, it doesn’t take long for cybercriminals to jump on the bandwagon. In Reason Labs’ State of Consumer Cybersecurity report, RAV researchers revealed 2021 was “the year of the miner.” The number of crypto miners distributed throughout 2021 was enormous, as almost 60% of all Trojan activity detected last year were miners. It’s a threat that, although it may not harm a user’s device like traditional malware might, will directly affect a user’s pockets—your electric bill can skyrocket from the constant use of computing power as crypto coins are harvested without your consent.
Continue reading: https://www.forbes.com/sites/forbestechcouncil/2022/05/04/the-rise-of-web3-what-cybersecurity-concerns-should-we-look-out-for/?sh=1597c0e5672f

Right now, drones are either flown under controlled conditions, with no wind, or are operated by humans using remote controls. Drones have been taught to fly in formation in the open skies, but those flights are usually conducted under ideal conditions and circumstances.
However, for drones to autonomously perform necessary but quotidian tasks, such as delivering packages or airlifting injured drivers from a traffic accident, drones must be able to adapt to wind conditions in real time—rolling with the punches, meteorologically speaking.
To face this challenge, a team of engineers from Caltech has developed Neural-Fly, a deep-learning method that can help drones cope with new and unknown wind conditions in real time just by updating a few key parameters. 
Neural-Fly is described in a study published on May 4 in Science Robotics. The corresponding author is Soon-Jo Chung, Bren Professor of Aerospace and Control and Dynamical Systems and Jet Propulsion Laboratory Research Scientist. Caltech graduate students Michael O'Connell (MS '18) and Guanya Shi are the co-first authors.
Neural-Fly was tested at Caltech's Center for Autonomous Systems and Technologies (CAST) using its Real Weather Wind Tunnel, a custom 10-foot-by-10-foot array of more than 1,200 tiny computer-controlled fans that allows engineers to simulate everything from a light gust to a gale.
"The issue is that the direct and specific effect of various wind conditions on aircraft dynamics, performance, and stability cannot be accurately characterized as a simple mathematical model," Chung says. "Rather than try to qualify and quantify each and every effect of turbulent and unpredictable wind conditions we often experience in air travel, we instead employ a combined approach of deep learning and adaptive control that allows the aircraft to learn from previous experiences and adapt to new conditions on the fly with stability and robustness guarantees."
Continue reading: https://www.caltech.edu/about/news/rapid-adaptation-of-deep-learning-teaches-drones-to-survive-any-weather

Artificial intelligence (AI) and related technologies are becoming increasingly mainstream business tools. If you're planning an AI implementation, beware of these potential pitfalls
Artificial intelligence (AI) and machine learning can be invaluable assets to business success. By implementing AI, businesses can automate hours’ worth of manual labor sifting through data to enable smarter and faster business decisions. However, automation and AI do not remove the need for human responsibility.
It’s important to follow best practices to ensure AI helps versus hurts your business. Here are five mistakes to avoid in leveraging AI to meet company goals.
1. Not identifying the correct use case
By now, many businesses realize the benefits of AI. In fact, if you don’t have automation somewhere in your company, you’re probably falling behind your competitors. According to a PwC study, 86 percent of respondents expect AI to become a ‘mainstream technology’ at their company in 2021.
Despite the proliferation of AI use, arbitrary attempts to implement AI for your business are ill-advised. It’s important to apply AI to the right use cases for the best outcomes. Instead of asking ‘Can I apply AI to this situation?’, ask ‘Am I applying the right AI to the right situation?’ AI implementation for certain business processes must ultimately be worth it in company time and resources. If AI is running incongruously with business goals, time and company resources will be wasted.
Continue reading: https://enterprisersproject.com/article/2022/5/5-artificial-intelligence-adoption-mistakes-avoid

The majority of work in the digital age will be performed by Hybrid Intelligence, which combines human and artificial intelligence (AI)
The majority of work in the digital age will be performed by Hybrid Intelligence, which combines human and artificial intelligence (AI), using complementary qualities that, when joined, boost each other. Artificial and human intelligence thrive at very different tasks. Moravec’s paradox claims that it is relatively easy to make computer systems do well on IQ tests or play chess, but it is difficult, if not impossible, to give them the perceptual and movement abilities of a one-year-old kid.
Why is Hybrid Intelligence important?
Artificial intelligence is (still) limited in scope, but humans, in general, are not. It excels in performing precise, well-defined tasks based on a specific sort of data and in a controlled setting. In comparison to humans, who can learn from only a few instances and cannot operate with specialized data kinds, such as soft data, artificial general intelligence would require a large quantity of training data. This is where humans have an unrivalled competitive edge, and it is critical to remember this.
Because the brain and artificial intelligence use substantially different algorithms, each excels in ways that the other completely fails. Machine learning algorithms outperform humans in detecting complicated and subtle patterns in vast data sets. However, the brain can process information effectively even when there is noise and ambiguity in the input — or when situations change unexpectedly. This is why humans and AI must collaborate and join forces as hybrid intelligence. According to research, this is exactly how executives envision the future of work: AI, according to 67% of them, will enable people and robots to collaborate to harness their respective skills.
Continue reading: https://www.analyticsinsight.net/why-hybrid-intelligence-is-the-future-of-artificial-intelligence/

It's no secret that AI is taking over the investment industry. Investment managers themselves are acutely aware that technological change is coming: In a study by Accenture, 95% of respondents said that an asset manager's technology, data and digital capabilities will be differentiators in 2025. But how do we get from here to there?
AI has been notoriously difficult to implement within financial services, and more specifically in the realm of investing. One main reason is that compared to the technology industry, finance is famously proprietary. The world's financial AI experts tend to be deeply embedded into single organizations for years, if not decades, preventing the cross-collaboration and open-source mentality that is prevalent in other industries.
The other reason AI is so difficult to properly implement is that there are really two problems here, not one. The first problem is the one you expect: getting a signal. But the second problem is even trickier: knowing when, how and why to trust that signal and what all of that means for your trading strategy.
In another recent report on the topic, Deloitte suggests that asset managers should start by focusing on quick wins, embracing strategic collaborations and partnerships and clearly defining their AI strategy.
There's something to that. When implementing AI, the world's asset managers are tasked with crafting the right balance of in-house expertise and external support. In doing so, they need to understand what is best built by their own team and when it's best to tap into mutualized innovations.
The following are three key considerations you should take when exploring what you may need to develop internally and where you may need a new tool in your arsenal.
Continue reading: https://www.forbes.com/sites/forbestechcouncil/2022/05/04/three-things-to-consider-when-bringing-ai-to-asset-management/?sh=5d6d844e232b

Companies are using artificial intelligence for basic communication, to make product recommendations and more. In the world of marketing and advertising, the applications for AI are virtually endless—brands come up with new ideas and innovative ways to leverage it every day.
What is the best way to employ AI in marketing and advertising in 2022? Every agency leader will have their own preferences and notions about the most effective use cases for AI in their space, and below, members of Forbes Agency Council share their current favorites.
1. Understanding The Emotions Creative Work Creates
My favorite way to employ AI in marketing and advertising is for understanding which emotions will be created with different types of creative work, especially music. Machine learning and AI help us to have a solid premarket indication that lets us explore different routes without expensive market research. Clear, repeatable, comparable and efficient: AI shapes the way we navigate through creativity. - Michele Arnese, amp
2. Developing Natural Language And Brand Persona
Natural language and brand persona development using AI tools is essential to helping clients determine how they and their industry are described. This helps us find the words to describe who they are and understand how the market or audience is speaking. The use of this data as an unbiased review of word choice in direct marketing eliminates the gap-closing work (and hard work) in talking about yourself. - Kathleen Lucente, Red Fan Communications
Continue reading: https://www.forbes.com/sites/forbesagencycouncil/2022/05/05/15-exciting-ways-to-leverage-artificial-intelligence-in-marketing-and-advertising/?sh=b97ebd220826

Industrial cleaning drone company Lucid Drone Technologies has chosen T-Mobile as its exclusive IoT connectivity and management provider for its growing fleet of commercial cleaning drones. 
The collaboration is expected to allow for greater integration of drones for maintenance work at high-risk facilities, such as high-rise window washing at outdoor stadiums and arenas, hotels and universities, in what T-Mobile has described as a “game changer for safety of maintenance teams.” 
The partners are hoping to harness T-Mobile’s 5G capabilities to enable more data-intensive capabilities via the T-Mobile Control Center; monitoring and managing the connectivity of the drone fleet in real-time. With the newly connected devices, possible capabilities include video streaming, real-time monitoring of flight data and remote piloting, delivery of firmware and software updates, and hardware diagnostics. 
Continue reading: https://www.iotworldtoday.com/2022/05/04/t-mobile-to-power-iot-cleaning-drones/

Commercial use for drones in Hawaii for construction, inspections, and green energy have taken off and Drone Services of Hawaii is on the front line of the work being done for businesses. Mike Elliot joined John Veneri on Living808 to discuss exactly what they do.
“We’ve been in business since 2014. We’ve done a lot of mapping work. We do a lot of solar work for a lot of the solar fields that are out here. To make sure that they’re up and operating properly. Then a lot of building inspections. We’ve done a variety of beach erosion and roadway projects and stuff that we have here in Hawaii on the different islands.  Engineering and construction firms out there, we’re able to work with you to provide, you know, highly accurate maps. We can come back on recurrent basis on construction projects. We’ve done volumetric jobs for quarries and over at the East White Coal fired power plant on their annual volumetric surveys, we’ve done building inspections for facades, looking for cracks and damages on a lot of these high rise buildings.  So it saves time in the scaffolding that maybe would traditionally be necessary. And we’re able to provide these products easily, a lot safer, a lot faster and with greater accuracy than a lot of traditional methods that are currently used.”
Continue reading: https://www.khon2.com/living-808/drone-services-hawaii-is-taking-off-for-commercial-use/

Local startup company AERAS will once again return to Churchill Downs to help sanitize the facility ahead of this weekend's Kentucky Derby by using a multi-copter drone to clean the exterior seating area of the complex that in prepandemic times drew more than 150,000 people for the annual horse racing event.
It's the second year in a row that AERAS will show off its capabilities at the facility, which has lifted its Covid-19 mitigation efforts for the first time in two years. In addition to sanitizing the seating areas, a feat AERAS has done locally inside PPG Paints Arena and at PNC Park, the startup will also use its drones to power wash portions of the exterior building facade at the racetrack, which is a new feature AERAS has been able to accomplish over the past 12 months.
"When we started in March-April of 2020, the first kind of vision was the development of this electrostatic drone that could fog sanitizers for large-scale sports and entertainment venues," AERAS Co-founder and CEO Eric Lloyd said. "We (then) came to the realization that we're not a sanitization company that uses a drone, we're truly a drone technology company that focuses on R&D to bring solutions to a variety of industries, and that's what kind of led us down the path of basically; if it can be done with a drone, that's the business that we're in."
As for its sanitization capabilities, Lloyd said the solution its drone uses is microbiostatic and that it is capable of creating a thin barrier that can coat "everything" above the seats and even underneath them.
"We're charging the particles that atomize with 160,000 kilovolts," Lloyd said. "So when you think about it; when it rains, the top of a picnic table gets wet but the underside does not. That's not the case here. Because those particles are so charged, they're seeking a grounded surface, so when the fog falls to the, let's say right under the surface, it then doesn't hit the ground. It actually wraps uniformly and gets complete coverage underneath as well as above (the seats)."
Lloyd said the startup currently employs 10 workers out of its Evans City headquarters. He said the startup is producing revenue, all of which is being reinvested back into the company, though he declined to disclose figures. AERAS has not taken on any forms of investment dollars in exchange for equity of the company, Lloyd said.
Continue reading: https://www.bizjournals.com/pittsburgh/inno/stories/profiles/2022/05/04/aeras-sanitizes-churchill-downs-kentucky-derby.html

Drones have become an increasingly normal part of daily life, but that may not be a bad thing. Here’s why.
Paul Huish and his company DroneHive are here to change the way we think about autonomous drones. DroneHive is a “leading drone service provider for aerial data collection” that specializes in connecting businesses with licensed drone pilots employed by the company. It is based in Park City, UT.
Huish says that “drones are for good,” and far from the kind of end-times, Skynet harbinger of the robot apocalypse that many feel they represent. “Drones are here to stay and are being embraced at a huge scale across all industries,” says Huish. 
Huish comes from a family of “Utah entrepreneurs” and has experience working in other industries as highly regulated as that of drones. 
DroneHive provides drone service to a wide swath of companies in an even wider range of industries. These include green energy, cell tower infrastructure, construction sites, civil engineering projects, agriculture, and more. “If you can capture it with a drone, we are trying to get into that business” says Huish. DroneHive primarily specializes in data collection through three different types of imaging: RBG or traditional video, thermal and infrared imaging, and multispectral imaging. 
Continue reading: https://www.abc4.com/news/local-news/utah-drone-company-speaks-on-why-drones-are-good/

A free and relatively new curriculum designed by the Aircraft Owners and Pilots Association (AOPA) Foundation helps students learn critical problem-solving skills by teaching them how to fly airplanes and drones, and it prepares them for a variety of careers in the aviation industry. The curriculum--now used in more than 320 schools in at least 44 states--is addressing massive shortages of pilots, air traffic controllers, aviation mechanics, and other jobs in the industry. Here is a look at how the program works at Magruder High School in Rockville, Md.
Read more: https://www.youtube.com/watch?v=VZ8u6xGUtxU

Hats off to investigative reporter Paul Van Osdol of Pittsburgh Action News. The channel has undercovered the criminal record of one of PennDOT’s advisors on bridge inspection.
Justin Melanson is a cofounder of drone company Aeras and claims that PennDOT had full knowledge of his record and that he also advises Police drone operators.
In 2018, Melanson was convicted on multiple felony counts of refusing to perform services after receiving payment. He was sentenced to up to two years in prison and ordered to pay $31,000 in restitution. He spent 11 months behind bars and was released in February 2019. In 2015, Melanson got probation after pleading guilty to similar charges. He was ordered to pay $13,000 in restitution.
Read the full article here.
Did the company name sound familiar? Aeras were the folks with Covid fogging drones.
Since 2020, AERAS has been an international leader in charged-electrostatic drone innovation. Headquartered in Pittsburgh, Pennsylvania, AERAS is an emerging technology company specializing in drone applications.
Continue reading: https://www.suasnews.com/2022/05/penndots-drone-advisory-task-force-advised-by-felon/

Fast-food giants, such as Starbucks, Domino's, and Chipotle, are typically the first movers when it comes to restaurant innovation. Casual-dining chains are often the last to adopt new technologies.
But Chili's is looking to blaze its own trail by pulling the industry's version of a technological hat trick. The 1,200-unit chain is leaning into three robotics and automation technologies: autonomous rovers, drone delivery, and robot food runners and hosts. 
"We don't want to be laggards," said Wade Allen, the senior vice president of innovation for Chili's parent company, Brinker International. "We need to be thinking about innovation. We need to be thinking about robotics in the restaurant and making life easier for operators."
The timing is right for Chili's. Food-service robots and drones are taking off as the pandemic and a challenging hiring environment have fueled faster adoption of cost-saving labor and delivery tools. Investors are taking notice, pouring millions into robotics and autonomous logistics startups, such as Coco, Serve Robotics, Bear Robotics, Miso Robotics, and Flytrex. 
Allen said he researched various startups and went with drone delivery by Flytrex, self-driving rovers by Serve Robotics, and robot food runners by Bear Robotics. Here's why.
Company: Bear Robotics
Technology: Robot food-service assistants 
Job duties: Rita the Robot, a play on the chain's famous margaritas, tackles multiple tasks, such as escorting guests to tables, singing birthday songs, helping servers deliver meals, and busing tables. 
Deployment: In 2020, Chili's tested the first robot at one restaurant in Dallas. Six months ago, the chain expanded the pilot to 10 restaurants in California, Texas, and Florida. In April, the company added a Rita the Robot to 51 more restaurants, bringing the total to 61 locations. 
Chili's take on the tech: Adding robot food assistants is not a labor-replacing move, Allen said. "Humans matter," he added. But there's a lot of "mundane tasks that go on in the restaurant" that don't necessarily have to be solved by humans, such as delivering dishes or clearing tables. 
Continue reading: https://www.businessinsider.com/chilis-is-testing-drones-robots-to-save-on-delivery-fees-2022-5

In this episode of the IoT For All Podcast, MistyWest’s CEO, Taylor Cooper, joins Ryan Chacon to discuss the engineering side of IoT and the current chip shortage. The podcast opens up with a discussion around MistyWest, the industries they focus on, and the current state of engineering in IoT. Ryan and Taylor then talk about where engineering firms add the most value to an IoT solution and how the chip shortage has affected companies within the industry. They wrap up the podcast by breaking down challenges Taylor has seen IoT companies encounter.
Taylor has over 15 years of experience working in hardware product development and is a founding employee and CEO of MistyWest. He graduated from Engineering Physics at UBC, has worked on medical instrumentation, and is an author on the foundational patents for HAVEN IAQ. At MistyWest, Taylor has led projects for medical diagnostics, Agtech, and IoT.
Continue reading: https://www.iotforall.com/podcasts/e181-chip-shortage-impact-on-iot-industry

I spoke with Lakshmi Sharma, Chief Product Officer at Fastly, who offered a wide ranging tour of today’s edge computing sector, and discussed the challenges with distributed applications at the edge.
Among the topics we covered:

• As you survey the edge computing market, what forces are driving the market?
• What are the challenges involved with building distributed applications at the edge? Any advice that you would give companies?
• How is Fastly addressing the CDN and edge computing needs of its clients? What’s the Fastly advantage?
• The future of edge computing and serverless? What are some key milestones we can expect in the years ahead?

Read more and listen to the podcast: https://www.eweek.com/enterprise-apps/fastlys-lakshmi-sharma-on-edge-computing-and-distributed-applications/

Researchers at IoT security firm Nozomi Networks are warning that a popular library for the C programming language for IoT products is vulnerable to DNS cache-poisoning attacks. The bug is 10 years old and, at present, could not be fixed by its maintainers.
Nozomi security researcher Andrea Palanca discovered that the Domain Name System (DNS) implementation of uClibc and uClibc-ng C libraries used in several popular IoT products generates predictable, incremental transaction identifiers (IDs) in DNS response and request network communications.       
uClibc stopped being maintained in 2012 after the release of version uClibc-0.9.33.2, while the uClibc-ng fork is designed for use within OpenWRT, a common OS for routers "possibly deployed throughout various critical infrastructure sectors", according to Palanca.
SEE: The Emotet botnet is back, and it has some new tricks to spread malware
uClibc is also known to be used by Linksys, Netgear, and Axis, and Linux distributions, such as Embedded Gentoo, notes Palanca.
Nozomi has opted not to disclose the specific IoT devices it tested because the bug is unpatched. However, Palanca notes the devices tested were "a range of well-known IoT devices running the latest firmware versions with a high chance of them being deployed throughout all critical infrastructure." 
The uClibc-ng fork is a small C library for developing embedded Linux systems with the advantage of being much smaller than the GNU C Library (glibc). 
Palanca says he reported the issue to ICS-CERT in September to undertake a VINCE (Vulnerability Information and Coordination Environment) case with CERT/CC. In April, CERT/CC approved his request to proceed with vulnerability disclosure on May 2. The issue is being tracked as ICS-VU-638779, VU#473698. 
CERT/CC invited uClibc-ng's maintainer to the VINCE case in mid-March but the developer said he was unable to implement the fix himself and suggested sharing the vulnerability report on the mailing list with a "rather small community" that might be able to help implement a fix.
Continue reading: https://www.zdnet.com/article/this-unpatched-dns-bug-could-put-well-known-iot-devices-at-risk/

Question: What do I need to know about defending Internet of Things (IoT) attack surfaces?
Bud Broomhead, CEO at Viakoo: There are several reasons why it's critical for organizations to defend their IoT attack surface, most importantly being that IoT devices are powerful systems containing compute, storage, and networking that threat actors view as the easiest way to breach an organization or enable exploits. The attack surface needs to be part of the overall corporate infosec policy unless a specific exemption is given, including policies around firmware patches and using certificates. The impact of not defending the IoT attack surface is massive and tends to fall into two categories. First is realizing that IoT device vulnerabilities are an effective method to breach an organization, and second is preventing IoT devices from being used in broader cyberattacks against multiple organizations.
Let's start with why IoT devices have become a preferred method for cybercriminals to breach an organization. IoT devices are hard to secure, they exist at five to 20 times the scale of IT devices, and they are often physically distributed widely across the organization (neatly contained in data centers). Traditional IT security solutions don't work for IoT because they are often agent-based, and IoT devices do not allow agents to be placed on them due to the devices having unique operating systems and communication protocols.
Not only are there more vulnerabilities impacting IoT devices than traditional IT systems, IoT devices offer a wider set of exploits to a threat actor. For example, man-in-the-middle attacks are essentially a solved problem for IT systems, yet they still can be effective against IoT systems. These are some of the reasons threat actors view IoT as low-hanging fruit in breaching an organization.
Continue reading: https://www.darkreading.com/edge-ask-the-experts/what-should-i-know-about-defending-iot-attack-surfaces-

An unpatched vulnerability in a popular C standard library found in a wide range of IoT products and routers could put millions of devices at risk of attack.
The vulnerability, tracked as CVE-2022-05-02 and discovered by Nozomi Networks, is present in the domain name system (DNS) component of the library uClibc and its uClibc-ng fork from the OpenWRT team. Both uClibc and uClibc-ng are widely used by Netgear, Axis, Linksys and other major vendors as well as in Linux distros designed for embedded applications.
uClibc’s DNS implementation provides a mechanism for performing DNS-related requests including lookups and translating domain names to IP addresses.
At this time, a fix is currently unavailable from uClibc’s developer which means that devices from more than 200 vendors are currently at risk of DNS poisoning or DNS spoofing that can redirect a potential victim to a malicious website hosted on an attacker controlled server.
Risk of DNS poisoning
Security researchers at Nozomi first came across the vulnerability in uClibc after reviewing traces of DNS requests performed by a connected device at which time they found several peculiarities caused by the library’s internal lookup function. Upon further investigation, the IoT security firm discovered that the transaction IDs of these DNS lookup requests were predictable and therefore DNS poisoning could be possible in certain circumstances.
Nozomi Networks provided further insight in a blog post on what an attacker could accomplish by carrying out DNS poisoning on vulnerable IoT devices and routers, saying:
“A DNS poisoning attack enables subsequent Man-in-the-Middle attacks because the attacker, by poisoning DNS records, is capable of rerouting network communications to a server under their control. The attacker could then steal and/or manipulate information transmitted by users, and perform other attacks against those devices to completely compromise them. The main issue here is how DNS poisoning attacks can force an authenticated response.”
Continue reading: https://www.techradar.com/news/millions-of-iot-devices-and-routers-could-have-a-mega-security-flaw

The affected library is uClibc, which is designed for developing embedded Linux systems. According to the official uClibc website, the library is used by Linksys and Netgear for their wireless routers, and by Axis for its network cameras. uClibc-ng, a fork for the OpenWRT router operating system, is also impacted by the vulnerability.
The security hole, tracked as CVE-2022-05-02, can be exploited for DNS poisoning attacks against affected devices.
“In a DNS poisoning attack, an attacker is able to deceive a DNS client into accepting a forged response, thus inducing a certain program into performing network communications with an arbitrarily defined endpoint, and not the legitimate one,” Nozomi explained in a blog post detailing the vulnerability.
“A DNS poisoning attack enables a subsequent Man-in-the-Middle attacks because the attacker, by poisoning DNS records, is capable of rerouting network communications to a server under their control. The attacker could then steal and/or manipulate information transmitted by users, and perform other attacks against those devices to completely compromise them,” the company added.
There is no patch for the vulnerability, but its disclosure will hopefully lead to the development of a fix.
The vulnerability was discovered by Nozomi researchers last year, but the developer initially appeared unresponsive. The developer finally responded in March saying that they were unable to fix the vulnerability on their own and asked that it be publicly disclosed in hopes that the community could help address it.
In the meantime, CERT/CC, which Nozomi notified about the vulnerability last year, started privately notifying impacted vendors in January.
Continue reading: https://www.securityweek.com/many-iot-devices-exposed-attacks-due-unpatched-flaw-uclibc-library

The tech industry has traditionally been male-dominated — but it doesn’t need to stay that way. There’s enough room for everyone at the table, as long as employers are willing to do the work to create those opportunities. 
While women hold half of all jobs in the U.S. and more than half of the college degrees, they only fill 26.7% of tech-related jobs, according to the WomenTech Network. Until the tech industry recognizes their role in the recruiting process, the statistics will remain startlingly low. 
It’s a two-pronged problem, says Paula Ratliff, president of Women Impact Tech, an organization driving equity in tech: employers aren’t always implementing the right hiring practices, and women aren’t necessarily looking for them. 
“It's a supply and demand problem,” Ratliff  says. “Women are typically very loyal — once we do find a great career we have a tendency, more than our male counterparts, to stay at those organizations. We don’t search the market like our male colleagues do and take new opportunities as frequently. So recruiting for women in technology is really tough.” 
Forty-eight percent of women in tech and STEM jobs reported some form of discrimination in the recruitment or hiring process — 66% of women reported a lack of a clear path forward in tech professions and 39% viewed gender bias as a significant barrier in tech job access, according to Builitin, an online forum for startups. 
The solution is to reimagine the approach to recruiting in its entirety and ensure that the environment employers are recruiting women into is safe, comprehensive and fair, Ratliff says. Here are her top tips:
Continue reading: https://www.benefitnews.com/list/recruiting-tips-for-tech-employers-hiring-women

Today’s Woman in Tech: Alison Tierney, GVP EMEA at Snowflake
Alison Tierney is Snowflake’s Global Vice President (GVP), responsible for Snowflake’s market operations and sales teams in Europe, the Middle East, and Africa (EMEA), where Snowflake currently has over 600 employees. She has over 20 years of experience in the tech industry, having worked for tech veterans such as IBM, Oracle and HP, as well as startups such as AppDynamics. For these companies, she has acquired hundreds of new customers, developed revenue growth strategies, and led large sales teams.
When did you become interested in technology? What first got you interested in tech?
That was in 1999. I was looking for a long-term perspective in a field that develops quickly and changes frequently. I don’t really feel comfortable in a static environment—I like the constant need to move, change, and adapt things.
At the time, the tech industry appealed to me because it was just starting to open up and become accessible to a broader mass.
Continue reading: https://jaxenter.com/women-in-tech-tierney-175839.html

Smart cities are key to improving quality of life of citizens and driving down carbon emissions. And monitoring power, air and water quality and transport requires reliable low-cost sensors in a rugged, cost-effective network.
Public utility operators were early adopters of Internet of Things (IoT) technology for cities that need to increase sustainability as well as make quality of life improvements for citizens and visitors. One of the biggest opportunities for the IoT sensor networks is to improve efficiencies and better manage natural resources.
Knowing how weather-related conditions such as rain and water levels are changing in real-time can help prepare for and react to potential dangers faster to better protect infrastructure and the community. Connected sensors enable this data capture, advanced analytics uncover key insights, and long-range connectivity is important as sensors are in outdoor and harsh environments.
Low power sensors and networks
Low power wireless sensors powered by batteries or solar cells can provide key data for such IoT networks, whether for water supply, electricity, smart buildings or logistics. Battery-backed sensors can be placed in many locations to provide as much data as possible and LPWANs provide a long range link with a battery lifetime of decades, minimising the cost of rolling out a monitoring network by avoiding the need for regular battery replacement cycles.
  
All of this data can be ingested into machine learning databases that can identify patterns, highlighting equipment that may be about to fail, and allowing resources to be provided more accurately. This is an essential element in optimising the use of increasingly scarce resources and improving the quality of life of citizens in a city.
 
In fact, 84 per cent of IoT deployments are currently addressing the Sustainable Development Goal (SDG) targets defined by the United Nations according to a joint World Economic Forum and IoT Analytics report.
 
These sensor networks provide this actionable data across many parts of the smart city in several different ways. The early implementations have seen sub-GHz networks used for smart street lighting, air quality sensors and traffic monitoring.

All of this data can be ingested into machine learning databases that can identify patterns, highlighting equipment that may be about to fail, and allowing resources to be provided more accurately

Click to expand...

The long range and low power of the LPWAN network allows sensors to be placed where they make the most sense to provide the necessary data, rather than placed depending on the available power or connectivity. These sensors link to gateways that feed the data back into enterprise software systems for real-time monitoring.
The range and robust design of the network means only a few gateways are needed to cover a city, and these can be rolled out quickly and easily in convenient locations by city governments, LPWAN network operators or even by citizens with a broadband connection and their own gateway.

Otago South River Care is holding a field day today and tomorrow on a farm in Balclutha with over 80 people expected to attend.
Group co-ordinator Rebecca Begg said catchment group members often talk about innovation on farms and drones keep coming up as something farmers want to try.
"Many are interested but aren't ready to take the leap yet, so we want to show them what's available and get some of the technology down to the South Island as most of it is based in the North Island."
Drone company Ferntech and contract spraying company Aerial Agri Solutionz will showcase their drones.
Begg said there is a growing list of how drones can be used on farms.
"You've got your standard drones, which you can use for inspection purposes so either looking for stock or checking troughs. You can get drones with speakers on them which people call barking drones so those are used for mustering.
"We've got a thermal drone that's coming out of Auckland, that can be used for pest management and spray drones which can be used for spot and blanket spraying particularly in smaller areas that you can't get to with a helicopter."
Begg said farmers are embracing the technology.
"I think there's a lot of things at the moment that are making farmers look at how they can do things more efficiently and also in a more sustainable sort of way, especially when you look at things like the price of diesel and fuel.
"Technology is becoming integrated into farming practices now and there's just so many things drones can help with."
Continue reading: https://www.rnz.co.nz/news/national/466396/farmers-keen-to-embrace-diverse-uses-of-drones-in-rural-setting

When an employee feels they need or want more than what they’re receiving at work, they must address the issue with management and negotiate for a favorable outcome. However, many employees feel awkward negotiating with their boss for anything.
One should never remain quietly dissatisfied at work when it comes to asking for a well-deserved salary increase, promotion or more flexible schedule. Here, 15 members of Forbes Coaches Council share some mental tricks and specific types of language that employees can use to feel more comfortable and confident in negotiations with their direct support.
1. Model Honest Dialogue And Transparency
Courage, dialogue and transparency are keys to happiness anywhere in life, but the inherent power dynamics within organizations can stifle them. As a leader, I am far more interested in having conversations about these very things—how do we as a team enable courage, dialogue and transparency?—rather than trying to solve the areas for negotiations in isolation. Start by modeling honest dialogue. - Nick Bolton, Animas Centre for Coaching
2. Have A Clear Shared Intention And Trust
Successful negotiations are rooted in having a clear shared intention and trust. Consider what your boss values at work (their measure of your success) and prepare to communicate evidence of how you contribute to that intention through your skills, experiences, work ethic and so forth. By reflecting on your accomplishments and competencies, you will radiate more confidence and trust. - Vered Kogan, Momentum Institute
3. Use Affirmative Language With Yourself
The reason an employee, or anyone for that matter, feels awkward when negotiating for anything is because, internally, they don’t feel as if they deserve what it is they want. Reframing the language one uses about oneself is therefore key. Affirming yourself by saying, “I deserve this (whatever this may be), and I am worthy of it” is a surefire way to mentally prepare for that negotiation. - Dr. Rakish Rana, The Clear Coach
Continue reading: https://www.forbes.com/sites/forbescoachescouncil/2022/05/04/15-ways-to-feel-more-comfortable-negotiating-with-your-boss/?sh=4fa43da66005