Januar 2017 - Seite 77 von 187 - Cloud Computing Köln

John Paczkowski / BuzzFeed News

Jim Ray is the kind of urban-dwelling liberal who you’d think finds prepping a little silly. Stockpiling food and ammo in anticipation of some civilization-destroying cataclysm? That, he says, is the province of nutty conservatives, and Ray, 37, isn't one of them. He lives in a one-bedroom apartment in San Francisco with his wife, Sadie, and their toddler. He works in developer support at the popular software startup Slack. He doesn&039;t own a gun, and he has no plans to buy one. He and his wife did get an earthquake preparedness kit when they moved here from Seattle five and a half years ago — but every San Franciscan needs an earthquake kit.

Then, around the start of the new year, Ray looked through the earthquake kit to check whether any perishables — batteries, glow sticks, calorie food bars — were expired. He had performed this ritual in years past, but with a Trump presidency on the horizon, this time it felt weightier. So when he ordered replacement items on Amazon, he also bought some new things, like a tarp, “just so I could set up a mini shelter if we needed to,” and a water-filtration straw.

“There&039;s this undeniable feeling — is there something else we need to be preparing for?” he said. “The world in general feels more tumultuous than it did, in a lot of ways. For liberally minded people, the election made that a reality in a way that it wasn&039;t before.”

As many liberals look toward President-elect Trump&039;s inauguration on Friday with a feeling of impending doom, some are taking inspiration from preppers on the other end of the political spectrum. Theirs is a quieter kind of prepping, with a degree of self-consciousness — and it involves a lot less weaponry. Some anxious souls are buying jugs of water and dehydrated meals — or even, in at least one case, obtaining foreign visas and unregistered vehicles — while others are simply considering their earthquake kits and backpacking gear in a new light.

There&039;s a sense in which prepping for a Trump administration is basically incompatible with liberal values. It&039;s not based on science, or, if we&039;re being honest, any hard evidence at all. To imagine a civilization-altering catastrophe under the Trump administration, you have to make several mental leaps. Still, Trump&039;s erratic tweets and other pronouncements can easily fuel such fantasies. Many of those dabbling in prepping are, they say, just playing it safe.

At Disaster Supply Center, a survival kit store in San Rafael, half an hour&039;s drive north of San Francisco, car kits — with food, water, blankets, ponchos, flashlights, and tents — have been flying off the shelves. Sales in January were up between 20% and 30% compared with a year earlier, according to Michael Skyler, who owns the business along with his wife, Mona. (He declined to disclose exact figures.)

“The instability in the political arena has brought some people out to just get prepared, not knowing what may happen,” Skyler said. “People see it&039;s possible to have more than just a natural disaster.”

One concerned citizen, Deb, who asked that her last name be withheld, lives in a rural area in the middle of Pennsylvania where extreme weather or natural disasters aren&039;t really a concern. Apart from first aid items in her car, she didn&039;t own emergency preparedness supplies. But right before the election, when there was speculation in the press over whether President Obama would retaliate against the Russians for hacking the Democratic National Committee, the possibility of an escalating cyberwar suddenly seemed real, so Deb ordered a cubic water container from Amazon. Anxious for it to arrive, she went to get another one at Walmart.

“And I never shop at Walmart, liberal that I am,” Deb, who is in her mid-40s, said with a laugh. She now has two water containers, totaling 12 gallons. “It definitely feels a bit like overkill, because I definitely have cans of seltzer water lying around, too.”

Later, in December, Deb came across the blog of the Survival Mom, a popular site run by a Texas mother who argues that prepping is common sense. That prompted Deb to order between $200 and $300 worth of dehydrated food — which, in a disaster scenario, she would share with her six cats. “It’s like a big grocery bill for me,” she said, noting that other packages of survival food sold online run into the thousands of dollars. An article on The Sweethome reviews site, Deb said, helped her fill in the gaps in her stash of first aid gear.

Most survival equipment is utilitarian by design, but surviving a disaster doesn&039;t have to involve bland-tasting food and off-brand products. One startup, Preppi, sells what might be described as survivalist chic. Its signature Prepster kit, encased in a vintage-inspired canvas doctor bag, includes cartons of Boxed Water, a bar of TCHO Chocolate, face and hair care products from Malin+Goetz — and a waterproof notebook from Field Notes. A one-person kit sells for $375.00, the two-person version costs $445.00, and a custom monogram is $75 extra. The actress Julie Bowen, star of the show “Modern Family,” gave the kits to the show&039;s crew as holiday presents, according to The New York Post.

He&039;s also working on protections ranging from encryption and measures to hide his network traffic, to building faraday cages in his home.

One prominent figure in the tech industry, who requested anonymity due to his security concerns, described preparations for a Trump presidency that sounded straight out of a spy novel — perhaps because they were put together with the help of a consultant from an intelligence agency. This person&039;s supplies include all the basics for disaster preparedness (water, food, medicine), as well as next-level precautions should things really go to hell (solar panels, gas masks, dehumidifiers to provide fresh water from the air).

But this tech figure has also taken precautions specifically to protect against Trump himself, as opposed to just the fallout from, say, a nuclear exchange in Asia. To that end, he is securing duplicate passports and foreign visas, as well as stashes of cash and unregistered vehicles should he need to bug out. He&039;s also working on protections to prevent being spied upon — ranging from encryption and measures to hide his network traffic, to building faraday cages in his home.

Not all prepping efforts are so elaborate. Mike Davidson, the former vice president of design at Twitter, who now lives in Seattle, said he started buying supplies a couple weeks after the election. After doing some research on online, he got water-filtration straws, hand-crank flashlights, freeze-dried and canned food, and eight five-gallon jugs of water. He&039;s considering getting a generator, too. Most of the lightweight gear, he said, is in a bag that “I could carry for miles if I needed to.” In all, he has spent “probably several hundred dollars on this.”

“I&039;m anti-gun. I would never have a gun in my house. I&039;m not going that far,” Davidson, 42, said. “But I do think if you have a house, if you have space, and you have some disposable income, it makes sense to ensure you can live for a few weeks if you have to.”

Not surprisingly, guns don&039;t seem to play a major role in preparations by liberals. Gun store owners contacted by BuzzFeed News said there hadn&039;t been any Trump-related surge in sales since the election. At least, there hasn&039;t been anything on the scale of what happened after President Obama&039;s election in 2008, when enthusiasts rushed to buy firearms and ammunition because of fears that Obama would restrict gun ownership.

“Ammo went through the roof,” said Jeff Guite, the president of the Seattle-based American Preparedness, which sells emergency kits.

And while conservatives might be interested in buying ammunition, “liberals might want to put their money into softer products,” Guite said. That includes “stoves, things that would lend more to comfort and security than protection.”

“It makes sense to ensure you can live for a few weeks if you have to.”

Jason Shellen, a longtime tech industry executive who lives in Lafayette, California, made the point that “the one thing you have in California is people who are active and outdoorsy anyway.” He said his brother in Santa Cruz had experienced a loss of water pressure in a recent storm. “And when I checked on him, he said, &039;Oh we&039;re good, we just went into our camping supplies, and we have a big thing of water.&039;”

In California&039;s Bay Area, REI has recently seen strong demand for its wilderness survival courses, and the waitlists for the latest backcountry orienteering courses are “definitely a little bit longer” than last year, according to Michael Beetham, the market coordinator for outdoor programs and outreach. In pouring rain on a recent Saturday, all 12 students in a wilderness survival course showed up, Beetham said. But he cautioned that this interest — among a population crazy for the outdoors — “could be due to any number of influences.”

Still, there is something about the prepper lifestyle that can appeal to one&039;s inner adventurer, even among those who might look askance at traditional preppers.

“There&039;s the sort of conspiratorial, militant aspect of them that I find a little bit off-putting, but there&039;s a lot of it — I&039;m an Eagle Scout — there&039;s a lot of it that reminds me of the &039;be prepared&039; mantra of being a Boy Scout,” said Ray, the Slack employee.

For people like Ray, any prepping efforts aren&039;t all-consuming in the way they are for, say, people on the National Geographic show “Doomsday Preppers.” Deb, from Pennsylvania, said it was “hard for me to even think of it being a possibility that I’d have to use the water or the food.”

“I think a lot of people who are prepping think they will have to use it, possibility imminently,” she said. “And just, I don’t know, that seems so surreal, but 2016 was so surreal that you think, well, I guess I should do this.”

Mat Honan contributed to this report.

Quelle: <a href="The Trump Administration Is Turning Cautious Liberals Into Paranoid Preppers“>BuzzFeed

19. Januar 201719. Januar 2017

da Agency

A Biotech Will Pay $100 Million Over A Monopoly Price Hike

Ziquiu / Getty Images

Mallinckrodt Pharmaceuticals has agreed to pay $100 million to settle federal and state allegations that it illegally bought rights to a competitor's drug in order to protect a monopoly and raise its drug&039;s price by 85,000%, the Federal Trade Commission said on Wednesday.

Mallinckrodt and its division Questcor Pharmaceuticals sell H.P. Acthar Gel, a drug that treats infantile spasms — rare seizures that afflict infants — as well as a kidney disorder called nephrotic syndrome. The FTC&039;s complaint alleges that Questcor violated antitrust laws by acquiring the drug in 2001, and went on to raise its price from $40 per vial to more than $34,000 today. A course of treatment, which requires multiple vials, costs more than $100,000, the agency says.

The investigation comes at a time when pharmaceutical price hikes are drawing scrutiny from politicians and the public, and shows how companies — allegedly — can suppress competition in order to charge more for their products.

“We are pleased with the agreement reached to resolve this legacy matter, although we continue to strongly disagree with allegations outlined in the FTC&039;s complaint, believing that key claims are unsupported and even contradicted by scientific data and market facts, and appear to be inconsistent with the views of the FDA,” the United Kingdom company said in a statement. The agreement was made “without admission of wrongdoing,” according to the firm.

In 2013, Questcor paid Novartis $135 million for the rights to develop a drug, known as Synacthen, that could have competed with Acthar in the United States, according to the FTC.

Ironically, Questcor outbid Retrophin — then run by none other than Martin Shkreli, who is now notorious for hiking the price of another drug, Daraprim. And in 2014, Retrophin sued Questcor, saying the purchase was illegal because it shut down a drug that could compete with Acthar. (That lawsuit settled for $15.5 million.)

Achatr generated more than $1 billion in US revenue in 2015, according to the FTC.

“We charge that, to maintain its monopoly pricing, it acquired the rights to its greatest competitive threat, a synthetic version of Acthar, to forestall future competition,” FTC Chairwoman Edith Ramirez said in a statement. “This is precisely the kind of conduct the antitrust laws prohibit.”

As part of the settlement, Questcor must also grant a license to develop Synacthen to treat infantile spasms and nephrotic syndrome to a licensee approved by the FTC. The states of Alaska, Maryland, New York, Texas, and Washington joined the FTC’s complaint.

Mallinckrodt&039;s stock was temporarily halted before the FTC settlement was announced, and ended the day down about 6%.

“The monopoly power of the pharmaceutical industry is the single greatest reason prices are high and Americans can&039;t afford their medicine,” Peter Maybarduk, Access to Medicines director at the consumer rights advocacy group Public Citizen, told BuzzFeed News. “It&039;s a critical issue and it&039;s good to see the FTC pushing on it.”

From 1991 through 2015, the pharmaceutical industry paid state and federal agencies a total of $35.7 billion to settle allegations of violations like illegally marketing drugs for off-label uses and overcharging taxpayer-funded health programs like Medicare and Medicaid, according to a Public Citizen analysis.

“Americans see the government moving to stop price abuse as a very important deal for this next government, and there&039;s some potential bipartisan support for it,” Maybarduk said, referring to how President-elect Donald Trump has pledged to crack down on drug prices. “The problem, like always, is the power and influence of the pharmaceutical lobby, and we have to see if our government is willing to stand up to it.”

LINK: Meet The Man Who Raised The Price Of A Lifesaving Drug From $13.50 To $750

Quelle: <a href="A Biotech Will Pay 0 Million Over A Monopoly Price Hike“>BuzzFeed

19. Januar 201719. Januar 2017

da Agency

Here’s What The Tech Workers Protesting Palantir Hope To Accomplish

Palantir CEO Alex Karp

Sean Gallup / Getty Images

Roughly 60 people braved a rainstorm this morning to demonstrate outside the headquarters of Palantir Technologies, the secretive Silicon Valley company considered by some to be best positioned to help the Trump administration built a Muslim registry, given its role in building black box software systems that are already used to facilitate workplace raids and deportations. The crowd, assembled in water-logged windbreakers and sopping down coats, included employees from Facebook and other tech companies, along with labor activists, and students from nearby Stanford University. The hour-long protest was staged to pressure Palantir into more accountability and transparency around the databases it has built.

Palantir has made some conciliatory efforts since the protest was announced in the first week of January. After weeks of ignoring questions from BuzzFeed News and other outlets about a Muslim registry, the company — and its influential board member Peter Thiel, a top advisor to President Elect Donald Trump — broke their silence: “If we were asked, we wouldn’t do it,” Palantir CEO Alex Karp told Forbes. The company was also hospitable to protesters, putting out a table of free Philz coffee with a little Palantir logo.

Nitasha Tiku / BuzzFeed News

But demonstrators saw the protest as a chance to push Palantir to be even more accountable. “Well, did they meet the demands? I mean, we didn’t demand coffee,” Gilbert Bernstein, a Stanford PhD student in computer science told BuzzFeed News. Bernstein, who was also present at a recent meeting of the Bay Area Tech Solidarity Meetup, pointed out that Palantir could easily be playing coy, considering that databases that track Muslim-Americans like NSEERS have already been built. “They just play games with the terms,” he said.

Palantir’s dealings with President -Elect Donald Trump have been under particular scrutiny given new reports in The Intercept and The Verge about Palantir’s role in building government intelligence systems like Analytical Framework for Intelligence (AFI) and FALCON that would most likely be employed if Trump follows through with comments on “extreme vetting” of Muslims or increased deportations.

Then there’s Thiel’s growing closeness with Trump. Both Thiel and Karp, who donated to Hillary Clinton’s campaign, were present at January's closed-door meeting at Trump Tower with the President-Elect and his children.

Nitasha Tiku / BuzzFeed News

Under a staggered canopy of umbrellas, protesters held signs with slogans like “Protest Not Profits,” and “#DoBetter,” a reference to the website and slogan for today’s demonstration.

Jason Prado, a Facebook engineer who helped put together today’s event, said that Karp’s statement was great, but it’s still imperative to “raise awareness about this company that lives right in our backyard in Silicon Valley and is building tools that we don’t think agree with the values of Silicon Valley.”

The protest was organized by the Tech Workers Coalition, Bay Area group that includes tech industry employees, labor organizers, and other activists, and their requests of Palantir are significant, such as asking Palantir to disclose any steps the company has taken or plans to take in order to prevent abuses of AFI and FALCON.

“Palantir is particularly well poised to profit from potential policies that the next administration might roll out and has already established very lucrative contracts [for databases that could] very easily be used for horrific purposes,” Shahid Buttar, director of grassroots advocacy at the Electronic Frontier Foundation (EFF) told BuzzFeed News.

Tech giants like Facebook, Google, IBM, and Apple have all publicly vowed not to help build a Muslim registry, but, just like Palantir, they initially hoped to avoid making a public statement.

Nitasha Tiku / BuzzFeed News

In fact, today’s protest took a page from the engineers behind the Never Again pledge, which put pressure on tech companies by hit them where it hurts: their workforce. After their employees vowed not to help build a Muslim registry, their bosses followed suit. Today’s protest comes with its own pledge from Stanford students and alumni who pledge not to work for Palantir and “to continue to questioning Palantir’s outsized presence and reputation in our community.”

“I come from Stanford, where they are one of the top recruiters in Silicon Valley,” Prado told BuzzFeed News. “The Stanford [computer science] department just kind of pours into Palantir.” As of last night, more than 75 people had signed the pledge including numerous Stanford students and alumni, as well as employees from Apple, Twitter, Slack, and Asana.

“By showing up to the Palantir headquarters and exerting our physical presence, we want to send a message to employees,” designer Sophie Xie, a former product designer at Facebook who helped make the protest website at DoBetter.tech told BuzzFeed News. “It’s pretty clear that employees are one of the most powerful levers that can fight for change internally.”

Nitasha Tiku / BuzzFeed News

None of the protesters that BuzzFeed spoke with seemed to be under the illusion that their demands would be met. (Their final request is to “dismantle the AFI and FALCON databases entirely” if abuses can’t be accounted for and prevented.) But this direct action is part of the Silicon Valley’s proletariat testing the bounds of their influence.

“Pre-Trump election, there was a sense that we believed in the mission of our companies maybe in a purer way,” said Xie.

BuzzFeed News asked to enter the building to speak to someone from Palantir about the protest, but were told that no one could enter without an ID. An email to Palantir&039;s media relations went unanswered. However, BuzzFeed News did hear back from four of the outside experts who advise Palantir’s Privacy and Civil Liberties Team. All four said that the team is still active and meets three or four times a year, but could not say whether they had discussed a Muslim registry.

Quelle: <a href="Here’s What The Tech Workers Protesting Palantir Hope To Accomplish“>BuzzFeed

19. Januar 201719. Januar 2017

da Agency

Google Cloud Audit Logging now available across the GCP stack

By Joe Corkery, Product Manager

Google Cloud Audit Logging helps you to determine who did what, where and when on Google Cloud Platform (GCP). This fall, Cloud Audit Logging became generally available for a number of products. Today, we’re significantly expanding the set of products integrated with Cloud Audit Logging:
Google Compute Engine
Google Container Engine
Google Cloud Dataproc
Google Cloud Deployment Manager
Google Cloud DNS
Google Cloud Key Management Service (KMS)
Google Cloud Storage
Google Cloud SQL
The above integrations are all currently in beta.

We’re also pleased to announce that audit logging for Google Cloud Dataflow, Stackdriver Debugger and Stackdriver Logging is now generally available.

Cloud Audit Logging provides log streams for each integrated product. The primary log stream is the admin activity log that contains entries for actions that modify the service, individual resources or associated metadata. Some services also generate a data access log that contains entries for actions that read metadata as well as API calls that access or modify user-provided data managed by the service. Right now only Google BigQuery generates a data access log, but that will change soon.

Interacting with audit logs in Cloud ConsoleYou can see a high-level overview of all your audit logs on the Cloud Console Activity page. Click on any entry to display a detailed view of that event, as shown below.

By default, data access logs are not displayed in this feed. To enable them from the Filter configuration panel, select the “Data Access” field under Categories. (Please note, you also need to have the Private Logs Viewer IAM permission in order to see data access logs). You can also filter the results displayed in the feed by user, resource type and date/time.

Interacting with audit logs in StackdriverYou can also interact with the audit logs just like any other log in the Stackdriver Logs Viewer. With Logs Viewer, you can filter or perform free text search on the logs, as well as select logs by resource type and log name (“activity” for the admin activity logs and “data_access” for the data access logs).

Here are some log entries in their JSON format, with a few important fields highlighted.
In addition to viewing your logs, you can also export them to Cloud Storage for long-term archival, to BigQuery for analysis, and/or Google Cloud Pub/Sub for integration with other tools. Check out this tutorial on how to export your BigQuery audit logs back into BigQuery to analyze your BigQuery spending over a specified period of time.
“Google Cloud Audit Logs couldn’t be simpler to use; exported to BigQuery it provides us with a powerful way to monitor all our applications from one place.” — Darren Cibis, Shine SolutionsPartner integrationsWe understand that there are many tools for log analysis out there. For that reason, we’ve partnered with companies like Splunk, Netskope, and Tenable Network Security. If you don’t see your preferred provider on our partners page, let us know and we can try to make it happen.

Alerting using Stackdriver logs-based metricsStackdriver Logging provides the ability to create logs-based metrics that can be monitored and used to trigger Stackdriver alerting policies. Here’s an example of how to set up your metrics and policies to generate an alert every time an IAM policy is changed.

The first step is to go to the Logs Viewer and create a filter that describes the logs for which you want to be alerted. Be sure that the scope of the filter is set correctly to search the logs corresponding to the resource in which you are interested. In this case, let’s generate an alert whenever a call to SetIamPolicy is made.

Once you’re satisfied that the filter captures the correct events, create a logs-based metric by clicking on the “Create Metric” option at the top of the screen.

Now, choose a name and description for the metric and click “Create Metric.” You should then receive a confirmation that the metric was saved.
Next, select “Logs-based Metrics” from the side panel. You should see your new metric listed there under “User Defined Metrics.” Click on the dots to the right of your metric and choose “Create alert from metric.”

Now, create a condition to trigger an alert if any log entries match the previously specified filter. To do that, set the threshold to “above 0″ in order to catch this occurrence. Logs-based metrics count the number of entries seen per minute. With that in mind, set the duration to one minute as the duration specifies how long this per-minute rate needs to be sustained in order to trigger an alert. For example, if the duration were set to five minutes, there would have to be at least one alert per minute for a five-minute period in order to trigger the alert.

Finally, choose “Save Condition” and specify the desired notification mechanisms (e.g., email, SMS, PagerDuty, etc.). You can test the alerting policy by giving yourself a new permission via the IAM console.

Responding to audit logs using Cloud Functions
Cloud Functions is a lightweight, event-based, asynchronous compute solution that allows you to execute small, single-purpose functions in response to events such as specific log entries. Cloud functions are written in JavaScript and execute in a standard Node.js environment. Cloud functions can be triggered by events from Cloud Storage or Cloud Pub/Sub. In this case, we’ll trigger cloud functions when logs are exported to a Cloud Pub/Sub topic. Cloud Functions is currently in alpha, please sign up to request enablement for your project.

Let’s look at firewall rules as an example. Whenever a firewall rule is created, modified or deleted, a Compute Engine audit log entry is written. The firewall configuration information is captured in the request field of the audit log entry. The following function inspects the configuration of a new firewall rule and deletes it if that configuration is of concern (in this case, if it opens up any port besides port 22). This function could easily be extended to look at update operations as well.

Licensed under the Apache License, Version 2.0 (the “License”);
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an “AS IS” BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

‘use strict';

exports.processFirewallAuditLogs = (event) => {
const msg = JSON.parse(Buffer.from(event.data.data, ‘base64′).toString());
const logEntry = msg.protoPayload;
if (logEntry &&
logEntry.request &&
logEntry.methodName === ‘v1.compute.firewalls.insert’) {
let cancelFirewall = false;
const allowed = logEntry.request.alloweds;
if (allowed) {
for (let key in allowed) {
const entry = allowed[key];
for (let port in entry.ports) {
if (parseInt(entry.ports[port], 10) !== 22) {
cancelFirewall = true;
break;
}
}
}
}
if (cancelFirewall) {
const resourceArray = logEntry.resourceName.split(‘/’);
const resourceName = resourceArray[resourceArray.length – 1];
const compute = require(‘@google-cloud/compute’)();
return compute.firewall(resourceName).delete();
}
}
return true;
};
As the function above uses the gcloud Node.js module, be sure to include that as a dependency in the package.json file that accompanies the index.js file specifying your source code:
{
“name” : “audit-log-monitoring”,
“version” : “1.0.0”,
“description” : “monitor my audit logs”,
“main” : “index.js”,
“dependencies” : {
“@google-cloud/compute” : “^0.4.1″
}
}
In the image below, you can see what happened to a new firewall rule (“bad-idea-firewall”) that did not meet the acceptable criteria as determined by the cloud function. It’s important to note, that this cloud function is not applied retroactively, so existing firewall rules that allow traffic on ports 80 and 443 are preserved.

This is just one example of many showing how you can leverage the power of Cloud Functions to respond to changes on GCP.

Conclusion
Cloud Audit Logging offers enterprises a simple way to track activity in applications built on top of GCP, and integrate logs with monitoring and logs analysis tools. To learn more and get trained on audit logging as well as the latest in GCP security, sign up for a Google Cloud Next ‘17 technical bootcamp in San Francisco this March.
Quelle: Google Cloud Platform

19. Januar 201719. Januar 2017

da Agency

Can blockchain secure supply chains, improve operations and solve humanitarian issues?

In my last post, I posed the question: What does identity mean in today’s physical and digital world? I was coming off the ID2020 Summit at the UN where we announced our work on blockchain self-sovereign identity. What struck me most was the magnitude of the problems identified and I haven’t been able to stop thinking about solving these already at scale problems ever since. One of the things that Microsoft thinks about when it looks at products is solving problems at scale. It is and has always been a mass market product juggernaut. Yesterday we strove for a vision of “a PC on Every Desk” and today we look to Azure, our hyperscale cloud to solve the world’s productivity problems at scale through massive compute, memory and storage workloads operating at a nice little hum in datacenters that span the globe. But I digress.

The important question is: How do we take this DNA and think about societal problems that already exist at scale? We have proven that most technology in one form or another can perform when architected for scale. But where and how do we start and then how do we penetrate with swarms of adoption to make meaningful impact on society’s greatest problems?

I started to think about where the problem space crosses the corporate and enterprise landscape. What if we can link corporate objectives directly to the problem of child labor? What if we can find businesses that might benefit from the exploitation witnessed and eliminate them? Alas, these approaches are too direct and won’t scale as first steps on this journey.

Another approach would be to look at ways we can back into solving the problems. So I began to think more indirectly about the attack surfaces that corporations operate on where there might be child labor, trafficking or other infractions. If we could identify large attack surfaces in a specific industry that might be a good starting point. This led me squarely to an industry I know very well that has been struggling to evolve ever since Amazon entered their playground: Retailers, Brands, and Ecommerce sites. The landscape gives us an unprecedented opportunity to maximize coverage via a corporate attack surface trifecta:

1. Retailers: think Macy’s, Nordstrom, Best Buy

2. Brands: think Perry Ellis, Nike, Under Armor

3. Ecommerce: Amazon, Tmall, and all of the retail.com variants like Macys.com

The one thing they all have in common is Supply Chain.

Their supply chain ends in the developed world with retail stores to shippers, truck drivers, dock and port workers and their employers. It extends back to overseas warehouses, distribution centers and all of their laborers, whether contracted, full time or part time or temporary workforce. The origin of the supply chain extends all the way back to the factory and local shippers handling the goods.

Take the case of a company like Perry Ellis that is tagging each item of clothing at the manufacturing factory, called source tagging. When a worker hangs a tag on a piece of clothing or sews an RFID tag into a pair of jeans the life of the tracked good begins. Retailers and brands have been evaluating and deploying RFID and other sensor and tracking technology in the Supply Chain and Retail stores for many years. In 2004 I built an RFID Practice at IBM Global Services. That year Walmart demanded all of its suppliers tag their products with RFID.

So, like other blockchain projects, this begs the question, why now? What is so special about this technology that lets us simultaneously add value to Macys.com and Perry Ellis while starting to chip away at one part of the un-identified, trafficked or exploited world population?

I believe the answer lies in a very subtle tweak to the existing tracking systems that are being deployed across the entire retail and ecommerce landscape. What if we could use something like RFID chips and scanners to securely and provably identify every touchpoint of every piece of product all along the supply chain? Why does that add value if we are sort of doing that already?

A little history. The reason tracking tags like RFID are being deployed by brands and retailers is to be able to effectively compete with Amazon.com. What is the single biggest competitive threat a retailer has against Amazon? The answer is a seemingly simple feature on a website:

“Buy Online, Pick up In store”

Underneath what looks like a simple ecommerce site feature lies a very big problem: Inventory Transparency. Retailers cannot effectively invoke this competitive advantage without Inventory Transparency. Retailers cannot achieve Inventory Transparency without RFID or other tracking tags.

RFID systems today simply allow you to track inventory at each waypoint in the supply chain and all the way through the retail store stockroom, floor and checkout. On any given day, you can tell in which part of your supply chain or store replenishment process your product is located. Part of the challenge is that many systems deployed today don’t do a good job providing visibility tracking all the way through the supply chain. This is partly because of siloed tracking systems and databases that live in a multitude of legal entities.

So why is it that even with all of this tracking, there is still a high percentage of lost product due to fraud?

How can a simple identity tweak improve this situation for retailers and brands while simultaneously chipping away at child exploitation?

Enter the trust protocol we call blockchain and specifically blockchain self-sovereign identity. The state change is to plug the holes in your supply chain by identifying and provably tracking every scan at a waypoint by a device or human being operating in your supply chain. This starts with the factory worker who sews the RFID tag into the jeans to the Distribution Center RFID Door reader to the employees or contractors at the DC. It extends to the entities involved, the factory owner, the Contractor that employs the DC contractors, etc. By doing this you create a closed system of verifiably known actors across the supply chain. Blockchain also lets us create a shared single ledger of truth across these independently owned waypoints, driving forward full supply chain inventory transparency. We are using this concept in a number of projects to reduce fraud in other industries. This use case meets my sniff test criteria for blockchain value in a project.

Blockchain can provide value if:

1. There is fraud or lack of trust in the system

2. There are multiple parties to a transaction

This identity tweak takes a corporate system used for tracking goods and transforms it into a system that can reduce fraud, operating costs, and product loss while simultaneously reducing reliance on exploited people, not to mention new opportunities for supply chain financing and insurance.

Should a box of Perry Ellis jeans fall out of the supply chain somewhere, it will immediately be known when it does not reach the next waypoint in the expected time. The forensic investigation will start with the prior transaction that recorded the custody of that item at the prior touch point. A blockchain identity creates the provable record of who last touched the product. This factor holds workers and contracting companies accountable. Reputation gets asserted or attested for that worker and that reputation is rolled up to the Contracting company to create a reputation score for the vendor.

The result is that Supply Chain Contractors will stop hiring unverified or reputationally attested high risk workers. This system of compliance and rating will force Supply Chain workers to be held accountable for their actions therefore reducing fraud (the corporate benefit) while simultaneously requiring a worker to register a self-sovereign identity that travels with them from job to job. This small tweak to existing RFID deployments paid for by corporations will drive undocumented workers from the system over time thus beginning the process of chipping away at the 1.5B undocumented and exploited people identified by the UN’s Sustainable Development Goal 16.9.

Is this the beginning of an opportunity to offer a “Verifiably Clean Supply Chain Certification” for brands, retailers and ecommerce sites? It is certainly achievable technically. My thesis is even if social responsibility isn’t a big enough reason, there are enough financial reasons to move forward. To this end we have launched Project Manifest and made recent announcements with partners like www.Mojix.com and ID2020. More details in my next post.
Quelle: Azure

Hello, you. You probably don’t look like a magical beautiful cartoon. Well, there’s a fix for that!