Tsunami of Technologies. Are we prepared?
Slide from workshop with open source community in Malaysia.
"Bengkel Bersama Komuniti Sumber Terbuka Bilangan 1 Tahun 2020" in De Baron Resort, Langkawi, Kedah, Malaysia
Designing IA for AI - Information Architecture Conference 2024
Tsunami of Technologies. Are we prepared?
1. 1
TSUNAMI OF TECHNOLOGIES
ARE WE PREPARED?
FEBRUARY 3, 2020FEBRUARY 3, 2020FEBRUARY 3, 2020FEBRUARY 3, 2020
MOHD SYUKOR ABDULMOHD SYUKOR ABDULMOHD SYUKOR ABDULMOHD SYUKOR ABDUL
2. 2
AGENDA
Open SourceOpen Source
Hardware
Architecture
Hardware
Architecture
Post QuantumPost Quantum
2FA
Authentication
2FA
Authentication
Web TechsWeb Techs
Decentralized
Identity
Decentralized
Identity
Software
Development
Software
Development
Programming
Languages
Programming
Languages
Cross Platform
UI
Cross Platform
UI
Web
Framework
Web
Framework
Mobile
Development
Mobile
Development
Our
Preparation
Our
Preparation
Tech TrendsTech Trends
01 02 03 04 05 06 07 08START
END 15 14 13 12 11 10 09
UI Design
Concept
UI Design
Concept
Development
Tools
Development
Tools
7. 7
Too Many Technologies …
Blockchain Robotics
Drones
Internet of
Things
Machine Learning
Distributed
Ledger Tech
Virtual Reality
Augmented
Reality
Automation
Machine to
Machine
Autonomous
Vehicle
5G Network
3D Printing
Artificial
Intelligent
Decentralized
Identity
Self Sovereign
Identity
Big Data
Analytics
Predictive
Analytics
Predictive
Maintenance
Cloud
Distributed Cloud
Edge Computing
Fog Computing
Sentiment
Analysis
DevSecOps
Agile
RISC-V
Quantum
Computing
Post Quantum
Cryptography
DevOps
Penetration
Testing
Software Testing
Container
Technology
Serverless
Deep Learning
Open Source
Open Standard
Software Defined
Network
CI/CD
Multi-Factor
Authentication
Two-Factor
Authentication
Decentralized
Web
10. 10
Why Open Source?
Open source is becoming the backbone for driving
digital innovation.
Open-source software is used within mission-
critical IT workloads by over 95% of the IT
organizations worldwide, whether they are aware
of it or not.
To foster open innovation and to exploit new ideas
at a lower cost.
Vibrancy and helpfulness of community support
and documentation in the community forms.
To prevent vendor lock-in.
No single entity has exclusive control over an open-
source project.
Use best practices for development.
Source: Gartner – What Innovation Leaders Must Know About Open-Source Software
12. 12
New Hardware Architecture … RISC-V
Source: RISC-V Foundation, SiPEED, SiFive, YouTube
Open source Instruction Set Architecture (ISA).
Start at University of California, Berkeley in
2010 and contributors all around the world.
Permissive open source license.
Open specification make it easier for
developers.
Boards for RISC-V available since 2018 (SiFive,
SiPEED, LowRISC).
RISC-V came in 32bits (RV32) and 64bits
(RV64) version.
Designed for general purpose computing and
also for the Internet of Things (IoT).
Some boards came with AI processors.
14. 14
Post Quantum Cryptography (PQC)
Source: NIST - Post-Quantum Cryptography
If large-scale quantum computers are ever built, they will be able to break many of
the public-key cryptosystems currently in use.
This would seriously compromise the confidentiality and integrity of digital
communications on the Internet and elsewhere.
Post-quantum cryptography (sometimes referred to as quantum-proof, quantum-
safe or quantum-resistant) refers to cryptographic algorithms (usually public-key
algorithms) that are thought to be secure against an attack by a quantum
computer.
Post-Quantum Cryptography Standardization is a project start on 2016 by NIST to
standardize post-quantum cryptography.
Currently on Round 2 Post-Quantum Cryptography Standardization, there 17
algorithms for Public-key Encryption and Key-establishment Algorithms, and 9
algorithms for Digital Signature Algorithms.
• How long does encryption need to
be secure (x years)
• How long to re-tool existing
infrastructure with quantum safe
solution (y years)
• How long until large-scale quantum
computer is built (z years)
16. 16
{ Two, Multi}-Factor Authentication
Source: SoloKeys, NitroKeys, Google OpenSK, FreeOTP, PrivacyIDEA
Multi-factor authentication (MFA) is an authentication
method in which a computer user is granted access
only after successfully presenting two or more pieces
of evidence (or factors) to an authentication
mechanism.
Two-factor authentication (also known as 2FA) is a
type, or subset, of multi-factor authentication. It is a
method of confirming users' claimed identities by
using a combination of two different factors:
(1) something they know,
(2) something they have, or
(3) something they are.
17. 17
Open Source 2FA Security Key – Google OpenSK
Source: Google OpenSK
Google launched OpenSK on Jan 30, 2020 — an open-source
project that lets developers build their own 2FA security keys.
OpenSK supports both the FIDO U2F and FIDO2 standards.
OpenSK is written in Rust and runs on TockOS for better
isolation and cleaner OS abstractions.
Rust has strong memory safety which can help protect against
logical attacks, whilst TockOS offers a sandboxed architecture
for better isolation of the security key applet, drivers, and
kernel.
With this early release, developers will be able to flash OpenSK
on a Nordic chip dongle.
The Nordic chip dongle supports all of the major features of
FIDO2, such as NFC, Bluetooth Low Energy, USB, and a
dedicated hardware crypto core.
Current firmware implementation is based on the published
CTAP2.0 specifications of FIDO standards.
Current OpenSK supported cryptography algorithms: ECDSA,
ECC secp256r1, HMAC-SHA256 and AES256.
GitHub repo: https://github.com/google/OpenSK
19. 19
Decentralized Web
Source: Solid (MIT), Inrupt
The decentralized web, also called web 3.0 is
a vision of the next generation internet as a
peer to peer network built around blockchain
technology, where users own their own data,
data is portable, computing and storage
resources are provided by end-users within
distributed networks, apps run locally on end-
user devices and platforms are decentralized
and autonomous.
Tim Berners-Lee, Father of the World Wide
Web, working on a project called Solid, an
open-source project built on the existing web
meant to give people control over their own
data.
Using Solid, users can keep their data
wherever they choose, rather than being
forced to store it on centralized servers.
20. 20
InterPlanetary File System (IPFS)
Source: IPFS, IADIS
IPFS is a peer-to-peer network for storing and
accessing files, websites, applications, and
data in a distributed file system.
Content is accessible through peers that
might relay information or store it (or do
both), and those peers can be located
anywhere in the world.
The file, and all of the blocks within it, is
given a unique fingerprint called a
cryptographic hash.
Some blockchain/DLT used IPFS for storing
large files/documents such as MRI images.
BlockchainBlockchainBlockchainBlockchain----based Distributed Electronic Health Recordsbased Distributed Electronic Health Recordsbased Distributed Electronic Health Recordsbased Distributed Electronic Health Records
22. 22
Self Sovereign Identity (SSI)
Source: Decentralized Identity Foundation, Sovrin SSI, IBM Blockchain, Hyperledger Indy
Solving the identity silo problem
begins with a digital identity that
you literally own, not just control
— a “self-sovereign” identity.
Emerging Standards
23. 23
IMAGINE!!!
Source: Me
Gov.MY Quantum Safe National DLT
Gov.MY National DID
BANK XYZ
issue “Kad Pengenalan”
issue “Lesen Memandu”
issue “Akaun KWSP”
issue “Kad OKU”
NATIONAL CITIZEN IDENTITY SYSTEM
National Citizen
Digital Wallet
show claim
verify proof
countersign
claim
25. 25
DevOps / DevSecOps
Source: DevOps & DevSecOps
DevOps is an IT mindset that encourages
communication, collaboration, integration and
automation among software developers and IT
operations in order to improve the speed and
quality of delivering software.
DevSecOps is the philosophy of
integrating security practices
within the DevOps process.
30. 30
New Programming Language … Zig
Source: ZigLang
Zig is a general-purpose programming language designed for
robustness, optimality, and maintainability
Created by Andrew Kelley in 2016.
Zig competes with C instead of depending on it.
Supports multi architectures.
Cross-compiling is a first-class use case.
Zig supports building for WebAssembly out of the box.
Came with Zig Build System.
Supports: Windows, Linux, FreeBSD and MacOS.
Current version: 0.5.0 (Oct 1, 2019)
31. 31
New Programming Language … Deno
Source: DenoLand
Deno is a secure runtime for JavaScript and TypeScript.
Created in 2018 by Ryan Dahl, the creator of NodeJS, to fix
flaws in NodeJS and to create modern development platform.
Deno is built on Rust, V8, TypeScript and Tokio.
Very experimental and for brave heart developers.
Target version 1.0 in early 2020.
Supports: Windows, Linux and MacOS.
Current version: v0.31.0 (Jan 24, 2020)
32. 32
WebAssembly (Wasm)
Source: WebAssembly (https://webassembly.org/)
WebAssembly (abbreviated Wasm) is a binary instruction format for a
stack-based virtual machine.
Wasm is designed as a portable target for compilation of high-level
languages like C/C++/Rust, enabling deployment on the web for client
and server applications.
WebAssembly aims to execute at native speed by taking advantage of
common hardware capabilities available on a wide range of platforms.
WebAssembly will enforce the same-origin and permissions security
policies of the browser.
WebAssembly modules will be able to call into and out of the JavaScript
context and access browser functionality through the same Web APIs
accessible from JavaScript.
WebAssembly 1.0 has shipped in 4 major browser engines (Chrome,
Edge, Firefox, Safari) and supported in over 20 different programming
languages.
33. 33
WebAssembly & LLVM De facto Relationship
Source: https://itnext.io/the-anatomy-of-webassembly-writing-your-first-webassembly-module-using-c-c-d9ee18f7ac9b
34. 34
The Resurgence of .NET Core
Source: Microsoft
.NET Core is an open-source, general-purpose
development platform maintained by Microsoft
and the .NET community on GitHub.
It's cross-platform (supporting Windows,
macOS, and Linux) and can be used to build
device, cloud, and IoT applications.
The latest version is .NET Core 3.1 and is a long-
term supported (LTS) release.
.NET Core also come with Blazor that lets you
build interactive web UIs using C# instead of
JavaScript.
Blazor apps are composed of reusable web UI
components implemented using C#, HTML, and
CSS. Both client and server code is written in C#,
allowing you to share code and libraries.
Blazor utilized WebAssembly to deliver .NET
core into the browser platform.
35. 35
Polyglot Programming
Source: Oracle GraalVM
The GraalVM Polyglot API
lets you embed and run
code from guest
languages in JVM-based
host applications.
GraalVM offers a comprehensive ecosystem
supporting a large set of languages (Java and
other JVM-based languages, JavaScript, Ruby,
Python, R, and C/C++ and other LLVM-based
languages) and running them in different
deployment scenarios (OpenJDK, NodeJS, Oracle
Database, or standalone).
37. 37
Cross Platform UI - Qt
Source: Qt
Qt (pronounced "cute") is a widget toolkit
for creating graphical user interfaces as
well as cross-platform applications that
run on various software and hardware
platforms with little or no change in the
underlying codebase while still being a
native application with native
capabilities and speed.
Qt is available under both commercial
licenses and open source.
Supported platform: Linux, Windows,
MacOS, Android, iOS and embedded
platform.
Supported programming languages: C++,
Python, Rust, C#, WebAssembly, Go,
NodeJS
39. 39
Web Framework – Vue.js
Source: Vue.js
Vue.js is a progressive, incrementally-
adoptable JavaScript framework for building UI
on the web.
It is designed from the ground up to be
incrementally adoptable, and can easily scale
between a library and a framework depending
on different use cases.
It consists of an approachable core library that
focuses on the view layer only, and an
ecosystem of supporting libraries that helps
you tackle complexity in large Single-Page
Applications.
Vue.js supports all browsers that are ES5-
compliant (IE8 and below are not supported).
Vue’s gentle learning curve steals the hearts of
beginners and advanced developers.
42. 42
The Rise of Flutter
Source: Flutter Website & GitHub
Flutter is an open source Google’s UI toolkit for
building beautiful, natively compiled
applications for mobile, web, and desktop from
a single codebase.
Flutter is designed for fast development,
expressive and flexible UI, and optimized for
native performance.
Flutter programming is done using Dart
programming language.
Flutter's layered architecture gives you control
over every pixel on the screen, and its powerful
compositing capabilities let you overlay and
animate graphics, video, text and controls
without limitation. Flutter includes a full set of
widgets that deliver pixel-perfect experiences
on both iOS and Android.
Visual Studio Code (VSCode) is one of the editor
used by many Flutter developer to build the
Flutter apps.
Current version: Flutter 1.14.6 (Jan 28, 2020)
Website: https://flutter.dev/
44. 44
The rise of Visual Studio Code
Source: Microsoft
Visual Studio Code is a lightweight but
powerful source code editor which runs on
your desktop and is available for Windows,
macOS and Linux.
It comes with built-in support for JavaScript,
TypeScript and Node.js and has a rich
ecosystem of extensions for other languages
(such as C++, C#, Java, Python, PHP, Go,
Flutter) and runtimes (such as .NET and Unity).
The Docker extension makes it easy to build,
manage, and deploy containerized
applications from Visual Studio Code.
In the Stack Overflow 2019 Developer Survey,
Visual Studio Code was ranked the most
popular developer environment tool, with
50.7% of 87,317 respondents claiming to use
it.
Current Version: 1.41 (November 2019)
Website: https://code.visualstudio.com/
48. 48
Our Preparation?
AVOID FAILURES
AND
COLATERAL DAMAGES
AVOID FAILURES
AND
COLATERAL DAMAGES
5W-1H:
WHAT to prepare?
WHY to prepare?
WHERE to prepare?
WHEN to prepare?
WHO to prepare?
HOW to prepare?
ARE WEARE WEARE WEARE WE
PREPAREDPREPAREDPREPAREDPREPARED????
49. 49
Our Preparation?
PEOPLE:
Is my organization optimized
for success?
TECHNOLOGY:
Am I leveraging technology
appropriately?
PROCESS:
Do my processes align with
my business objectives?
PEOPLE:
Is my organization optimized
for success?
TECHNOLOGY:
Am I leveraging technology
appropriately?
PROCESS:
Do my processes align with
my business objectives?
50. 50
Our Preparation?
Source: Adapted from Deloitte, PwC
How is your business integrating the adoption of emerging technologies with business strategy?
How many, and which technology forces do you believe provide the strongest backbone for
future innovation in your business?
How effective is your organization’s drive toward agility?
What infrastructure and technical platforms do you have in place today?
What experience do you want your customers, employees, and partners to have when they
engage with your organization?
How do you measure each new digital initiative against its alignment to organizational values
and impact on stakeholder?
Are you considering strategy, finance and risk in every steps of decision making?
Some “Deep Learning” to dive …
plus et cetera
51. 51
Our Preparation?
Source: Adapted from Deloitte, PwC
Proactively evaluate how to use technology in a way that is aligned with your company’s purpose and
core values.
Develop an approach to technology that aligns with your organization’s general compliance and
business policies.
Tailor budgeting, funding, and reporting processes to meet the evolving technology needs of the
business.
Lifelong upskilling.
Use the right tools.
Collaborative, responsive, and creative personnel with a big-picture view can bridge technology and
business to deliver value.
Create communities where personnel can share best practices.
Some “Predictive Maintenance” to explore …
plus et cetera