The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for The Big Story newsletter to receive stories like this one in your inbox.

NEW YORK—As America struggles to assess the damage from the devastating SolarWinds cyberattack discovered in December, ProPublica has learned of a promising defense that could shore up the vulnerability the hackers exploited: a system the federal government funded but has never required its vendors to use.

The massive breach, which U.S. intelligence agencies say was “likely Russian in origin,” penetrated the computer systems of critical federal agencies, including the Department of Homeland Security, the Treasury Department, the National Institutes of Health and the Department of Justice, as well as a number of Fortune 500 corporations. The hackers remained undetected, free to forage, for months.

The hackers infiltrated the systems by inserting malware into routine software updates that SolarWinds sent to customers to install on its products, which are used to monitor internal computer networks. Software updates customarily add new features, remove bugs and boost security. But in this instance, the hackers commandeered the process by slipping in malicious code, creating secret portals (called “back doors”) that granted them access to an untold bounty of government and company secrets.

The incursion became the latest — and, it appears, by far the worst — in a string of hacks targeting the software supply chain. Cybersecurity experts have voiced concern for years that existing defenses, which focus on attacks against individual end users, fail to spot malware planted in downloads from trusted software suppliers. Such attacks are especially worrisome because of their ability to rapidly distribute malicious computer code to tens of thousands of unwitting customers.

This problem spurred development of a new approach, backed by $2.2 million in federal grants and available for free, aimed at providing end-to-end protection for the entire software supply pipeline. Named in-toto (Latin for “as a whole”), it is the work of a team of academics led by Justin Cappos, an associate computer science and engineering professor at New York University. Cappos, 43, has made securing the software supply chain his life’s work. In 2013, Popular Science named him as one of its “Brilliant Ten” scientists under 40.

Cappos and his colleagues believe that the in-toto system, if widely deployed, could have blocked or minimized the damage from the SolarWinds attack. But that didn’t happen: The federal government has taken no steps to require its software vendors, such as SolarWinds, to adopt it. Indeed, no government agency has even inquired about it, according to Cappos.

“In security, you almost never go from making something possible to impossible,” Cappos told ProPublica, during two video interviews from Shanghai, where he is teaching. “You go from making it easy to making it hard. We would have made it much harder for the [SolarWinds] attackers, and most likely would have stopped the attack.” Although the SolarWinds breach was a “really sneaky” approach, Cappos said, “in-toto definitely can protect against this. It’s very possible to catch it.”

In-toto’s system has supporters among experts in the government and corporations. When ProPublica asked Robert Beverly, who oversees in-toto’s federal grant as a program director at the National Science Foundation, whether using in-toto could have saved the government from the hack, he replied, “Absolutely. There seems to be some strong evidence that had some of the, or all of the, in-toto technologies been in place, this would have been mitigated to some extent.” Beverly, whose NSF responsibilities include “cybersecurity innovation for cyberinfrastructure” and who is on leave from his post as a computer science professor at the Naval Postgraduate School, added that it’s impossible to know for sure what impact in-toto would have had, and that the system remains at an early stage of adoption. “Unfortunately,” said Beverly, “it often takes some of these kinds of events to convince people to use these kinds of technologies.”

Some companies have embraced in-toto, and others, like Microsoft, have expressed interest. “I am a big fan of in-toto,” Kay Williams, head of Microsoft’s initiatives in open source and supply-chain security, said in an email to ProPublica. A second Microsoft program manager, Ralph Squillace, praised in-toto in a recent NYU press release for applying “precisely to the problems of supply chain confidence the community expects distributed applications to have in the real world.” (After Williams’ initial response, Microsoft declined to comment further.)

One senator blasted the government’s failure to use a system it paid for. “The U.S. government invested millions of dollars in developing technology that can protect against this threat, and while several large technology companies have already adopted it, they are the exception,” said Sen. Ron Wyden, D-Ore., a member of the Senate Intelligence Committee. “The government can speed up industry adoption of this best practice by requiring every government contractor to implement the best available technology to protect their supply chains.”

The in-toto system requires software vendors to map out their process for assembling computer code that will be sent to customers, and it records what’s done at each step along the way. It then verifies electronically that no hacker has inserted something in between steps. Immediately before installation, a pre-installed tool automatically runs a final check to make sure that what the customer received matches the final product the software vendor generated for delivery, confirming that it wasn’t tampered with in transit.

Cappos and a team of colleagues have worked to develop the in-toto approach for years. It’s been up and running since 2018. The project received a three-year grant from the National Science Foundation that year, aimed at promoting “widespread practical use” of in-toto. (Later in 2018, President Donald Trump signed the Federal Acquisition Supply Chain Security Act, aimed at protecting government secrets from software supply-chain threats.)

In-toto could block and reveal countless cyberattacks that currently go undetected, according to Cappos, whose team includes Santiago Torres-Arias, an assistant electrical and computer engineering professor at Purdue University, and Reza Curtmola, co-director of the New Jersey Institute of Technology’s Cybersecurity Research Center. In an August 2019 paper and presentation to the USENIX computer conference, titled “in-toto: Providing farm-to-table guarantees for bits and bytes,” Cappos’ team reported studying 30 major supply-chain breaches dating back to 2010. In-toto, they concluded, would have prevented between 83% and 100% of those attacks.

“It’s available to everyone for free, paid for by the government, and should be used by everyone,” said Cappos. “People may still be able to break in and try to hack around it. But this is a necessary first step and will catch a ton of these things.” The slow pace of adoption is “really disappointing,” Cappos added. “In the long game, we’ll win. I just don’t know that we want to go through the pain that it’ll take for everyone to wise up.”

One of in-toto’s earliest adopters, starting in 2018, was Datadog, a SolarWinds competitor that provides monitoring software for internet cloud applications. Now a publicly traded company with 2020 revenues of nearly $600 million, its customers include Nasdaq, Whole Foods and Samsung. Datadog uses in-toto to protect the security of its software updates. In an NYU press release, Datadog staff security engineer Trishank Kuppusamy, who worked on the program’s design and implementation, said that what distinguishes in-toto is that it “has been designed against a very strong threat model that includes nation-state attackers.” (Datadog did not reply to ProPublica’s requests for comment.)

The General Services Administration, which provides access to software for federal government agencies, still lists SolarWinds products available for purchase. But it said in a statement that “compromised versions” of SolarWinds programs identified by DHS are no longer available.

SolarWinds itself declined to weigh in on whether its hack could have been prevented. “We are not going to speculate on in-toto and its capabilities,” a spokesman said in an emailed statement. “We are focused on protecting our customers, hardening our security and collaborating with the industry to understand the attack and prevent similar attacks in the future.”

Previously little known to the general public, SolarWinds is a public company based in Austin, Texas, with projected 2020 revenues of just over $1 billion. It boasts of providing software to 320,000 customers in 199 countries, including 499 of the Fortune 500 companies. In a recent SEC filing, the company said its flagship Orion products, the vehicle for the cyberattack, provide about 45% of its revenues. A SolarWinds slogan: “We make IT look easy.”

After the hack was discovered, SolarWinds’ stock plunged, and it is now facing shareholder lawsuits. The company has shifted aggressively into damage-control mode, hiring CrowdStrike, a top cybersecurity firm; elite Washington lobbyists; a crisis-communications advisor; and the newly formed consulting team of Christopher Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (who was famously fired for contradicting Trump’s claims of mass voting fraud) and Alex Stamos, former security chief at Facebook.

News of what’s now known as the SolarWinds attack first came on Dec. 8. That’s when FireEye, perhaps the nation’s preeminent hack-hunter, announced that it had itself fallen victim to a “highly sophisticated state-sponsored adversary” that had broken into its servers and stolen its “Red Team tools,” which FireEye uses to try to hack into the computer networks of its clients as a test of their cyber-defenses. FireEye soon discovered the attackers had gained access through corrupted updates to the SolarWinds Orion network-monitoring software that it used.

On the evening of Dec. 13, CISA issued an emergency directive, identifying SolarWinds as ground zero for the hack and alerting federal agencies using Orion products to disconnect them immediately. Over the following weeks, investigators discovered that SolarWinds had been targeted back in early September 2019, when hackers started testing their ability to inject code into its software updates. After remaining undetected for months, they inserted malware in new updates between February and June 2020. SolarWinds estimated these infected updates affected “fewer than 18,000 of its customers.”

Precisely what the hackers saw, and stole, has yet to be determined and is under investigation. But the full impact of the breach is becoming clearer, as we now know it touches several tech companies, including Microsoft. The software giant has also labored to limit the damage by helping seize an internet domain in the U.S. that the hackers used to siphon data from some SolarWinds customers.

Stamos told the Financial Times, in an interview after being hired to help SolarWinds, that he believed the attackers had embedded hidden code that would continue to give them access to companies and government agencies for years. He compared the situation to Belgian and French farmers going out into their fields where two world wars were fought and discovering an “iron harvest” of unexploded ordnance each spring.

Dmitri Alperovitch, who co-founded CrowdStrike (the cybersecurity firm SolarWinds has hired to investigate the hack) before leaving last year to start a nonprofit policy group, said he thinks that, in theory, the in-toto system could work. But he warned that software is so complex, with many products and companies in the supply chain, that no one defense is a panacea. Still, he agrees that in-toto could provide protection, and said “it’s always a good thing to have more protection for supply chains.”

Russian intelligence services have clearly identified supply-chain attacks “as a much better way to get in,” offering “a much bigger set of targets,” Alperovitch said. “This is an indictment of the entire cybersecurity industry, as well as the intelligence community, that they were able to orchestrate such a broad, sweeping attack right under our noses.”

Judiciary Antitrust Subcommittee Investigation Reveals Digital Economy Highly Concentrated, Impacted By Monopoly Power

WASHINGTON—The House Judiciary Committee’s Antitrust Subcommittee released the findings of its more than 16-month long investigation into the state of competition in the digital economy, especially the challenges presented by the dominance of Apple, Amazon, Google, and Facebook and their business practices.

The report, entitled Investigation of Competition in the Digital Marketplace: Majority Staff Report and Recommendations, totals more than 400 pages, marking the culmination of an investigation that included seven congressional hearings, the production of nearly 1.3 million internal documents and communications, submissions from 38 antitrust experts, and interviews with more than 240 market participants, former employees of the investigated platforms, and other individuals. The full report may be downloaded by clicking here.

“As they exist today, Apple, Amazon, Google, and Facebook each possess significant market power over large swaths of our economy. In recent years, each company has expanded and exploited their power of the marketplace in anticompetitive ways,” said Judiciary Committee Chairman Jerrold Nadler (NY-10) and Antitrust Subcommittee Chairman David N. Cicilline (RI-01) in a joint statement. “Our investigation leaves no doubt that there is a clear and compelling need for Congress and the antitrust enforcement agencies to take action that restores competition, improves innovation, and safeguards our democracy. This Report outlines a roadmap for achieving that goal.”

After outlining the challenges presented due to the market domination of Amazon, Apple, Google, and Facebook, the report walks through a series of possible remedies to (1) restore competition in the digital economy, (2) strengthen the antitrust laws, and (3) reinvigorate antitrust enforcement.

The slate of recommendations include:

  • Structural separations to prohibit platforms from operating in lines of business that depend on or interoperate with the platform;
  • Prohibiting platforms from engaging in self-preferencing;
  • Requiring platforms to make its services compatible with competing networks to allow for interoperability and data portability;
  • Mandating that platforms provide due process before taking action against market participants;
  • Establishing a standard to proscribe strategic acquisitions that reduce competition;
  • Improvements to the Clayton Act, the Sherman Act, and the Federal Trade Commission Act, to bring these laws into line with the challenges of the digital economy;
  • Eliminating anticompetitive forced arbitration clauses;
  • Strengthening the Federal Trade Commission (FTC) and the Antitrust Division of the Department of Justice;
  • And promoting greater transparency and democratization of the antitrust agencies.

“After conducting this country’s first major congressional antitrust investigation in decades in which we held hearings, heard from experts and questioned the CEOs of dominant tech platforms, I can say conclusively that self-regulation by Big Tech comes at the expense of our communities, small businesses, consumers, the free press and innovation,” said Congresswoman Pramila Jayapal. “By reasserting the power of Congress, we now have a thoroughly researched and meticulously reasoned roadmap for the work ahead as we rein in anti-competitive behavior, help prevent monopolistic practices and allow innovation to thrive. I’m looking forward to continuing this urgent work.”

“This comprehensive report is a roadmap to a future where digital behemoths with considerable power over their markets are kept accountable to consumers, small businesses, and their workers,” said Rep. Hank Johnson, Chairman of the Subcommittee on Courts, Intellectual Property and the Internet. “By following these recommendations, we can bolster antitrust protections to ensure consumer choice, data privacy, and affordability in online marketplaces. But in doing so, we must also answer the overarching question that we’ve been grappling with: How do we remain a country where small businesses can thrive, even as we shift from brick and mortar to lines of code? That is our challenge now.”

Rep. Val Demings added, “Our investigation revealed an alarming pattern of business practices that degrade competition and stifle innovation. These companies have made remarkable advancements that have shaped our markets and our culture, but their anticompetitive acts have come at a cost for consumers and small businesses. Competition must reward the best idea, not the biggest corporate account. We will take steps necessary to hold rulebreakers accountable. I thank Chairman Cicilline for his leadership, and will continue to work for a fair marketplace and a tech industry that can advance quality of life for every person without undermining it for others.”

“Small businesses are the backbone of our economy and they must be able to compete on a level playing field,” said Rep. Lucy McBath. “We must do all we can to ensure our economy remains fair, our entrepreneurs have the incentive to innovate, and our small businesses are given the opportunity to prosper and create new and good-paying jobs.”

“This investigation has revealed that Apple, Amazon, Facebook, and Google were committed to drowning out competition through unfair and anti-competitive practices – often doing so at the expense of user privacy and innovation,” said Rep. Scanlon. “We must do everything we can to protect consumers and this report is a roadmap to the work that lies ahead. I look forward to developing and introducing legislation to restore fairness to the digital marketplace.”

A D V E R T I S E M E N T

Amazon Announces All-New Fire HD 8 Tablets for the Entire Family

Select here for exciting civilian careers in Tech or Cyber with the Department of the Air Force!

SEATTLE —  Amazon today announced the next generation of its Fire HD 8 tablet lineup, designed with the entire family in mind: the all-new Fire HD 8, Fire HD 8 Plus, and Fire HD 8 Kids Edition.

All-New Fire HD 8 Kids Edition: Built from the Ground-Up for Kids

The all-new Fire HD 8 Kids Edition includes the Fire HD 8 tablet with an 8” HD display, 32GB of storage with up to 1TB of expandable storage via microSD, up to 12 hours of mixed-use battery life, and USB-C for reversible charging. It also comes bundled with a kid-proof case with a new adjustable stand in blue, pink, or purple, a two-year worry-free guarantee, and a year of Amazon FreeTime Unlimited—all for $139.99.

amazon-tablets_Fire_HD_8_All_ColorsWith Amazon FreeTime Unlimited, kids can enjoy over 20,000 premium, age-appropriate books, Audible books, educational apps, games, and videos on their Fire HD 8 Kids Edition, including new and popular titles such as Pinkfong Baby Shark, Sonic Dash, Descendants Junior Novel, and Barbie Dreamtopia from brands like Smartstudy, PBS KIDS, SEGA, and Mattel. Kids can also enjoy over 2,000 Spanish language titles, like Pinkfong! Car Songs, Plaza Sesamo, National Geographic Readers: Los Tiburones (Sharks), and Los Sentidos de Los Insectos.

Within FreeTime, kids can easily discover over 1,500 educational titles organized by core curriculum and extracurricular topics, such as math, science, exercise, art, and virtual field trips. In addition, for a limited time, families will also have access to additional premium content from HOMER and PBS Kids within FreeTime Unlimited. All of the FreeTime Unlimited content is kid-friendly and hand-selected by the Amazon FreeTime team with new titles added regularly.

“Over 20 million kids (and their parents) have enjoyed the award-winning Amazon FreeTime service and we’re excited to make it even better with new educational content that helps to keep kids learning and entertained,” said Kurt Beidler, Director of Kids and Family, Amazon. “The all-new Fire HD 8 Kids Edition is built from the ground up to offer the FreeTime Unlimited content kids love and the parental controls parents trust—all wrapped in a colorful kid-proof case with a two-year worry-free guarantee.”

Fire HD 8 Kids Edition comes with access to award-winning parental controls that encourage learning before play. With FreeTime, parents can manage their child’s FreeTime settings, such as the ability to set daily goals, age filters, and time limits for both weekdays and weekends. Parents can also use parental controls to choose what content kids can access and to add more content. These settings can be managed on the device or parents can visit Amazon’s Parent Dashboard to view daily activity reports and easily adjust their child’s FreeTime settings from any web browser, whether they’re on a mobile device or computer.

Availability

The all-new Fire HD 8 Kids Edition is available for pre-order now, starting at $139.99 at and will begin shipping next month on June 3. As an introductory offer, BDPA Members and Amazon customers who purchase two Fire HD 8 Kids Edition tablets together will receive a 25% discount.  Free subscriptions end after the first year; however, they can be used on any compatible device, including Fire tablets, Fire TV, Kindle, Echo, iOS, Chrome OS, and Android devices.

t4t-image4-bdpa_web

Tablets For Teens

To help local communities in advance of our next school year, discover more by partnering with local BDPA Chapters or visiting tabletsforteens.org.

“I.T.’s” happening!

— Sources: Amazon and BDPA

 

 


Register now! BDPA2020 | bdpa2020.com

Zoom Selects Oracle as a Cloud Infrastructure Provider for Its Core Online Meeting Service

BDPA2020 | bdpa2020.com

Zoom deploys Oracle Cloud within hours; enables millions of meeting participants within weeks

Redwood Shores, CA — Today Oracle announced that Zoom Video Communications, Inc. is turning to Oracle Cloud Infrastructure to support its growth and evolving business needs as the enterprise video communications company continues to innovate and provide an essential service to its extensive customer base.

Zoom PC“We recently experienced the most significant growth our business has ever seen, requiring massive increases in our service capacity. We explored multiple platforms, and Oracle Cloud Infrastructure was instrumental in helping us quickly scale our capacity and meet the needs of our new users,” said Zoom CEO Eric S. Yuan. “We chose Oracle Cloud Infrastructure because of its industry-leading security, outstanding performance, and unmatched level of support.”

To meet rapidly increasing demand for its services, including a sudden spike to 300 million daily meeting participants, Zoom needed additional cloud capacity immediately. Zoom selected Oracle Cloud Infrastructure for its advantages in performance, scalability, reliability and superior cloud security. Within hours of deployment, Oracle Cloud Infrastructure supported hundreds of thousands of concurrent Zoom meeting participants. After achieving full production, Zoom is now enabling millions of simultaneous meeting participants on Oracle Cloud Infrastructure. Oracle’s second-generation cloud infrastructure will help Zoom scale to continue to deliver flawless service to its customer base, adapt to changing demands, and lead the video communications industry.

Zoom Presence

“Video communications has become an essential part of our professional and personal lives, and Zoom has led this industry’s innovation,” said Oracle CEO Safra Catz. “We are proud to work with Zoom, as both their cloud infrastructure provider and as a customer, while they grow and continue to connect businesses, people and governments around the world.”

Oracle is uniquely positioned to enable Zoom’s rapid expansion and innovative video communications platform, due to its network architecture, capacity and data center locations. Already, Zoom is transferring upwards of seven petabytes through Oracle Cloud Infrastructure servers each day, roughly equivalent to 93 years of HD video. Oracle’s second-generation cloud infrastructure, combined with expertise in security, will support Zoom in delivering an enterprise-ready video communications experience.

The Oracle Cloud offers a complete suite of integrated applications for Sales, Service, Marketing, Human Resources, Finance, Supply Chain and Manufacturing, plus Highly Automated and Secure Generation 2 Infrastructure featuring the Oracle Autonomous Database.

Source and photos: Oracle and Zoom

A D V E R T I S E M E N T

Select here for exciting Cyber & Information Technology careers!

NASA Mourns the Passing of ‘Hidden Figure’ Katherine Johnson

katherine_johnson_john_glenn

HAMPTON, VA (BDPA Hampton Roads) — NASA announced today one of America’s beloved “Human Computers,” Katherine Johnson, has died at the age of 101. Ms. Johnson was a pioneering Hampton Roads and American icon featured in the movie “Hidden Figures.”

johnson-katherine_OBAMA01“NASA is deeply saddened by the loss of a leader from our pioneering days, and we send our deepest condolences to the family of Katherine Johnson. Ms. Johnson helped our nation enlarge the frontiers of space even as she made huge strides that also opened doors for women and people of color in the universal human quest to explore space,” said NASA Administrator Bridenstine.

Ms. Johnson is a distinguished recipient of the Presidential Medal of Freedom and recently had NASA facilities renamed in her honor. 

Source and photos: NASA

 


BDPA2020 | bdpa2020.com

CTA, HRS Unveil Recommendations for Managing Personal Health With Wearables at CES 2020

Select here for exciting new careers in TECH, CYBER, and SPACE!

LAS VEGAS, NV — This week, the Consumer Technology Association (CTA)® and Heart Rhythm Society (HRS) released a unique digital health paper recommending best practices for using wearable technology to manage personal health, including detecting and monitoring cardiovascular biometrics. Presented for the first time during a panel at CES® 2020 – the world’s largest, most influential tech event – this paper provides consumer guidance on understanding devices and managing their personal health data.

“The collaboration between HRS and CTA is timely and important for both consumers and clinicians,” said Dr. Andrea Russo, president, HRS. “Chronic diseases are increasing in prevalence and wearables help people monitor their health to aid in earlier diagnosis and better management of their conditions; furthermore, they provide information to the user that fosters a healthier lifestyle.”

“Digital health is changing lives for the better – providing more personalized care, delivering better outcomes and lowering costs,” said Rene Quashie, VP of digital health, CTA. “Wearable solutions are one of the fastest growing sectors in technology. And as more consumers capture personal health information, a cross industry-created guidance document has never been more important to provide clarity on the potential health and wellness benefits of wearables.”

The CTA/HRS Guidance for Wearable Health Solutions paper includes an overview of the wearables landscape and offers advice for consumers on using wearables. A FAQ section tackles topics including data management, when to call a doctor, sharing data with a health provider, data privacy and security policies.

Developed and reviewed by physicians, patient advocates, technology companies and health care organizations, CTA and HRS created these guidelines to answer common questions for consumers that currently own – or want to own – wearables that capture personal health information. The best practices were presented at the Disruptive Innovations in Health Care conference track at CES.

Dr. Nassir Marrouche, lead author of the paper, added, “in this document we aimed to highlight this new intersection between consumer tech and health. We want people to be aware of what these wearables have to offer, how they can increase knowledge about one’s health, and how clinicians are optimistic about the data wearables can deliver.”

According to recent data, CTA projects total sales of digital health devices in the U.S. – such as smartwatches, fitness trackers and blood pressure monitors – will reach $10 billion in revenue in 2020 (up by 16% over last year).

The Health & Wellness category at CES 2020 will have over 20% more exhibitors and 15% more exhibitor space than CES 2019, with notable exhibitors such as Abbott, Cigna, Humana, Omron Healthcare, Myant, Philips and Procter & Gamble.

To download the CTA/HRS Guidance for Wearable Health Solutions document, visit CTA.tech.

by Danielle Cassagnol, CTA

A D V E R T I S E M E N T

BDPA 2020 South Regional Technology Conference

BDPA Memphis Welcomes new Computer Science Graduates to Industry

New Cyber and STEM civilian careers with the Department of the Air Force

MEMPHIS, TN — BDPA Memphis Student Members graduated this week with Computer Science Degrees from the University of Memphis. Other BDPA Student Members not only graduated with Computer Science Degrees, some graduated from CodeCrew Code School and Tech901.

memphis-bdpa-bdpacon18

According to BDPA Memphis, for students considering a future in IT, or want to learn more about technology, BDPA can help develop technical skills, make introductions to role models, and open doors to new tech internships or that first IT career opportunity.

bdpatoday | December 2019

For start-ups and entrepreneurs who provide IT-related services and products, a BDPA membership is an invaluable asset. BDPA introduces businesses to individuals with purchasing power. Interact with potential business partners, investors, and certified employees.

In 2018, nine students from National BDPA’s Memphis Chapter qualified to attend #BDPACon18, the annual BDPA National Technology Conference and Career Expo in New Orleans, LA.

Two mobile apps were presented at the conference: Microball Gaming (by Bryce Ellis), a three-in-one video game with augmented reality and real time multiplayer, and Edesia (by Kareem Dasilva), an app that finds nearby food trucks in real time.  Bryce won second place in the app competition, receiving a $2500 scholarship.

Three BDPA students won other scholarships (Jada Thomas, Monsanto Scholarship, $2500; Brandon Ellis, Oracle Scholarship, $2500; Cody Seymour, Oracle Scholarship, $2500), and three students participated in judging the High School Computer Coding Competition.  High school participant Milton Turner placed second in the Information Technology Showcase for his presentation on the risks of having a “smart city.”

BDPA Memphis’ advisor, CodeCrew Executive Director Meka Egwuekwe, was awarded the Individual Pace Setter Award for his leadership in developing STEM education in Memphis.

— Source and photos: BDPA Memphis

ADVERTISEMENT

BDPA Huntsville | 2020 Regional Conference

A Walk Through ‘CB’ Time – Ancient Calendars

The Celestial Body (‘CB’) — the Sun, a Moon, a planet, and stars — have provided us a reference for measuring the passage of time throughout our existence. Ancient civilizations relied upon the apparent motion of these bodies through the sky to determine seasons, months, and years.

fall-back2We know little about the details of timekeeping in prehistoric eras, but wherever we turn up records and artifacts, we usually discover that in every culture, some people were preoccupied with measuring and recording the passage of time. Ice-age hunters in Europe over 20,000 years ago scratched lines and gouged holes in sticks and bones, possibly counting the days between phases of the moon. Five thousand years ago, Sumerians in the Tigris-Euphrates valley in today’s Iraq had a calendar that divided the year into 30 day months, divided the day into 12 periods (each corresponding to 2 of our hours), and divided these periods into 30 parts (each like 4 of our minutes). We have no written records of Stonehenge, built over 4000 years ago in England, but its alignments show its purposes apparently included the determination of seasonal or celestial events, such as lunar eclipses, solstices and so on.

The earliest Egyptian calendar was based on the moon’s cycles, but later the Egyptians realized that the “Dog Star” in Canis Major, which we call Sirius, rose next to the sun every 365 days, about when the annual inundation of the Nile began. Based on this knowledge, they devised a 365 day calendar that seems to have begun around 3100 BCE (Before the Common Era), which thus seems to be one of the earliest years recorded in history.

NIST article originally presented November 6, 2016 via bdpatoday.

— Source: National Institute of Standards and Technology (NIST)

A D V E R T I S E M E N T

2019 Tech & Community Awards Reception

It’s Not a Pipeline Problem

SAN FRANCISCO, CA — Your company struggles with finding diverse talent; it’s not a pipeline problem. It’s a buy-in, bias, branding and business case problem. Unconscious bias is like an odorless gas; it affects everyone, everywhere all the time. It is not a problem humans can solve without augmented intelligence.  Blendoor tackles bias with great design, artificial intelligence (AI), deep learning, and people analytics.

blendoor2Blendoor has deep expertise in enterprise software as a service (SaaS), diversity and inclusion (D&I), machine learning (ML), and a passion for creating technology that makes an impact.  The company aggregates diverse talent from multiple sources to broaden talent search and then uses blind review and analytics to mitigate unconscious bias ‘from source to hire.’

Today, Blendoor is revolutionizing the way people see people. They understand the significant impact of unconscious bias in our day-to-day world and for them, hiring is just the tip of the iceberg. The America of today and tomorrow is very different than it was at the turn of the century. Demographics are rapidly changing and so are priorities. People want to know that they are represented and the companies they work for are both progressive and inclusive spaces.

Though we know the term diversity can be interpreted in several ways,  Blendoor focused specifically on diversity of gender, race, ability, and sexual orientation when aggregating data for its latest product, BlendScore. Companies were scored and ranked based on their respective diversity and inclusion efforts to help job-seekers find where they truly belong. Discover more at blendoor.com.

— Source and photos: Blendoor

 

A D V E R T I S E M E N T

Two young women using a laptop in a cafe

BDPA Huntsville Helps Students Get Wired Up!

afcs-civ_banner

HUNTSVILLE, AL — National BDPA’s Huntsville Chapter was given the opportunity to train students about STEM at Mae Jemison High School. BDPA Members Bernard Nealy, Brandon Fields, Pat King and Jason Bradshaw were the instructors for this training session.

The training session included high school seniors from Mae Jemison, one high school senior and two elementary students from Birmingham who were guests of the instructors. During the session the students had the opportunity experience electrical engineering by connecting a Raspberry Pi microcomputer to a CAMJam Kit breadboard by wiring the two devices together. While also installing resistors, and red, green, & yellow lights to the breadboard.

Once the students completed wiring the two devices together they connected the Raspberry Pi to a monitor, keyboard, and mouse. After it was safely connected the students then were able to connect power to the Pi and proceed to use Python programming to complete the project. Once they completed the code which dictates how the Pi provides power to the breadboard, to each light, and when to halt from sending electrical current, then their results would either be red, yellow, or the green lights to power on.

Participating students really enjoyed the training and asked when the next training sessions would be held. These students are our inspiration to do what we do.

Source and photo creditbdpahsv.org

A D V E R T I S E M E N T

Commemorate Baltimore’s Innovation Week, Hispanic Heritage month, and Cybersecurity Awareness Month next weekend in Baltimore with Regional SHPE, NSBE, and BDPA Chapters!

October 12-13, 2019  |  University of Baltimore |  Media Sponsor: bdpatoday

Minority Innovation Weekend | October 12-13, 2019 in Baltimore

%d bloggers like this: