Skip to content

Author: dailylinks

Links for 2019-04-30

Published April 30, 2019

  • Youth Spies and Curious Elders - Austin Kleon

    featuring Eno, John Waters and Stafford Beer:

    The revolutions of the future will appear in forms we don’t even recognise—in a language we can’t read. We will be looking out for twists on the old themes but not noticing that there are whole new conversations taking place. Just imagine if all the things about which we now get so heated meant nothing to those who follow us—as mysteriously irrelevant as the nuanced distinctions between anarcho-syndicalism and communist anarchism. At least we can hope for that. As the cybernetician Stafford Beer once said to me: “If we can understand our children, we’re all screwed.” So revel in your mystification and read it as a sign of a healthy future. Whatever happens next, it won’t be what you expected. If it is what you expected, it isn’t what’s happening next.

    (tags: kids learning fashion youth brian-eno john-waters stafford-beer children future music)

  • Tim Robinson's townland index for Connemara and the Aran Islands | NUI Galway Digital Collections

    Legendary west-of-Ireland mapmaker Tim Robinson has an archive at NUIG -- including the maps themselves.

    An extensive card catalogue compiled by Tim Robinson throughout the 1980s and 1990s, drawn from his field notes. The series has been arranged by Robinson into civil parishes, and further divided into townlands. For most of the townlands, there are several record cards that give a detailed description of the local landscape. These describe historical, ecclesiastical, geological, and archaeological features. Anecdotes and local lore also feature in these. Robinson adds the names of people who helped him compile his information, usually local people, and often correspondents who sent him information helping him identify the origins of placenames, or certain landmarks and artefacts. The cards also credit several secondary sources, including the OS maps and corresponding Field Name Books, Hardiman's History of Galway, Alexander Nimmo's map of the bogs in the West of Ireland, and many more. In all cases in this series, the placename Tim Robinson used as his title appears as the title here. Many are in Irish, and some are in English. The corresponding translation is provided in the description.

    (tags: tim-robinson ireland history connemara via:voxhib galway maps mapping culture nuig)

  • Young Life Out Of Balance: The Impact and Legacy of ‘Koyaanisqatsi’

    I found myself thinking about how 10-year-old Mike responded to these overwhelming images. The process of meaning-making for a 10-year-old kid watching a film containing a sophisticated symbolic critique of modern life fascinated me. I decided to watch Koyaanisqatsi in 2019 with a close eye towards the images and sounds that had stuck with me subconsciously in the intervening third of a century, the sequences that offered today’s me a direct connection to my younger self. In childhood I was surrounded by films, cartoons, and other educational programming that transmitted the profundity and complexity of human existence and the universe directly into my growing brain. What did Koyaanisqatsi‘s sensory bombardment, its sometimes overwhelming contrasting of nature and technology mean to me then? And how did that meaning change for me as an adult, now fully conscious of and conversant with the issues Reggio raises?

    (tags: koyaanisqatsi godfrey-reggio film art 1980s)

  • Oh dear. Huawei enterprise router 'backdoor' was Telnet, sighs Vodafone

    LOL:

    Characterising Telnet as a backdoor is a bit like describing your catflap as an access portal with no physical security features that allows multiple species to pass unhindered through a critical home security layer. In other words, massively over-egging the pudding.

    (tags: huawei vodafone funny security bloomberg overexcited drama us-politics china)

Links for 2019-04-29

Published April 29, 2019

  • 'Looping' Created an Underground Insulin-Pump Market - The Atlantic

    By 2014, the hardware components of a DIY artificial pancreas—a small insulin pump that attaches via thin disposable tubing to the body and a continuous sensor for glucose, or sugar, that slips just under the skin—were available, but it was impossible to connect the two. That’s where the security flaw came in. The hackers realized they could use it to override old Medtronic pumps with their own algorithm that automatically calculates insulin doses based on real-time glucose data. It closed the feedback loop. They shared this code online as OpenAPS, and “looping,” as it’s called, began to catch on. Instead of micromanaging their blood sugar, people with diabetes could offload that work to an algorithm. In addition to OpenAPS, another system called Loop is now available. Dozens, then hundreds, and now thousands of people are experimenting with DIY artificial-pancreas systems—none of which the Food and Drug Administration has officially approved. And they’ve had to track down discontinued Medtronic pumps. It can sometimes take months to find one. Obviously, you can’t just call up Medtronic to order a discontinued pump with a security flaw. “It’s eBay, Craigslist, Facebook. It’s like this underground market for these pumps,”

    (tags: looping insulin diabetes health hardware open-hardware medtronic glucose medicine fda black-market)

Links for 2019-04-26

Published April 26, 2019

  • Packets-per-second limits in EC2

    By running these experiments, we determined that each EC2 instance type has a packet-per-second budget. Surprisingly, this budget goes toward the total of incoming and outgoing packets. Even more surprisingly, the same budget gets split between multiple network interfaces, with some additional performance penalty. This last result informs against using multiple network interfaces when tuning the system for higher networking performance. The maximum budget for m5.metal and m5.24xlarge is 2.2M packets per second. Given that each HTTP transaction takes at least four packets, we can translate this to a maximum of 550k requests per second on the largest m5 instance with Enhanced Networking enabled.

    (tags: aws ec2 networking pps packets tcp ip benchmarking)

  • Brian Moriarty - "I Sing the Story Electric"

    The history of interactive storytelling, including a classification system for branching narrative techniques: The Foldback, Quicktime Events, Sardonic Options, Achtung Options, Checkpoint Saves, and Bait-and-Switch Options, and an example of a computerized interactive narrative from 1955, GENIAC Project 23.

    (tags: geniac kinoautomat borges narratives non-linear branching interactive-fiction games gaming ludology history stories storytelling talks)

Links for 2019-04-24

Published April 24, 2019

  • When License-Plate Surveillance Goes Horribly Wrong - The New York Times

    “They built a system to mitigate harm, and yet I ended up with guns pulled on me due to faulty data,” he said. “And it’s more proof that we’ve built this invisible layer behind the scenes that leads to real-world consequences.”
    This is the common thread between automated surveillance systems -- false positives happen, but the systems are designed to assume this is harmless.

    (tags: false-positives surveillance anpr license-plates automation)

  • Ireland Blocks The World on Data Privacy

    Last May, Europe imposed new data privacy guidelines that carry the hopes of hundreds of millions of people around the world — including in the United States — to rein in abuses by big tech companies. Almost a year later, it’s apparent that the new rules have a significant loophole: The designated lead regulator — the tiny nation of Ireland — has yet to bring an enforcement action against a big tech firm. That’s not entirely surprising. Despite its vows to beef up its threadbare regulatory apparatus, Ireland has a long history of catering to the very companies it is supposed to oversee, having wooed top Silicon Valley firms to the Emerald Isle with promises of low taxes, open access to top officials, and help securing funds to build glittering new headquarters. Now, data privacy experts and regulators in other countries are questioning Ireland’s commitment to policing imminent privacy concerns like Facebook’s reintroduction of facial recognition software and data-sharing with its recently purchased subsidiary WhatsApp, and Google’s sharing of information across its burgeoning number of platforms.

    (tags: ireland fail gdpr privacy data-protection data facebook eu regulation)

Links for 2019-04-19

Published April 19, 2019

  • Who’s using your face? The ugly truth about facial recognition

    In order to feed this hungry system, a plethora of face repositories — such as IJB-C — have sprung up, containing images manually culled and bound together from sources as varied as university campuses, town squares, markets, cafés, mugshots and social-media sites such as Flickr, Instagram and YouTube. To understand what these faces have been helping to build, the FT worked with Adam Harvey, the researcher who first spotted Jillian York’s face in IJB-C. An American based in Berlin, he has spent years amassing more than 300 face datasets and has identified some 5,000 academic papers that cite them. The images, we found, are used to train and benchmark algorithms that serve a variety of biometric-related purposes — recognising faces at passport control, crowd surveillance, automated driving, robotics, even emotion analysis for advertising. They have been cited in papers by commercial companies including Facebook, Microsoft, Baidu, SenseTime and IBM, as well as by academics around the world, from Japan to the United Arab Emirates and Israel. “We’ve seen facial recognition shifting in purpose,” says Dave Maass, a senior investigative researcher at the EFF, who was shocked to discover that his own colleagues’ faces were in the Iarpa database. “It was originally being used for identification purposes?.?.?.?Now somebody’s face is used as a tracking number to watch them as they move across locations on video, which is a huge shift. [Researchers] don’t have to pay people for consent, they don’t have to find models, no firm has to pay to collect it, everyone gets it for free.”

    (tags: data privacy face-recognition cameras creative-commons licensing flickr open-data google facebook surveillance instagram ijb-c research iarpa)

Links for 2019-04-15

Published April 15, 2019

Links for 2019-04-12

Published April 12, 2019

  • _First M87 Event Horizon Telescope Results. III. Data Processing and Calibration_

    'We present the calibration and reduction of Event Horizon Telescope (EHT) 1.3 mm radio wavelength observations of the supermassive black hole candidate at the center of the radio galaxy M87 and the quasar 3C 279, taken during the 2017 April 5–11 observing campaign. These global very long baseline interferometric observations include for the first time the highly sensitive Atacama Large Millimeter/submillimeter Array (ALMA); reaching an angular resolution of 25 ?as, with characteristic sensitivity limits of ?1 mJy on baselines to ALMA and ?10 mJy on other baselines. The observations present challenges for existing data processing tools, arising from the rapid atmospheric phase fluctuations, wide recording bandwidth, and highly heterogeneous array. In response, we developed three independent pipelines for phase calibration and fringe detection, each tailored to the specific needs of the EHT. The final data products include calibrated total intensity amplitude and phase information. They are validated through a series of quality assurance tests that show consistency across pipelines and set limits on baseline systematic errors of 2% in amplitude and 1° in phase. The M87 data reveal the presence of two nulls in correlated flux density at ?3.4 and ?8.3 G? and temporal evolution in closure quantities, indicating intrinsic variability of compact structure on a timescale of days, or several light-crossing times for a few billion solar-mass black hole. These measurements provide the first opportunity to image horizon-scale structure in M87.'

    (tags: papers data big-data telescopes eht black-holes astronomy)

  • Autonomous Precision Landing of Space Rockets - Lars Blackmore

    from 'Frontiers of Engineering: Reports on Leading-Edge Engineering' from the 2016 Symposium, published by the National Academies Press, regarding the algorithms used by SpaceX for their autonomous landings:

    The computation must be done autonomously, in a fraction of a second. Failure to find a feasible solution in time will crash the spacecraft into the ground. Failure to find the optimal solution may use up the available propellant, with the same result. Finally, a hardware failure may require replanning the trajectory multiple times. Page 39 Suggested Citation:"Autonomous Precision Landing of Space Rockets - Lars Blackmore." National Academy of Engineering. 2017. Frontiers of Engineering: Reports on Leading-Edge Engineering from the 2016 Symposium. Washington, DC: The National Academies Press. doi: 10.17226/23659. × Save Cancel A general solution to such problems has existed in one dimension since the 1960s (Meditch 1964), but not in three dimensions. Over the past decade, research has shown how to use modern mathematical optimization techniques to solve this problem for a Mars landing, with guarantees that the best solution can be found in time (Açikme?e and Ploen 2007; Blackmore et al. 2010). Because Earth’s atmosphere is 100 times as dense as that of Mars, aerodynamic forces become the primary concern rather than a disturbance so small that it can be neglected in the trajectory planning phase. As a result, Earth landing is a very different problem, but SpaceX and Blue Origin have shown that this too can be solved. SpaceX uses CVXGEN (Mattingley and Boyd 2012) to generate customized flight code, which enables very high-speed onboard convex optimization.

    (tags: spacex blue-origin convex-optimization space landing autonomous-vehicles flight algorithms)

Links for 2019-04-11

Published April 11, 2019

  • Amazon workers call for zero carbon emissions and cancellation of an AWS fossil-fuel friendly program

    nice one.

    Then the activists saw an article in Gizmodo, a technology news site, that outlined how Amazon’s cloud computing division was building special offerings for oil and gas companies. On its website, Amazon says its customers include BP and Royal Dutch Shell, and its products can “find oil faster,” “recover more oil” and “reduce the cost per barrel.” In a second meeting with Amazon, the workers raised the oil industry connections with the company’s sustainability team; its members did not seem to be aware of the business, according to several employees at the meeting. “That really showed us Amazon is not taking climate change seriously if the highest levels of the sustainability team are not even aware that we have an oil and gas business,” said Ms. Cunningham, who was at the meeting.

    (tags: amazon aws fossil-fuels zero-carbon emissions climate-change sustainability)

  • Using 6 Page and 2 Page Documents To Make Organizational Decisions

    Ian Nowland has written up the Amazon 6-pager strategy:

    A challenge of organizations is the aggregation of local information to a point where a globally optimal decision can be made in a way all stakeholders have seen their feedback heard and so can “disagree and commit" on the result. This document describes the “6 pager” and “2 pager” document and review meeting process, as a mechanism to address this challenge, as practiced by the document’s author in his time in the EC2 team at Amazon, and then at Two Sigma. [...] The major variant I have also seen is 2 pages with 30 minute review; when the decision is smaller in terms of stakeholders, options or impact. That being said, there is nothing magical about 2 pages, i.e., a 3 page document is fine, it just should be expected to take more than 30 minutes to review.

    (tags: amazon business decisions teams documents planning)

  • Europol Tells Internet Archive That Much Of Its Site Is 'Terrorist Content' | Techdirt

    'The Internet Archive has a few staff members that process takedown notices from law enforcement who operate in the Pacific time zone. Most of the falsely identified URLs mentioned here (including the report from the French government) were sent to us in the middle of the night – between midnight and 3am Pacific – and all of the reports were sent outside of the business hours of the Internet Archive. The one-hour requirement essentially means that we would need to take reported URLs down automatically and do our best to review them after the fact. It would be bad enough if the mistaken URLs in these examples were for a set of relatively obscure items on our site, but the EU IRU’s lists include some of the most visited pages on archive.org and materials that obviously have high scholarly and research value.'

    (tags: eu europol policing france archive.org archival web freedom censorship fail)

Links for 2019-04-10

Published April 10, 2019

  • At wit’s end with my preschooler : Parenting

    This /r/parenting thread has some good advice on dealing with kids' meltdowns. I wish I had this a few years ago

    (tags: parenting kids tantrums anger reddit advice)

  • Spark memory tuning on EMR

    'Best practices for successfully managing memory for Apache Spark applications on Amazon EMR', on the AWS Big Data blog. 'In this blog post, I detailed the possible out-of-memory errors, their causes, and a list of best practices to prevent these errors when submitting a Spark application on Amazon EMR. My colleagues and I formed these best practices after thorough research and understanding of various Spark configuration properties and testing multiple Spark applications. These best practices apply to most of out-of-memory scenarios, though there might be some rare scenarios where they don’t apply. However, we believe that this blog post provides all the details needed so you can tweak parameters and successfully run a Spark application.'

    (tags: spark emr aws tuning memory ooms java)

Links for 2019-04-09

Published April 9, 2019

Links for 2019-04-08

Published April 8, 2019

Links for 2019-04-05

Published April 5, 2019

  • _Screens, Teens, and Psychological Well-Being: Evidence From Three Time-Use-Diary Studies_ - Amy Orben, Andrew K. Przybylski, 2019

    Paper from Amy Orben, Andrew K. Przybylski, of the Department of Experimental Psychology, University of Oxford, and the Oxford Internet Institute, University of Oxford:

    The notion that digital-screen engagement decreases adolescent well-being has become a recurring feature in public, political, and scientific conversation. The current level of psychological evidence, however, is far removed from the certainty voiced by many commentators. There is little clear-cut evidence that screen time decreases adolescent well-being, and most psychological results are based on single-country, exploratory studies that rely on inaccurate but popular self-report measures of digital-screen engagement. In this study, which encompassed three nationally representative large-scale data sets from Ireland, the United States, and the United Kingdom (N = 17,247 after data exclusions) and included time-use-diary measures of digital-screen engagement, we used both exploratory and confirmatory study designs to introduce methodological and analytical improvements to a growing psychological research area. We found little evidence for substantial negative associations between digital-screen engagement — measured throughout the day or particularly before bedtime — and adolescent well-being.

    (tags: screens screen-time teens mental-health psychology papers research)

Links for 2019-04-03

Published April 3, 2019

  • Waterford Distillery on Whisky "Finishing"

    Here’s an inexpensive illusion for a whisky brand to acquire more shelf presence. Purchase three barrels of whisky from a generic pool of ex-bourbon matured stocks. Re-rack a couple of these barrels into new barrels – a sherry cask, or maybe you’d like the name of a French chateau to add more gravitas to a label and pull another rabbit out of the hat? Give it a few weeks, then bottle each of them in turn. Instead of one bottle on the shelf, you have three. You’ll more easily catch the eye of the whisky consumer as they walk by, pondering the nature of what ‘finishing’ actually means. These days, the shelves of retailers and at airports are rammed up with all sorts of fancy ‘finishes’ – which is to say a whisky that has been re-racked into another barrel and left to mature for a period of time; perhaps up to a couple of years, but usually just a few brief months.
    Well said. I'm looking forward to their whisky...

    (tags: whiskey whisky waterford-distillery booze finishing distilling barrels)

  • Formal GDPR complaint against IAB Europe’s “cookie wall” and GDPR consent guidance

    Fantastic :) A formal complaint has been filed with the Irish Data Protection Commission against IAB Europe, the tracking industry’s primary lobbying organization:

    Tracking and cookie walls: Visitors to IAB Europe’s website, www.iabeurope.eu, are confronted with a “cookie wall” that forces them to accept tracking by Google, Facebook, and others, which may then monitor them. Dr. Ryan has complained to the Irish Data Protection Commission that this is a breach of the GDPR, which protects people in Europe from being forced to accept processing for their data for any purpose other than the provision of the requested service. “One should not be forced to accept web-wide profiling by unknown companies as a condition of access to a website”, said Dr Johnny Ryan of Brave. “This would be like Facebook preventing you from accessing the Newsfeed until you have clicked a button permitting it to share your data with Cambridge Analytica.” Simon McGarr of McGarr Solicitors, who has worked on data protection cases for Digital Rights Ireland, represents Dr Ryan in his complaint. Mr McGarr said “Where companies rely on consent to process people’s data it is critical that this is more than a box ticking exercise. For consent to be valid, it must be freely given, informed, specific and unambiguous. There’s nothing intrinsically good or bad in cookie technology – what matters is ensuring it’s applied in a way which respects individuals’ rights.” Challenging IAB Europe’s industry guidance on the GDPR: The complaint to the Irish Data Protection Commission will also test IAB Europe’s GDPR guidance to the online advertising industry. IAB Europe has put itself forward as a primary designer of the online tracking industry’s data protection notices. It has told major media organizations, tracking companies, and advertising technology companies that they can sidestep the GDPR, and rely instead on the ePrivacy Directive, which IAB Europe has interpreted as more lax in protecting personal data. IAB Europe has widely promoted the notion that access to a website or app can be made conditional on consent for data processing that is not necessary for the requested service to be delivered, despite the clear requirements of the GDPR, and statements from several national data protection authorities, that say otherwise. “This complaint will make it plain that the media and advertising industry should not rely on IAB Europe for GDPR guidance”, said Dr Ryan.

    (tags: dpc ireland brave iab-europe iab cookies tracking gdpr law eu)

  • The 9 Categories of Reply Guys

    "#WomeninSTEM get a lot of “Reply Guys” who repeat the same unhelpful comments. @shrewshrew and I (a woman & a man in science) have attempted to catalog those replies, to save us all the trouble of writing new responses every time. presenting THE NINE TYPES OF REPLY GUYS"

    (tags: twitter thread humor mansplaining sexism misogyny reply-guys funny)

Links for 2019-04-02

Published April 2, 2019

  • YouTube Executives Ignored Warnings, Let Toxic Videos Run Rampant - Bloomberg

    As of 2017, YouTube’s policy for how content moderators handle conspiracy theories didn’t exist, according to a former moderator who specialized in foreign-language content.  At the end of the year, fewer than twenty people were on the staff for “trust and safety,” the unit overseeing content policies, according to a former staffer. The team had to “fight tooth and nail” for more resources from the tech giant, this person said. A YouTube spokeswoman said that the division has grown “significantly” since but declined to share exact numbers. In February of 2018, the video calling the Parkland shooting victims “crisis actors” went viral on YouTube’s trending page. Policy staff suggested soon after limiting recommendations on the page to vetted news sources. YouTube management rejected the proposal, according to a person with knowledge of the event. The person didn’t know the reasoning behind the rejection, but noted that YouTube was then intent on accelerating its viewing time for videos related to news. 

    (tags: youtube google alphabet moderation conspiracy-theories news virality engagement)

Links for 2019-04-01

Published April 1, 2019

  • April Fool's Day is upon us - What's your best prank given to or received by your kids? : Parenting

    heh heh. revenge next year will be sweet

    (tags: pranks april-fools kids parenting)

  • Tesla lane-recognition autopilot fooled by three small stickers

    'Tesla autopilot module’s lane recognition function has a good robustness in an ordinary external environment (no strong light, rain, snow, sand and dust interference), but it still doesn’t handle the situation correctly in our test scenario. This kind of attack is simple to deploy, and the materials are easy to obtain. As we talked in the previous introduction of Tesla’s lane recognition function, Tesla uses a pure computer vision solution for lane recognition, and we found in this attack experiment that the vehicle driving decision is only based on computer vision lane recognition results. Our experiments proved that this architecture has security risks and reverse lane recognition is one of the necessary functions for autonomous driving in non-closed roads. In the scene we build, if the vehicle knows that the fake lane is pointing to the reverse [oncoming traffic] lane, it should ignore this fake lane and then it could avoid a traffic accident.'

    (tags: adversarial-classification cars ml machine-learning tesla driving self-driving-cars)

  • We Built A Broken Internet. Now We Need To Burn It To The Ground.

    The promise of the internet was that it was going to give voice to the voiceless, visibility to the invisible, and power to the powerless. That’s what originally excited me about it. That’s what originally excited a ton of people about it. It was supposed to be an engine of equality. Suddenly, everyone could tell their story. Suddenly, everyone could sing their song. Suddenly, that one weird kid in Helena, Montana, could find another weird kid just like them in Bakersfield, California, and they could talk and know they weren’t alone. Suddenly, we didn’t need anybody’s permission to publish. We put our stories and songs and messages and artwork where the world could find them. For a while it was beautiful, it was messy, and it was punk as fuck. We all rolled up our sleeves and helped to build it. We were the ones who were supposed to guide it there, and we failed. We failed because we were naive enough to believe everyone had the same goals we did. We failed because we underestimated greed. We failed because we didn’t pay attention to history. We failed because our definition of we wasn’t big enough. We designed and built platforms that undermined democracy across the world. We designed and built technology that is used to round up immigrants and refugees and put them in cages. We designed and built platforms that young, stupid, hateful men use to demean and shame women. We designed and built an entire industry that exploits the poor in order to make old rich men even richer.

    (tags: design ethics internet web twitter social-media)

Links for 2019-03-29

Published March 29, 2019

  • Announcing Lucet: Fastly’s native WebAssembly compiler and runtime

    Lucet is designed to take WebAssembly beyond the browser, and build a platform for faster, safer execution on Fastly’s edge cloud. WebAssembly is already supported by many languages including Rust, TypeScript, C, and C++, and many more have WebAssembly support in development. We want to enable our customers to go beyond Fastly VCL and move even more logic to the edge, and use any language they choose. Lucet is the engine behind Terrarium, our experimental platform for edge computation using WebAssembly. Soon, we will make it available on Fastly’s edge cloud as well. A major design requirement for Lucet was to be able to execute on every single request that Fastly handles. That means creating a WebAssembly instance for each of the tens of thousands of requests per second in a single process, which requires a dramatically lower runtime footprint than possible with a browser JavaScript engine. Lucet can instantiate WebAssembly modules in under 50 microseconds, with just a few kilobytes of memory overhead. By comparison, Chromium’s V8 engine takes about 5 milliseconds, and tens of megabytes of memory overhead, to instantiate JavaScript or WebAssembly programs. With Lucet, Fastly’s edge cloud can execute tens of thousands of WebAssembly programs simultaneously, in the same process, without compromising security. The Lucet compiler and runtime work together to ensure each WebAssembly program is allowed access to only its own resources. This means that Fastly’s customers will be able to write and run programs in more common, general-purpose languages, without compromising the security and safety we’ve always offered.

    (tags: lucet cdn edge-computing wasm webassembly fastly rust c c++ typescript)

Links for 2019-03-27

Published March 27, 2019

  • What is cultural Marxism? The alt-right meme in Suella Braverman's speech in Westminster

    Cultural Marxism is a theory that started in the early 20th century, which was popularised in the aftermath of the socialist revolution (this great piece in the Guardian explains it in depth). The idea was that Marxism should extend beyond class and into cultural equality and that, through major institutions like schools and the media, cultural values could progressively be changed. The theory was later adopted by the philosophers at the Frankfurt School who posited that the only way to destroy capitalism was to destroy it in all walks of life; where, not just classes, but all genders, races, and religions could live in society equally. While this may seem unimportant, the Frankfurt School’s adoption of – and modifications to – cultural Marxism is where the conspiracy theory truly begins. The Frankfurt School’s predominantly Jewish members of the school were forced to flee to America by the Nazis in the 1940s, where many went on to teach, write, and commentate in mainstream institutions. This, conspiracy theorists claim, is when cultural Marxists began to poison the West – and when cultural Marxists began their attempts to undermine its values. Cultural Marxism’s move from political theory to full memeification was fast-tracked when it was used by mass murderer Anders Breivik. Breivik was the sole perpetrator of the 2011 Norway attacks in which 77 people died across several sites. Before committing his attacks, much like the Christchurch shooter, Breivik sent an enormous personal manifesto to a group of friends and family which outlined his anti-multiculturalist, racist, and misogynist ideals. In the manifesto, he spends huge chunks of time crediting the writers who pushed cultural Marxist conspiracy theories into the mainstream. The 1,000-page document references “cultural Marxism” and “cultural Marxists” nearly 650 times.   For the growing audience of anti-Semitic, alt-right white supremacists online, his musings have turned him into an icon – and “cultural Marxism” has become a foundational alt-right belief. It became an easy label for those white supremacists looking for an umbrella term to describe the people at which their anger about diversity, feminism, and religious freedom was directed. Cultural Marxist soon became a signal to mean anyone vaguely left-leaning – in some cases, even if this simply meant those who didn’t agree with white supremacy.

    (tags: antisemitism alt-right suella-braverman marxism nazis fascism history memes dogwhistles)

  • Why Is AI Art Copyright So Complicated?

    Claims that AI is creating art on its own and that machines are somehow entitled to copyright for this art are simply naive or overblown, and they cloud real concerns about authorship disputes between humans. The introduction of machine learning as an art tool is ironically increasing human involvement, not decreasing it. Specifically, the number of people who can potentially be credited as coauthors of an artwork has skyrocketed. This is because machine learning tools are typically built on a stack of software solutions, each layer having been designed by individual persons or groups of people, all of whom are potential candidates for authorial credit.

    (tags: ai art machine-learning ml copyright authors gan)

Links for 2019-03-26

Published March 26, 2019

Links for 2019-03-25

Published March 25, 2019

  • "Baba Is You" is Turing-complete

    'This video demonstrates my design for a mechanism in #BabaIsYou which implements Cellular Automaton Rule 110, which suffices to prove the game is Turing-Complete!' The write-up is here: http://www.twitlonger.com/show/n_1sqrh1m

    (tags: baba-is-you games turing-completeness computing)

  • Making Logic Gates With Crabs

    Yukio-Pegio Gunji and Yuta Nishiyama from Kobe University, along with Andrew Adamatzky from the aptly named Unconventional Computing Centre at the University of the West of England decided they needed a new way to build logic gates using crabs [....] The colonies of soldier crabs that inhabit the lagoons of Pacific atolls display a unique swarming behavior in their native habitat. When in a swarm of hundreds of individuals, the front of the swarm is driven by random turbulence in the group, while the back end of the swarm simply follows the leaders. Somehow, this is a successful evolutionary strategy, but it can also be exploited to build logic gates using only crabs. The team constructed a Y-shaped maze for a pair of crabs to act as an OR gate. When two soldier crabs are placed at the top of the ‘Y’, they move forward until they meet and exit the maze through the output. This idea can be expanded to a slightly more complex AND gate, functionally identical to the electron-powered AND gate in a 7408 logic chip.

    (tags: logic-gates logic soldier-crabs crabs computing hardware swarming nature animals via:theophite)

  • What causes Ruby memory bloat? – Joyful Bikeshedding

    Another likely suspect is the memory allocator. After all, Nate Berkopec and Heroku remarked that fiddling with the memory allocator (either replacing it altogether with jemalloc, or setting the magical environment variable MALLOC_ARENA_MAX=2) drastically lowers [Ruby] memory usage.

    (tags: ruby memory rails linux malloc bloat jemalloc ops)

  • Fix glibc's MALLOC_ARENA_MAX variable

    It seems that recent versions of glibc (up to glibc 2.25 at least) have some dysfunctional behaviour around malloc's arenas on multi-CPU systems, massively inflating the number of arenas allocated, which inflate reported VM sizes and (for multi-threaded Ruby services in particular) fragmenting memory badly. See also https://devcenter.heroku.com/articles/testing-cedar-14-memory-use Presto issue reported with glibc malloc arena-per-thread behaviour resulting in Presto OOMs: https://github.com/prestodb/presto/issues/8993 Hadoop affected by the inflated VM sizes reported as a side effect: https://issues.apache.org/jira/browse/HADOOP-7154 Good detailed writeup from IBM's WebSphere blog: https://www.ibm.com/developerworks/community/blogs/kevgrig/entry/linux_glibc_2_10_rhel_6_malloc_may_show_excessive_virtual_memory_usage

    (tags: ops ruby memory malloc allocation arenas tuning fragmentation)

  • The end of open: BBC blocks its podcasts on Google

    Talking to Podnews, a BBC spokesperson said that Google is required to sign a licence to link to their podcasts; and that the Distribution Policy also requires Google to supply user data to the BBC. There has been a “consultation with Google”, and the BBC “has no choice but to stop Google from making podcasts available via Google products.”

    (tags: bbc facepalm fail google licensing podcasts radio)

  • ‘A Swiss cheese-like material’ that can solve equations | Penn Today

    This is incredibly cool.

    “For example," Engheta says, "if you were trying to plan the acoustics of a concert hall, you could write an integral equation where the inputs represent the sources of the sound, such as the position of speakers or instruments, as well as how loudly they play. Other parts of the equation would represent the geometry of the room and the material its walls are made of. Solving that equation would give you the volume at different points in the concert hall.”  In the integral equation that describes the relationship between sound sources, room shape and the volume at specific locations, the features of the room — the shape and material properties of its walls — can be represented by the equation’s kernel. This is the part the Penn Engineering researchers are able to represent in a physical way, through the precise arrangement of air holes in their metamaterial Swiss cheese.  “Our system allows you to change the inputs that represent the locations of the sound sources by changing the properties of the wave you send into the system,” Engheta says, “but if you want to change the shape of the room, for example, you will have to make a new kernel.” 

    (tags: computing analog computers hardware papers swiss-cheese equations)

  • Cloud Shell - Google Cloud Platform

    I had no idea about this -- every google user has instant in-browser shell access to a Linux VM with 1.7GB of RAM

    (tags: shell servers linux google gcp cloudshell)

Links for 2019-03-22

Published March 22, 2019

  • Troubleshooting Problems With Native (Off-Heap) Memory in Java Applications

    quite good advice on dealing with memory problems caused by off-heap DirectByteBuffers in java 8. 'Furthermore, the JDK caches one or more DirectByteBuffers per thread, and by default, there is no limit on the number or size of these buffers. As a result, if a Java app creates many threads that perform I/O using HeapByteBuffers, and/or these buffers are big, the JVM process may end up using a lot of additional native memory that looks like a leak'. 'java.lang.OutOfMemoryError: Direct buffer memory' is the indicative error message.

    (tags: java off-heap buffers memory memory-leaks gc jdk ops)

Links for 2019-03-19

Published March 19, 2019

  • cel-go

    The Go implementation of the Common Expression Language (CEL). CEL is a non-Turing complete language designed to be portable and fast. It is well suited to embedded applications expression evaluation with familiar syntax and features, protocol buffer support, and not needing the sandboxing needed for a runtime like JavaScript or Lua.

    (tags: scripting golang go cel languages coding configuration config embedded)

  • XXH3

    'a cross-over inspired by many other great hash algorithms, which proves substantially faster than existing variants of xxHash, across basically all dimensions.'

    (tags: hashing algorithms xxhash xxh3 checksums performance)

Links for 2019-03-17

Published March 17, 2019

Links for 2019-03-15

Published March 15, 2019

  • The Oxygen of Amplification

    Offering extremely candid comments from mainstream journalists, this report provides a snapshot of an industry [news media] caught between the pressure to deliver page views, the impulse to cover manipulators and “trolls,” and the disgust (expressed in interviewees’ own words) of accidentally propagating extremist ideology. After reviewing common methods of “information laundering” of radical and racist messages through the press, Phillips uses journalists’ own words to propose a set of editorial “better practices” intended to reduce manipulation and harm. As social and digital media are leveraged to reconfigure the information landscape, Phillips argues that this new domain requires journalists to take what they know about abuses of power and media manipulation in traditional information ecosystems; and apply and adapt that knowledge to networked actors, such as white nationalist networks online.

    (tags: media news harassment nazis fascism overton-window journalism racism press)

  • Ash Sarkar on how to counter the new right

    'a) Acknowledge that the fascist threat has changed. It's political operations are far more nebulous and diffuse; it works in political institutions and dark corners of the internet; it will adopt and distort liberal tropes and talking points. b) Deal with the fact that traditional forms of policing will be of little effectiveness in countering it. Those with the most power to inhibit the dissemination of far-right and racist ideology are the digital platforms they rely on: reddit, Twitch, YouTube, Twitter, Facebook. c) Transform current affairs media. For too long, producers and editors have taken the alt-right at their word, and framed issues as free speech/limits of offensive humour. That must change. Unless you're willing to do rigorous research first, don't commission the debate. d) Overhaul the teaching of PSHE & Citizenship in education to prepare young people for the desensitising and extreme content they will see online. Create space for healthy debate and discussion in respectful environments. Don't let groomers take advantage of their curiousity. e) Get a very big bin, and put Melanie Phillips, Rod Liddle, and Douglas Murray in it. Then fire the bin into outer space.'

    (tags: alt-right fascism media politics internet social-media twitter reddit ash-sarkar)

  • Why Do so Many Egyptian Statues Have Broken Noses? - Artsy

    wow, TIL. 'The ancient Egyptians, it’s important to note, ascribed important powers to images of the human form. They believed that the essence of a deity could inhabit an image of that deity, or, in the case of mere mortals, part of that deceased human being’s soul could inhabit a statue inscribed for that particular person. These campaigns of vandalism were therefore intended to “deactivate an image’s strength,” as Bleiberg put it.'

    (tags: egypt culture art history noses)

Links for 2019-03-11

Published March 11, 2019

  • The "Tragedy of the Commons" was invented by a white supremacist based on a false history, and it's toxic bullshit / Boing Boing

    Hardin's paper starts with a history of the English Commons -- publicly held lands that were collectively owned and managed -- and the claim that commons routinely fell prey to the selfish human impulse to overgraze your livestock on public land (and that even non-selfish people would overgraze their animals because they knew that their more-selfish neighbors would do so even if they didn't). But this isn't what actually happened to the Commons: they were stable and well-managed until other factors (e.g. rich people trying to acquire even more land) destabilized them. Hardin wasn't just inventing false histories out of a vacuum. He was, personally, a nasty piece of work: a white supremacist and eugenicist, and the Tragedy of the Commons paper is shot through with this vile ideology, arguing that poor people should not be given charity lest they breed beyond their means (Hardin also campaigned against food aid). Hardin was a director of the Federation for American Immigration Reform and the white nationalist Social Contract Press, and co-founded anti-immigrant groups like Californians for Population Stabilization and The Environmental Fund.

    (tags: commons capitalism racism garrett-hardin tragedy-of-the-commons politics privatization public-ownership)

Links for 2019-03-07

Published March 7, 2019

  • How Theranos used the USPTO to defraud investors and patients

    When legendary grifter Elizabeth Holmes was 19 years old, she conceived of a medical device that could perform extensive diagnostics in an eyeblink from only a single drop of blood; she had no idea how such a device would work or whether it was even possible, but that didn't stop her from drawing up a patent application for her "invention" and repeatedly submitting to the patent office until, eventually, she was awarded a patent for what amounted to a piece of uninspiring design fiction. For Holmes, the patent was key to convincing investors, partners, and patients that her massive, years-long fraud (a company called "Theranos" bilked investors out of hundreds of millions of dollars) was legit; the USPTO helped her out by trumpeting the importance of patents to "inventors" like Holmes, comparing her to Benjamin Franklin in their public communications. Patents are only supposed to be issued for devices with "utility" -- that is, they have to actually work before you can get a patent for them. But it's been decades since the USPTO has paid meaningful attention to this criterion when evaluating applications, handing out patents for imaginary "inventions" to con artists, delusional hucksters, and other "inventors" who are willing to pay the filing fees that keep the lights on at the Patent Office. And since most people only have a vague idea of the rigor used in patent examination, these patents for design fiction can be used as impressive "proof" when crooks set out to deceive their marks. [....] 'More than a decade after Holmes’ first patent application, Theranos had still not managed to build a reliable blood-testing device. By then the USPTO had granted it hundreds of patents. Holmes had been constructing a fantasy world from the minute she started writing her first application, and the agency was perfectly happy to play along.'

    (tags: fraud patents uspto theranos inventions boing-boing)

Links for 2019-03-06

Published March 6, 2019

  • National Climate Assessment: How to deal with despair over climate change - Vox

    The dominant narrative around climate change tells us that it’s our fault. We left the lights on too long, didn’t close the refrigerator door, and didn’t recycle our paper. I’m here to tell you that is bullshit. ... Don’t give in to that shame. It’s not yours. The oil and gas industry is gaslighting you. That same IPCC report revealed that a mere 100 companies are responsible for 71 percent of global climate emissions. These people are locking you and everything you love into a tomb. You have every right to be pissed all the way off. And we have to make them hear about it.

    (tags: climate climate-change anger capitalism ipcc fossil-fuels future)

  • camelcamelcamel, a free Amazon price tracker

    'Our free Amazon price tracker monitors millions of products and alerts you when prices drop, helping you decide when to buy.' Supports amazon.co.uk, handily

    (tags: amazon shopping deals buying money)

  • Why do remote meetings suck so much?

    Unstructured, "caucus"-style meetings suck particularly badly for remote workers.

    When audio/visual delays exacerbate the caucus problem for people who always get the floor in meetings, it looks to them like a new problem. It’s not new; it’s just normally experienced by people in meetings with lower caucus scores. Leadership doesn’t notice because people in leadership positions tend to have higher caucus scores, and being in a position of leadership also tends to boost your caucus score (basically because people interrupt you less). But that’s a weakness of the way we identify decision-makers: good ideas come from everywhere, and especially from people who do a lot of thinking and observing before they say anything. Making meetings more accessible to remote employees doesn’t just make meetings more accessible to remote employees; it makes meetings more accessible to everyone. 

    (tags: team meetings remote communication management caucus-score remote-work)

Links for 2019-03-05

Published March 5, 2019

Links for 2019-03-02

Published March 2, 2019

  • "Understanding Real-World Concurrency Bugs in Go" (paper)

    'Go advocates for the usage of message passing as the means of inter-thread communication and provides several new concurrency mechanisms and libraries to ease multi-threading programming. It is important to understand the implication of these new proposals and the comparison of message passing and shared memory synchronization in terms of program errors, or bugs. Unfortunately, as far as we know, there has been no study on Go’s concurrency bugs. In this paper, we perform the first systematic study on concurrency bugs in real Go programs. We studied six popular Go software including Docker, Kubernetes, and gRPC. We analyzed 171 concurrency bugs in total, with more than half of them caused by non-traditional, Go-specific problems. Apart from root causes of these bugs, we also studied their fixes, performed experiments to reproduce them, and evaluated them with two publicly-available Go bug detectors. Overall, our study provides a better understanding on Go’s concurrency models and can guide future researchers and practitioners in writing better, more reliable Go software and in developing debugging and diagnosis tools for Go.' (via Bill de hOra)

    (tags: via:dehora golang go concurrency bugs lint synchronization threading threads bug-detection)

Links for 2019-03-01

Published March 1, 2019

  • Paper: Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs

    a software based, large-scale regex matcher designed to match multiple patterns at once (up to tens of thousands of patterns at once) and to ‘stream‘ (that is, match patterns across many different ‘stream writes’ without holding on to all the data you’ve ever seen). To my knowledge this makes it unique. RE2 is software based but doesn’t scale to large numbers of patterns; nor does it stream (although it could). It occupies a fundamentally different niche to Hyperscan; we compared the performance of RE2::Set (the RE2 multiple pattern interface) to Hyperscan a while back. Most back-tracking matchers (such as libpcre) are one pattern at a time and are inherently incapable of streaming, due to their requirement to backtrack into arbitrary amounts of old input.

    (tags: regex regular-expressions algorithms hyperscan sensory-networks regexps simd nfa)

  • Thought-provoking thread on Facebook/YouTube content moderation

    Extremely thought-provoking thread on the horrors of Facebook/YouTube content moderation, from Andrew Strait:

    My time doing this work convinced me there is no ultimate mitigation measure for the mental harm it causes. Automation is not a silver bullet - it requires massive labeled data sets by moderators on a continuing basis to ensure accuracy and proper model fit. There are steps to make this process less worse, but IMO it all comes back to a basic question - what technologies are worth the incredible human suffering and cost that moderators will inevitably experience? Is image search worth it? Is YouTube? Is Facebook? I don't have an answer. But these platforms create the need for this kind of horrific work and that must be considered at the forefront of design and deployment of any platform, not as an afterthought.

    (tags: horror moderation youtube facebook video content mental-health andrew-strait image-search images labelling google)

Links for 2019-02-28

Published February 28, 2019

Links for 2019-02-25

Published February 25, 2019

  • 'digital health will lead to forms of enslavement we can barely imagine'

    Author and Consultant Gastroenterologist Dr. Seamus O'Mahony:

    Perhaps most alarming of all is his analysis of the future of the world of digital health - "Anyone with a smartphone will be monitoring themselves, or - more likely - will be monitored by some external agency. Health and life insurance companies will offer financial inducements to people to be monitored, and big corporations will undoubtedly make the wearing of health-tracking devices mandatory. The danger of all of this is that in countries where health care is paid for by insurance, a new underclass of uninsured people will emerge. Digital health," he points out, "is presented as something empowering, but the reality is that it will lead to forms of enslavement that we can barely imagine. Facebook and Google have shown how easily people hand over their privacy and personal data in return for a few shiny trinkets. They have also shown how this personal data can be monetised."

    (tags: health medicine tracking privacy insurance surveillance data)

Links for 2019-02-24

Published February 24, 2019

  • Cocktail similarity by Levenshtein distance

    Love it. 'I was recently figuring out a minimum-viable bar setup for making cocktails at home, and a system for memorizing & recording recipes. When I started writing down the first basic ingredients, I started noticing that cocktails are very close to each other - if you ignore fruit rinds and ice and such, an Americano is a Negroni with soda water instead of gin. An Old Fashioned is a Manhattan with sugar instead of vermouth. So I wondered - what’s a cocktail edit distance?'

    (tags: edit-distance levenshtein-distance algorithms visualization cocktails d3 recipes booze)

Links for 2019-02-21

Published February 21, 2019

  • Pinterest blocks vaccine-related searches in bid to fight anti-vaxx propaganda | Technology | The Guardian

    The phenomenon on display in the Facebook search result screenshots is known in technology circles as a “data void”, after a paper by the Data & Society founder and researcher danah boyd. For certain search terms, boyd explains, “the available relevant data is limited, non-existent, or deeply problematic”. In the case of vaccines, the fact that scientists and doctors are not producing a steady stream of new digital content about settled science has left a void for conspiracy theorists and fraudsters to fill with fear-mongering propaganda and misinformation. [...] Pinterest has responded by building a “blacklist” of “polluted” search terms. “We are doing our best to remove bad content, but we know that there is bad content that we haven’t gotten to yet,” explained Ifeoma Ozoma, a public policy and social impact manager at Pinterest. “We don’t want to surface that with search terms like ‘cancer cure’ or ‘suicide’. We’re hoping that we can move from breaking the site to surfacing only good content. Until then, this is preferable.”

    (tags: data-voids danah-boyd pinterest antivax vaccination misinformation disinfo vaccines truth blacklisting)

Links for 2019-02-18

Published February 18, 2019

Links for 2019-02-17

Published February 17, 2019

Links for 2019-02-15

Published February 15, 2019

Links for 2019-02-13

Published February 13, 2019

  • The curious case of disappearing buses

    Nice investigation into some dodgy pseudo-real-time bus location data in the Bristol real time passenger information system (via Tony Finch)

    So what have we learned? One thing we are sure is that data of different qualities – genuinely real-time, pseudo real-time (Type 2 and Type 1), and non-real-time (scheduled) data – all present in the data stream. Among these the most interesting are Type 2 pseudo real-time data. They appear to be the root cause of the phenomenon of disappearing buses. Type 2 pseudo-real-time data are not totally bogus. One possible explanation of their existence can be this. The bus company has limited but not full tracking information on some of their buses. For example, it may know the location of a bus only when the bus leaves the bus terminal. Instead of not showing any data at all about the bus, the bus company uses interpolation to predict the locations of the bus, and reports these as if those are real-time data.

    (tags: via:fanf bristol buses public-transport rtpi estimation open-data)

  • Blockchain: What's Not To Like?

    'We're in a period when blockchain or "Distributed Ledger Technology" is the Solution to Everything™, so it is inevitable that it will be proposed as the solution to the problems of academic communication and digital preservation. These proposals typically assume, despite the evidence, that real-world blockchain implementations actually deliver the theoretical attributes of decentralization, immutability, anonymity, security, scalability, sustainability, lack of trust, etc. The proposers appear to believe that Satoshi Nakamoto revealed the infallible Bitcoin protocol to the world on golden tablets; they typically don't appreciate or cite the nearly three decades of research and implementation that led up to it. This talk will discuss the mis-match between theory and practice in blockchain technology, and how it applies to various proposed applications of interest to the CNI audience.'
    Quite a collection of dunks on blockchain, Bitcoin, ICOs, the DAO, Ethereum, etc.

    (tags: talks bitcoin blockchain icos ethereum dao security)

  • Attack of the week: searchable encryption and the ever-expanding leakage function

    In all seriousness: database encryption has been a controversial subject in our field. I wish I could say that there’s been an actual debate, but it’s more that different researchers have fallen into different camps, and nobody has really had the data to make their position in a compelling way. There have actually been some very personal arguments made about it. The schools of thought are as follows: The first holds that any kind of database encryption is better than storing records in plaintext and we should stop demanding things be perfect, when the alternative is a world of constant data breaches and sadness. To me this is a supportable position, given that the current attack model for plaintext databases is something like “copy the database files, or just run a local SELECT * query”, and the threat model for an encrypted database is “gain persistence on the server and run sophisticated statistical attacks.” Most attackers are pretty lazy, so even a weak system is probably better than nothing. The countervailing school of thought has two points: sometimes the good is much worse than the perfect, particularly if it gives application developers an outsized degree of confidence of the security that their encryption system is going to provide them. If even the best encryption protocol is only throwing a tiny roadblock in the attacker’s way, why risk this at all? Just let the database community come up with some kind of ROT13 encryption that everyone knows to be crap and stop throwing good research time into a problem that has no good solution. I don’t really know who is right in this debate. I’m just glad to see we’re getting closer to having it.
    (via Jerry Connolly)

    (tags: cryptography attacks encryption database crypto security storage ppi gdpr search databases via:ecksor)

Links for 2019-02-07

Published February 7, 2019

  • using BGP to compute best paths across the London Underground

    this is deeply silly, but also very impressive (via Tony Finch)

    (tags: via:fanf bgp networking internet routing london-underground trains)

  • hrvach/fpg1

    a PDP-1 implementation in FPGA:

    DEC PDP-1 is a computer designed and produced in 1959. Considering the pace of change in computing, that might seem like the prehistoric age. However, it is also surprisingly modern and proves a point that the basic concepts still withstand the test of time. This project is trying to re-create this computer in FPGA and enable running the first real computer game, SpaceWar!, on a modern display and gamepad. It is designed to run on the MiSTer platform, a retro gaming system based on the Terasic DE10-Nano FPGA board. The implementation is done in Verilog, a hardware description language specifying the structure and behavior of digital logic circuits. This is not a software emulation because there is no CPU executing it. Since this is my first Verilog project ever and its purpose was to teach myself about FPGA, don't expect too much. Beginners often make mistakes or break best practice. Please keep this in mind. Advice and suggestions are welcome!

    (tags: pdp1 history computers spacewar fpga hardware verilog)

Links for 2019-02-06

Published February 6, 2019

  • Revealed: The dark-money Brexit ads flooding social media | openDemocracy

    Oh god, here we go again. Facebook ads need to be regulated.

    Over the last four months, the People’s Vote and Best for Britain campaigns spent £266,369 and £183,943, respectively. Neither of these anti-Brexit groups is fully transparent either: both publish some details about themselves, such as addresses, but do not publish full details of all funders and donors. During the same time period, Britain’s Future [which does not declare its funders and has no published address] has spent more than £200,000 on Facebook ads. While anti-Brexit spending has slowed down in recent weeks, however, adverts pushing a ‘no deal’ Brexit have spiked. Britain’s Future has spent more than £110,000 on Facebook ads since mid-January. It is not clear where the money for this huge ad push has come from.

    (tags: facebook advertising transparency brexit ads political-ads uk)

Links for 2019-02-04

Published February 4, 2019

  • An In-Depth Guide to Nginx Metrics

    decent list of what nginx offers in terms of instrumentation

    (tags: nginx metrics ops graphing scalyr)

  • Google Hired Gig Economy Workers for Project Maven

    Other tech giants are reportedly interested in engaging the military as it continues to deploy artificial intelligence technology. Much larger machine-learning projects may require vastly new engagement from gig economy workers, who may unknowingly engage in the work. “Workers absolutely should have the right to know what they are working on, and especially when moral or politically controversial activities are involved,” said Juliet Schor, a sociology professor at Boston College, in an email to The Intercept. “It’s a basic dimension of democracy, which should not stop at either the factory or the platform ‘door.’ For too long, the country has tolerated erosion of basic civil rights in the workplace, as corporations assume ever-more control over their workforces. It’s time to win them back.”

    (tags: google project-maven ai training labelling work ethics military)

Links for 2019-02-02

Published February 2, 2019

  • Understanding the bin, sbin, usr/bin , usr/sbin split

    omg. /usr/bin came about because Ken Thompson and Dennis Ritchie ran out of disk space on the root volume. Mind = blown

    You know how Ken Thompson and Dennis Ritchie created Unix on a PDP-7 in 1969? Well around 1971 they upgraded to a PDP-11 with a pair of RK05 disk packs (1.5 megabytes each) for storage. When the operating system grew too big to fit on the first RK05 disk pack (their root filesystem) they let it leak into the second one, which is where all the user home directories lived (which is why the mount was called /usr). They replicated all the OS directories under there (/bin, /sbin, /lib, /tmp...) and wrote files to those new directories because their original disk was out of space. When they got a third disk, they mounted it on /home and relocated all the user directories to there so the OS could consume all the space on both disks and grow to THREE WHOLE MEGABYTES (ooooh!).

    (tags: filesystem unix history ken-thompson dennis-ritchie disk-space usr)

Links for 2019-02-01

Published February 1, 2019

  • NYC cops now using Chinese "Sky Net" video surveillance systems

    This is absolutely scary. Systematic surveillance:

    The surveillance tools are identical to those used in Sky Net in China, the largest video surveillance system on Earth, Chinese government research institutes and a company involved in the project said. At a time when China and the United States are locked in a rivalry on several fronts including trade and technology, Hikvision – the world’s largest surveillance technology company, which is state-owned and based in Hangzhou in eastern China – has supplied the equipment and software used by an American force that polices a population of about 8.6 million people. It has been claimed that Hikvision’s system can accurately identify faces regardless of race, whereas some Western-developed technology had previously been more accurate for white people than for black citizens – although the NYPD has not discussed its reasons for using the Chinese technology. The Sky Net programme, now renamed Pingan Chengshi, or Safe Cities, claimed to have connected 170 million cameras across China last year. By 2020, another 400 million units will be installed, it said, casting a watchful eye on every two citizens. Beijing plans to be able to identify anyone, anytime, anywhere in China within three seconds.

    (tags: surveillance new-york nyc skynet china cctv hikvision)

  • Write tests. Not too many. Mostly integration. – kentcdodds

    Nice short summary of Kent Dodds' approach to testing, which I mostly agree with :)

    (tags: integration coding testing unit-tests integration-tests system-tests)

  • One Of The Biggest At-Home DNA Testing Companies Is Working With The FBI

    Family Tree reveal that they are providing access to customer-submitted DNA records:

    “We are nearing a de-facto national DNA database,” Natalie Ram, an assistant law professor at the University of Baltimore who specializes in bioethics and criminal justice, told BuzzFeed News. “We don’t choose our genetic relatives, and I cannot sever my genetic relation to them. There’s nothing voluntary about that.” Others aired similar concerns. “I would be very against Family Tree DNA allowing law enforcement to have open access to their DNA database,” Debbie Kennett, a British genealogy enthusiast and honorary research associate at University College London said. “I don’t think it’s right for law enforcement to use a database without the informed consent of the consumer.”
    (via Antonio Regalado)

    (tags: biometrics privacy dna family-tree via:antonio-regalado genealogy data-protection fbi us)

  • remote AC control for a Nissan Leaf using a Google Home

    'OK Google, heat up the car' - nifty

    (tags: ok-google google google-home nissan-leaf cars heating gadgets home)

Links for 2019-01-31

Published January 31, 2019

  • The right-wing history of the urban models which inspired SimCity

    Largely forgotten now, Jay Forrester’s Urban Dynamics put forth the controversial claim that the overwhelming majority of American urban policy was not only misguided but that these policies aggravated the very problems that they were intended to solve. In place of Great Society-style welfare programs, Forrester argued that cities should take a less interventionist approach to the problems of urban poverty and blight, and instead encourage revitalization indirectly through incentives for businesses and for the professional class. Forrester’s message proved popular among conservative and libertarian writers, Nixon Administration officials, and other critics of the Great Society for its hands-off approach to urban policy. This outlook, supposedly backed up by computer models, remains highly influential among establishment pundits and policymakers today.

    (tags: simulation cities society politics history simcity games jay-forrester will-wright sociology)

Links for 2019-01-30

Published January 30, 2019

  • The 26,000-Year Astronomical Monument Hidden in Plain Sight at the Hoover Dam

    This is amazing! I wish I'd noticed it when I visited Hoover Dam.

    The center of the circle traced by the axial precession is actually the massive flag pole in the center of the plaza. This axial circle is prominently marked around the pole, and the angle of Polaris was depicted as precisely as possible to show where it would have been on the date of the dam’s opening. Hansen used the rest of the plaza floor to show the location of the planets visible that evening, and many of the bright stars that appear in the night sky at that location. By combining planet locations with the angle of precession, we are able to pinpoint the time of the dam’s completion down to within a day. We are now designing a similar system?—?though with moving parts?—?in the dials of the 10,000 Year Clock. It is likely that at least major portions of the Hoover Dam will still be in place hundreds of thousands of years from now. Hopefully the Clock will still be ticking and Hansen’s terrazzo floor will still be there, even if it continues to baffle visitors.
    (Via Tony Finch)

    (tags: hoover-dam history precession astronomy long-now polaris vega thuban stars clocks)

  • Facial Recognition Is the Perfect Tool for Oppression

    'We believe facial recognition technology is the most uniquely dangerous surveillance mechanism ever invented. It’s the missing piece in an already dangerous surveillance infrastructure, built because that infrastructure benefits both the government and private sectors. And when technologies become so dangerous, and the harm-to-benefit ratio becomes so imbalanced, categorical bans are worth considering. The law already prohibits certain kinds of dangerous digital technologies, like spyware. Facial recognition technology is far more dangerous. It’s worth singling out, with a specific prohibition on top of a robust, holistic, value-based, and largely technology-neutral regulatory framework. Such a layered system will help avoid regulatory whack-a-mole where lawmakers are always chasing tech trends. Surveillance conducted with facial recognition systems is intrinsically oppressive. The mere existence of facial recognition systems, which are often invisible, harms civil liberties, because people will act differently if they suspect they’re being surveilled. Even legislation that holds out the promise of stringent protective procedures won’t prevent chill from impeding crucial opportunities for human flourishing by dampening expressive and religious conduct.'

    (tags: tech surveillance facial-recognition faces oppression future chilling-effects)

Links for 2019-01-29

Published January 29, 2019

  • Amendment-apocalypse: Spineless MPs just voted against reality

    ... in a way, it was typical May tactics. She prioritised vague promises over content. She sabotaged something - anything - in order to fight another day. She made promises she could not keep on issues she knew to be false. Once again, she said anything, anything at all, to survive just a little longer. [...] it has significant medium-term implications too. Firstly, it shows why the backstop was needed in the first place. This country has become an unreliable negotiating partner. It will demand something one day then seek to detonate it the next. The events in the Commons today actually had the ironic effect of reaffirming to the EU the need for the backstop insurance policy. On a broader level, we are about to go around the world asking for trade deals. But we're seen, by everyone, on the largest stage imaginable, to be fundamentally politically insane. We've gone mad and everyone is looking. This is as bleak a day as we have had in the entire Brexit process. All roads now seem blocked. MPs won't back an extension to Article 50. They won't back May's deal. And they won't back no-deal. They've opted for fairy tales over action. Things are looking very bad indeed.

    (tags: brexit politics uk eu backstop)

  • Security Things to Consider When Your Apartment Goes ‘Smart’

    Good advice, and I'd be pretty unhappy about this if it happened to me too.

    If you’re a tenant in the US, it’s very likely that a management-provided smart home system is headed your way in the near future. Carefully evaluate your family’s personal threat model, and consider the plausible digital ways which these systems could be exploited. Spend some time reading into the vendor. Respectfully and courteously encourage your property management company and their smart system vendor to adopt industry best practices in securing smart hubs physically and digitally, the networks they are connected to, and and resident data at rest and in transit in their infrastructure. Request your property managers clearly and decisively address privacy concerns such as data ownership and resale in writing. If solid answers in writing don’t assuage legitimate concerns, consider politely seeking an option to opt-out – and make your threat model clear to them, if you’re in a sensitive situation.

    (tags: locks iot security internetofshit tenancy renting smart-hubs smart-homes smart-locks)

Links for 2019-01-25

Published January 25, 2019

Links for 2019-01-24

Published January 24, 2019

  • We may finally know what causes Alzheimer’s – and how to stop it

    This is amazing:

    If you bled when you brushed your teeth this morning, you might want to get that seen to. We may finally have found the long-elusive cause of Alzheimer’s disease: Porphyromonas gingivalis, the key bacteria in chronic gum disease. That’s bad, as gum disease affects around a third of all people. But the good news is that a drug that blocks the main toxins of P. gingivalis is entering major clinical trials this year, and research published today shows it might stop and even reverse Alzheimer’s. There could even be a vaccine.
    (via John Looney)

    (tags: via:johnlooney gingivitis alzheimers brain health medicine teeth)

  • Brexit: debunking "trading on WTO terms"

    a favourite brexiteer talking point demolished

    (tags: wto trade brexit uk)

  • research!rsc: Our Software Dependency Problem

    The kind of critical examination of specific dependencies that I outlined in this article is a significant amount of work and remains the exception rather than the rule. But I doubt there are any developers who actually make the effort to do this for every possible new dependency. I have only done a subset of them for a subset of my own dependencies. Most of the time the entirety of the decision is “let’s see what happens.” Too often, anything more than that seems like too much effort. But the Copay and Equifax attacks are clear warnings of real problems in the way we consume software dependencies today. We should not ignore the warnings. I offer three broad recommendations. * Recognize the problem. If nothing else, I hope this article has convinced you that there is a problem here worth addressing. We need many people to focus significant effort on solving it. * Establish best practices for today. We need to establish best practices for managing dependencies using what’s available today. This means working out processes that evaluate, reduce, and track risk, from the original adoption decision through to production use. In fact, just as some engineers specialize in testing, it may be that we need engineers who specialize in managing dependencies. * Develop better dependency technology for tomorrow. Dependency managers have essentially eliminated the cost of downloading and installing a dependency. Future development effort should focus on reducing the cost of the kind of evaluation and maintenance necessary to use a dependency. For example, package discovery sites might work to find more ways to allow developers to share their findings. Build tools should, at the least, make it easy to run a package’s own tests. More aggressively, build tools and package management systems could also work together to allow package authors to test new changes against all public clients of their APIs. Languages should also provide easy ways to isolate a suspect package.

    (tags: dependencies software coding work)

Links for 2019-01-21

Published January 21, 2019

  • PhoneNumbers.ie

    'Do you want to find out information about an unknown caller?' -- reputation service for random callers in Ireland. Very useful to find out if others have received scammy calls from a given number

    (tags: reputation phone telephone callers scams phishing ireland)

  • The Plot Against George Soros

    The anti-Soros campaign was entirely artificial, as a means to elect Orban in Hungary:

    Orbán was busy creating a new, more dramatic story of the nation. Hungary, which had collaborated with the Nazis, was painted as a victim, surrounded by external enemies, under perpetual siege, first from the Ottomans, then the Nazis, and later the Communists. Hungary’s mission was clear: to defend against its enemies, and to preserve Christianity against encroaching Islam and secular forces. Against this backdrop, Finkelstein had an epiphany. What if the veil of the conspiracy were to be lifted and a shadowy figure appear, controlling everything? The puppet master. Someone who not only controlled the “big capital” but embodied it. A real person. A Hungarian. Strange, yet familiar. That person was Soros, Finkelstein told Birnbaum. Birnbaum was mesmerized: Soros was the perfect enemy. [....] Despite everything that followed, Birnbaum is proud of the campaign against Soros: “Soros was a perfect enemy. It was so obvious. It was the simplest of all products, you just had to pack it and market it.” The product was so good, it sold itself and went global. In 2017, Italians started talking about Soros-financed immigrant boats arriving on the shores. In the US, some people suspected Soros was behind the migrant caravan entering from Central America. A Polish member of parliament called Soros the “most dangerous man in the world.” Putin referred dismissively to Soros during a press conference with Trump in Helsinki. Trump even claimed that the demonstrations against Supreme Court candidate Brett Kavanaugh were sponsored by Soros. Today Finkelstein and Birnbaum’s work in Hungary has echoes everywhere. Birnbaum denied the suggestion that he had run anti-Soros campaigns outside of Hungary. But perhaps he didn’t have to. Anyone could pick up the ideas and run with them. Finkelstein and Birnbaum had turned Soros into a meme. Right-wing sites like Breitbart, or the Kremlin-controlled Russia Today, could simply adopt the Hungarian campaign, translate it into other languages, and feed it with local arguments. If right-wing movements want to campaign today, they can source Soros material from the internet. Anti-Soros material is a globalized, freely available, and adaptable open-source weapon. Birnbaum said it was the common denominator of the nationalist movement.

    (tags: george-soros conspiracies george-birnbaum antisemitism hungary arthur-finkelstein politics campaigning)

  • Stack Overflow: How We Do Monitoring - 2018 Edition

    interesting to see how the other half lives, as Stack Overflow is a .NET shop

    (tags: logging monitoring stack-overflow dotnet ops metrics)

  • 'The goal is to automate us': welcome to the age of surveillance capitalism

    “Surveillance capitalism,” she writes, “unilaterally claims human experience as free raw material for translation into behavioural data. Although some of these data are applied to service improvement, the rest are declared as a proprietary behavioural surplus, fed into advanced manufacturing processes known as ‘machine intelligence’, and fabricated into prediction products that anticipate what you will do now, soon, and later. Finally, these prediction products are traded in a new kind of marketplace that I call behavioural futures markets. Surveillance capitalists have grown immensely wealthy from these trading operations, for many companies are willing to lay bets on our future behaviour.” While the general modus operandi of Google, Facebook et al has been known and understood (at least by some people) for a while, what has been missing – and what Zuboff provides – is the insight and scholarship to situate them in a wider context. She points out that while most of us think that we are dealing merely with algorithmic inscrutability, in fact what confronts us is the latest phase in capitalism’s long evolution – from the making of products, to mass production, to managerial capitalism, to services, to financial capitalism, and now to the exploitation of behavioural predictions covertly derived from the surveillance of users.

    (tags: advertising technology surveillance facebook google adtech capitalism business)

Links for 2019-01-17

Published January 17, 2019

Links for 2019-01-16

Published January 16, 2019

Links for 2019-01-15

Published January 15, 2019

  • Serverless Computing: One Step Forward, Two Steps Back - Speaker Deck

    So much agreement with this slide deck, particularly the list of limitations of current FaaS: 15 min lifetimes; I/O bottlenecks; no inbound network comms; no specialized hardware; and the general horribleness of using DynamoDB or S3 state as a platform for distributed computing protocols.

    (tags: faas lambda serverless fail slides architecture aws dynamodb s3 cloud)

  • Some facts on immigration to Ireland

    Handy to have to hand next time right-wing talking points emerge:

    Let’s summarise: Ireland has a relatively high level of non-citizens in its population. But this is down to the high level of UK citizens and citizens from other English-speaking countries (US, Canada, Australia and New Zealand). Ireland has significantly fewer non-citizens from outside the English-speaking world than high-income EU countries. The proportion of non-citizens has remained stable over the last 10 years (i.e. there is no ‘surge’). Non-citizens in Ireland are more integrated into the labour market than any other high-income EU country – that is, there is lower unemployment among non-citizens. So much for the ‘sponging-off-the-state’ argument. We have had far fewer asylum-seekers and we grant asylum to far fewer than most other high-income EU countries. The claims of the Far Right and their allies collapse when we look to reality. 

    (tags: immigration facts statistics ireland asylum-seekers)

Links for 2019-01-14

Published January 14, 2019

  • The Embroidered Computer

    an exploration into using historic gold embroidery materials and knowledge to craft a programmable 8 bit computer. Solely built from a variety of metal threads, magnetic, glass and metal beads, and being inspired by traditional crafting routines and patterns, the piece questions the appearance of current digital and electronic technologies surrounding us, as well as our interaction with them. Technically, the piece consists of (textile) relays, similar to early computers before the invention of semiconductors. Visually, the gold materials, here used for their conductive properties, arranged into specific patterns to fulfil electronic functions, dominate the work. Traditionally purely decorative, their pattern here defines they function. They lay bare core digital routines usually hidden in black boxes. Users are invited to interact with the piece in programming the textile to compute for them.

    (tags: electronics computers computing art embroidery craft gold 8-bit)

  • Crunching The Numbers: How Much Will Your Electric Car Really Cost? | CleanTechnica

    some good real-world measurements from Germany. Ireland's residential electricity costs are roughly comparable to the Netherlands I think in price/kWh

    (tags: evs cars driving costs home household electricity)

  • Apache Iceberg (incubating)

    Coming to presto soon apparently....

    Iceberg tracks individual data files in a table instead of directories. This allows writers to create data files in-place and only adds files to the table in an explicit commit. Table state is maintained in metadata files. All changes to table state create a new metadata file and replace the old metadata with an atomic operation. The table metadata file tracks the table schema, partitioning config, other properties, and snapshots of the table contents. The atomic transitions from one table metadata file to the next provide snapshot isolation. Readers use the latest table state (snapshot) that was current when they load the table metadata and are not affected by changes until they refresh and pick up a new metadata location.
    excellent -- this will let me obsolete so much of our own code :)

    (tags: presto storage s3 hive iceberg apache asf data architecture)

Links for 2019-01-13

Published January 13, 2019

  • certain Irish surnames inherited ‘the cure’

    This is quite an odd superstition -- the belief that people with a certain surname could cure a specific ailment.

    Wicklow-born reader Mattie Lennon reminds me that certain Irish families used to hold monopolies over the treatment of individual disorders, based solely on their surnames. Mattie knows this from experience. As a child in the 1950s, he contracted shingles. And it was an article of faith then that anyone by the name of Keogh could cure that painful condition. There were no mysterious herbal concoctions involved: the power resided in their veins, literally. Thus a man named Darby Keogh was called, “bled his fingers, mixed the blood with holy water, and applied it”. Scoff all you like readers, but “it cured my shingles”, says Mattie,

    (tags: health history superstitions ireland wicklow quackery the-cure)

Links for 2019-01-11

Published January 11, 2019

  • PRNG-predicting bot ascends in Nethack in 7 minutes 15 seconds

    This is a really amazing hack!

    So, we could now go from starting inventory to RNG-seed in no time, but we still had to ascend. While we could write a simple “wish”-bot, get +127 Magicbane and then ascend by hand from there, achieving both fastest realtime and lowest turn count in the same game would not be easy. First idea was to start a NAO game, fetch the seed, then saving and perfecting the seed offline. It was quickly ruled out though as the game is reseeded each time it is started (i.e. when you load your game). Loooong story short, we wrote a bot. You had to play the first turns (offline) and move her to a non-magic fountain located next to a wall. If you died, no big deal, just retry on the same seed. This is why SWAGGINZZZ stood still for 6 minutes, we had absolutely horrible RNG when trying to get the specific fountain needed on dlvl2. The fountain is required for wishes. The wall is required to be able to offset the random state without advancing the game state – every time the character attempts to walk into a wall, it calls random() without wasting any in-game time. From the fountain, the bot ascends completely on her own.

    (tags: nethack random prng games hacks cheats nao amazing)

  • glibc changed their UTF-8 character collation ordering across versions, breaking postgres

    This is terrifying:

    Streaming replicas—and by extension, base backups—can become dangerously broken when the source and target machines run slightly different versions of glibc. Particularly, differences in strcoll and strcoll_l leave "corrupt" indexes on the slave. These indexes are sorted out of order with respect to the strcoll running on the slave. Because postgres is unaware of the discrepancy is uses these "corrupt" indexes to perform merge joins; merges rely heavily on the assumption that the indexes are sorted and this causes all the results of the join past the first poison pill entry to not be returned. Additionally, if the slave becomes master, the "corrupt" indexes will in cases be unable to enforce uniqueness, but quietly allow duplicate values.
    Moral of the story -- keep your libc versions in sync across storage replication sets!

    (tags: postgresql scary ops glibc collation utf-8 characters indexing sorting replicas postgres)

Links for 2019-01-10

Published January 10, 2019

  • A UK police force is dropping tricky cases on advice of an algorithm

    Wow, this is a terrible idea. It will definitely launder existing human bias into its decisions.

    However, because the technology bases its predictions on past investigations, any biases contained in those decisions may be reinforced by the algorithm. For example, if there are areas that don’t have CCTV and police frequently decided not to pursue cases there, people in those places could be disadvantaged. “When we train algorithms on the data on historical arrests or reports of crime, any biases in that data will go into the algorithm and it will learn those biases and then reinforce them,” says Joshua Loftus at Stanford University in California. [...] Police forces only ever know about crimes they detect or have reported to them, but plenty of crime goes unreported, especially in communities that have less trust in the police. This means the algorithms are making predictions based on a partial picture. While this sort of bias is hard to avoid, baking it into an algorithm may make its decisions harder to hold to account compared with an officer’s. John Phillips, superintendent at Kent Police, says that for the types of crimes that EBIT is being used for, under-reporting isn’t an issue and so shouldn’t affect the tool’s effectiveness.
    ....well, I guess that's OK then? I would have assumed under-reporting would be a massive source of bias alright....

    (tags: bias machine-learning ml ai cctv police uk kent policing)

Links for 2019-01-09

Published January 9, 2019

  • How Millennials Became The Burnout Generation

    That realization recast my recent struggles: Why can’t I get this mundane stuff done? Because I’m burned out. Why am I burned out? Because I’ve internalized the idea that I should be working all the time. Why have I internalized that idea? Because everything and everyone in my life has reinforced it — explicitly and implicitly — since I was young. Life has always been hard, but many millennials are unequipped to deal with the particular ways in which it’s become hard for us.

    (tags: burnout life work workaholism millenials anxiety)

  • White Matter Integrity in Obstructive Sleep Apnea before and after Treatment

    Sleep Apnea causes physical damage to the brain, particularly in white matter fibre integrity. Thankfully, it is reversible.

    Results in pre-treatment OSA patients showed impairments in most cognitive areas, mood and sleepiness that were associated with diffuse reduction of WM fiber integrity reflected by diminished fractional anisotropy (FA) and mean diffusivity (MD) in multiple brain areas. After 3 months of CPAP, only limited changes of WM were found. However, over the course of 12 months CPAP treatment, an almost complete reversal of WM abnormalities in all the affected regions was observed in patients who were compliant with treatment. Significant improvements involving memory, attention, and executive-functioning paralleled WM changes after treatment.

    (tags: brain brain-damage sleep sleep-apnea snoring medicine papers)

  • "Cracking the Coding Interview" handouts

    amazing handouts for interviewees looking to do well in technical interviews; there are 3, coding, PM, and soft-skills-oriented. I'm on the other side of the table these days but these are fantastic

    (tags: interviews coding career interviewing hiring)

Links for 2019-01-08

Published January 8, 2019

  • AWS Service SLAs

    The goal of this page is to high-light the lack of coverage AWS provides for its services across different security factors. These limitations are not well-understood by many. Further, the "Y" fields are meant to indicate that this service has any capability for the relevant factor. In many cases, this is not full coverage for the service, or there are exceptions or special cases.

    (tags: amazon aws services slas ops reliability)

  • Trek10 | From relational DB to single DynamoDB table: a step-by-step exploration

    tl;dr:

    Is modeling my relational database in a single DynamoDB table really a good idea? About a year ago, I wrote a fairly popular article called “Why DynamoDB isn’t for everyone”. Many of the technical criticisms of DynamoDB I put forth at that time (lack of operational controls such as backup/restore; a persistent problem with hot keys) have since been partially or fully resolved due to a truly awe-inspiring run of feature releases from the DynamoDB team. However, the central argument of that article remains valid: DynamoDB is a powerful tool when used properly, but if you don’t know what you’re doing it’s a deceptively user-friendly guide into madness. And the further you stray into esoteric applications like relational modeling, the more sure you’d better be that you know what you’re getting into. Especially with SQL-friendly “serverless” databases like Amazon Aurora hitting their stride, you have a lot of fully-managed options with a smaller learning curve.

    (tags: dynamodb databases storage nosql sql relational aws relations)

  • Give Up the Ghost: A Backdoor by Another Name | Just Security

    Now that GCHQ have asked for this, I suspect plenty of other government bodies around the world will be looking for similar.

    They’re talking about adding a “feature” that would require the user’s device to selectively lie about whether it’s even employing end-to-end encryption, or whether it’s leaking the conversation content to a third (secret) party. Is the security code displayed by your device a mathematical representation of the two keys involved, or is it a straight-up lie? Furthermore, what’s to guarantee that the method used by governments to insert the “ghost” key into a conversation without alerting the users won’t be exploited by bad actors? Despite the GCHQ authors’ claim, the ghost will require vendors to disable the very features that give our communications systems their security guarantees in a way that fundamentally changes the trust relationship between a service provider and its users. Software and hardware companies will never be able to convincingly claim that they are being honest about what their applications and tools are doing, and users will have no good reason to believe them if they try. And, as we’ve seen already seen, GCHQ will not be the only agency in the world demanding such extraordinary access to billions of users’ software. Australia was quick to follow the UK’s lead, and we can expect to see similar demands, from Brazil and the European Union to Russia and China. (Note that this proposal would be unconstitutional were it proposed in the United States, which has strong protections against governments forcing actors to speak or lie on its behalf.) We must reject GCHQ’s newest “ghost” proposal for what it is: a mandated encryption backdoor that weakens the security properties of encrypted messaging systems and fundamentally compromises user trust.

    (tags: crypto ghost gchq security backdoors uk)

  • FFmpeg, SOX, Pandoc and RSVG for AWS Lambda

    OK-ish way to add dependencies to your Lambda containers:

    The basic AWS Lambda container is quite constrained, and until recently it was relatively difficult to include additional binaries into Lambda functions. Lambda Layers make that easy. A Layer is a common piece of code that is attached to your Lambda runtime in the /opt directory. You can reuse it in many functions, and deploy it only once. Individual functions do not need to include the layer code in their deployment packages, which means that the resulting functions are smaller and deploy faster. For example, at MindMup, we use Pandoc to convert markdown files into Word documents. The actual lambda function code is only a few dozen lines of JavaScript, but before layers, each deployment of the function had to include the whole Pandoc binary, larger than 100 MB. With a layer, we can publish Pandoc only once, so we use significantly less overall space for Lambda function versions. Each code change now requires just a quick redeployment.

    (tags: serverless lambda dependencies deployment packaging ops)

  • Allthefood

    Decent new Dublin food blog -- reviews and news. Like a Harbo-free version of Lovin' Dublin

    (tags: dublin food eating restaurants reviews)

Links for 2019-01-04

Published January 4, 2019

  • We’ll Never Know Whether Monorepos Are Better

    This makes sense to me where the monorepo-vs-polyrepo argument is concerned -- it's another religious war:

    About six months after the project was declared “done” (but there was always more to do, more improvements to make to our homegrown dependency management solution), we had a retrospective meeting. The same engineers who had taken sides, for and against the project, were again assembled to discuss how it went. One of the main opponents went first. “Thank goodness we’re finally having this retrospective,” he said. “I think we can all see that this experiment has been a colossal failure and that it’s time for us to change course and roll back to monorepo.” “What do you mean?” one of the main multirepo advocates replied. “This was one of the best decisions we’ve ever made!” This really shocked me. We had access to all of the data you could possibly want to evaluate the decision. The same engineers working with the same codebase had seen what it was like in the monorepo model and the multirepo model. We knew exactly how much it had actually cost to switch. We had lived with the advantages and disadvantages of both models. But still we couldn’t come to an agreement. That retrospective taught me to be humble in my ambitions to “improve” engineering productivity. There’s no way to measure productivity in software, so there’s no way to know whether controversial, expensive “productivity enhancing” projects actually deliver on their promise, even in hindsight.

    (tags: monorepo productivity dev engineering coding polyrepo)

Links for 2019-01-03

Published January 3, 2019

  • I Accidentally Made Myself Lactose Intolerant With Whole30

    A few years back, I had a nasty bout of food poisoning while travelling, which made me lactose-intolerant for several years. Sounds like this may be more common than you'd think, based on this article:

    If you haven’t heard of Whole30, some information: It’s a month-long eating plan that aims to help followers hit “the reset button with your health, habits, and relationship with food.” For 30 days, you cut out soy, legumes, grains, sugars, alcohol, and, of course, dairy. [....] When you reach the end of the Whole30, you’re supposed to add the forbidden food groups back into your diet one at a time. The goal is to figure out which foods are making you feel sluggish, bloated, or just generally not great, so you can ostensibly keep on avoiding them forever. I didn’t do that part. I just jumped right back into eating what I wanted — but suddenly nothing was the same. That first bowl of ice cream I’d been looking forward to for weeks was quickly followed by sharp stomach pains and what can best be described (grossly, but accurately) as bubble gut. [....] The good news, according to gastrointestinal specialist Kim Barrett, a professor of medicine at the University of California, San Diego, is that I’m not crazy. The bad news is that dairy no longer agrees with my body’s biology. Turns out, it is possible to suddenly make yourself lactose intolerant. “To some extent, our ability to handle lactose is a use-it-or-lose-it phenomenon,” Barrett says. The body digests lactose — a disaccharide — by using lactase, an enzyme in the small intestine, to break it down into the monosaccharides glucose and galactose, which can then be absorbed. “If you don’t have the [lactose] substrate in the diet, you start to reduce the synthesis of the lactase enzyme to digest it,” Barrett explains. “After a period of completely excluding lactose from the diet, you may not have any of those digestive enzymes present.”

    (tags: diet food lactose lactase intolerance whole30 milk cheese)

Links for 2019-01-02

Published January 2, 2019

  • The Hydrogen Fuel Cell Scam

    The need to have a massive and costly buildout of [hydrogen refuelling] infrastructure remains one of the most glaring problems of a supposed transition to a hydrogen economy. The cost of a single hydrogen fueling station is likely to be over $2 million. This is in contrast to the relatively modest $50,000 cost of deploying a high-speed battery-electric car charging station. Another factor here is the reality of putting into place an all-new infrastructure from scratch versus building off of an already existing electrical infrastructure that exists in every developed nation.  The fact that every building, garage, and lamp post in the US is already electrified means we simply have to add one final component to the existing and established network.

    (tags: hydrogen green driving cars fuel fossil-fuels decarbonisation)

  • Don’t buy a 5G smartphone—at least, not for a while | Ars Technica

    wow, 5G sounds like it's going to be terrible

    (tags: 5g 4g mobile-phones mobile tech hardware radio)

  • Risky business: linking _Toxoplasma gondii_ infection and entrepreneurship behaviours across individuals and countries | Proceedings of the Royal Society B: Biological Sciences

    Using a saliva-based assay, we found that students (n = 1495) who tested IgG positive for Toxoplasma gondii exposure were 1.4× more likely to major in business and 1.7× more likely to have an emphasis in ‘management and entrepreneurship' over other business-related emphases. Among professionals attending entrepreneurship events, T. gondii-positive individuals were 1.8× more likely to have started their own business compared with other attendees (n = 197). Finally, after synthesizing and combining country-level databases on T. gondii infection from the past 25 years with the Global Entrepreneurship Monitor of entrepreneurial activity, we found that infection prevalence was a consistent, positive predictor of entrepreneurial activity and intentions at the national scale, regardless of whether previously identified economic covariates were included. Nations with higher infection also had a lower fraction of respondents citing ‘fear of failure' in inhibiting new business ventures. While correlational, these results highlight the linkage between parasitic infection and complex human behaviours, including those relevant to business, entrepreneurship and economic productivity.

    (tags: science biology infection toxoplasmosis parasites humans behaviour entrepreneurs business brains economics)

Links for 2018-12-20

Published December 20, 2018

  • slides from "Distributed Log-Processing Design Workshop", SRECon Americas 2018

    Fantastic presentation discussing the kinds of design criteria used when architecting a large-scale data processing and storage service. Interesting to see some Google terminology, e.g. "dimensioning" -- ballparking the expected scalability numbers, bandwidth, qps, and limits.

    (tags: distributed-systems coding design architecture google photon logs log-storage slides srecon)

  • Zstandard: How Facebook increased compression speed - Facebook Code

    very cool; particularly the high level of support for external-dictionary compression

    (tags: facebook compression zstd zstandard dictionary-compression)

  • The Holiday Drink of 2018: Cognac Punch

    Looks tasty, albeit pricey and strong:

    London Punch House Punch By David Wondrich Ingredients: 4 Lemons 6 oz (3/4 cup) White sugar 20 oz Hennessy Privilege VSOP Cognac 6 oz Jamaican rum 1 quart (4 cups) Cold water Glass: Punch cup Garnish: Freshly grated nutmeg Directions: The day before you serve the punch, fill a quart container with water and put it in the freezer. Peel 4 lemons in long spirals and put the peels into a mason jar with 6 oz (3/4 cup) of white sugar. Seal the jar, shake it and let sit overnight. Two hours before you serve the punch, unseal the mason jar, add 6 oz (3/4) cup fresh-squeezed, strained lemon juice, reseal and shake until all the sugar has dissolved. Refrigerate. To assemble the punch, unmold the ice block and place it in a 1-gallon punch bowl. Shake the contents of the mason jar and pour it into the punch bowl unstrained, peels and all. Add 20 oz (2-and-a-half cups) Hennessy Privilege VSOP Cognac and 6 oz (3/4 cup) Jamaican rum. Stir. Add 1 quart (4 cups) cold water. Stir again and grate nutmeg on top. Using a punch ladle, drape a few ends of the spiral lemon peels over the rim of the bowl. Grate nutmeg over the top.

    (tags: punch cognac hennessy recipes rum)

Links for 2018-12-18

Published December 18, 2018

  • Remove Background from Image

    A fully automated background-removal tool. Nicely done

    (tags: images editing tools background graphics)

  • Google used a Baidu front-end to scrape user searches without consent

    The engineers used the data they pulled from [acquired Baidu front-end site] 265.com to learn about the kinds of things that people located in mainland China routinely search for in Mandarin. This helped them to build a prototype of Dragonfly. The engineers used the sample queries from 265.com, for instance, to review lists of websites Chinese people would see if they typed the same word or phrase into Google. They then used a tool they called “BeaconTower” to check whether any websites in the Google search results would be blocked by China’s internet censorship system, known as the Great Firewall. Through this process, the engineers compiled a list of thousands of banned websites, which they integrated into the Dragonfly search platform so that it would purge links to websites prohibited in China, such as those of the online encyclopedia Wikipedia and British news broadcaster BBC. Under normal company protocol, analysis of people’s search queries is subject to tight constraints and should be reviewed by the company’s privacy staff, whose job is to safeguard user rights. But the privacy team only found out about the 265.com data access after The Intercept revealed it, and were “really pissed,” according to one Google source.

    (tags: china search tech google privacy baidu interception censorship great-firewall dragonfly)

  • awslabs/amazon-kinesis-scaling-utils

    The Kinesis Scaling Utility is designed to give you the ability to scale Amazon Kinesis Streams in the same way that you scale EC2 Auto Scaling groups – up or down by a count or as a percentage of the total fleet. You can also simply scale to an exact number of Shards. There is no requirement for you to manage the allocation of the keyspace to Shards when using this API, as it is done automatically. You can also deploy the Web Archive to a Java Application Server, and allow Scaling Utils to automatically manage the number of Shards in the Stream based on the observed PUT or GET rate of the stream.

    (tags: kinesis scaling scalability shards sharding ops)

  • The “Bart” — sudden hundreds-of-Bitcoin pumps or dumps, to burn the margin traders

    Finance journalists need to stop treating crypto as an efficient market that responds to concerns. It’s a thinly-traded unregulated playground for whales, out to wreck the margin traders. A $400 dip in fifteen minutes is not a “market signal” — it’s a deliberate dump to manipulate the price. Though there’s still downward pressure on the price — all the suckers from the bubble have gone home, so they’re not buying … but the miners still have to sell coins for actual money to pay for their electricity. And even more so now that the price of mining one bitcoin is at — or above — what you could get for selling that bitcoin. So one minute you’ll see a sudden $100 increase in the price that cost 130 BTC of dollars — and those are actual dollars going in — followed the next minute by a matching $100 drop that came from selling only 30 BTC. It’s much easier to drop the price than raise it.

    (tags: investing bitcoin via:harikunzru cryptocurrency pump-and-dump barts finance margin-traders currencies fraud)

Links for 2018-12-13

Published December 13, 2018

Links for 2018-12-11

Published December 11, 2018

  • Notebookcheck's Top 10 Tablets under 250 Euros

    a decent list of low-end tablets, given the season

    (tags: tablets devices hardware android gadgets xmas)

  • A primer on privacy as "contextual integrity"

    A primer on privacy as "contextual integrity" and why privacy notices on mobile platforms (both Android and iOS) are insufficient for attaining informed consent. If your doctor asked for permission to collect your medical history, you would probably say yes. However, if that doctor asked to collect your medical history to give to marketers for advertising purposes, you would probably decline. The difference is, in the first case, you're making assumptions about how the data will be used based on who is making the request. Knowing just the type of data requested and the requester are insufficient to make an informed decision: people also consider the purpose and other constraints (e.g., will data be resold, stored securely, etc.), which are equally important factors.
    (via Karlin)

    (tags: privacy context understanding mobile data-protection permission opt-in)

Links for 2018-12-10

Published December 10, 2018

  • Makisu

    Uber’s Fast, Reliable Docker Image Builder for Apache Mesos and Kubernetes.

    we built our own image building tool, Makisu, a solution that allows for more flexible, faster container image building at scale. Specifically, Makisu: requires no elevated privileges, making the build process portable. uses a distributed layer cache to improve performance across a build cluster. provides flexible layer generation, preventing unnecessary files in images. is Docker-compatible, supporting multi-stage builds and common build commands.

    (tags: makisu docker containers ops build mesos kubernetes building)

Links for 2018-12-09

Published December 9, 2018

  • Billionaires Are the Leading Cause of Climate Change

    That's largely because there is no "free market" incentive to prevent disaster. An economic environment where a company is only considered viable if it's constantly expanding and increasing its production can't be expected to pump its own brakes over something as trivial as pending global catastrophe. Instead, market logic dictates that rather than take the financial hit that comes with cutting profits, it's more reasonable to find a way to make money off the boiling ocean. Nothing illustrates this phenomenon better than the burgeoning climate-change investment industry. According to Bloomberg, investors are looking to make money off of everything from revamped food production to hotels for people fleeing increasingly hurricane-ravaged areas. A top JP Morgan Asset investment strategist advised clients that sea-level rise was so inevitable that there was likely a lot of opportunity for investing in sea-wall construction.

    (tags: capitalism environment politics future climate-change doom)

Links for 2018-12-06

Published December 6, 2018

  • Irish agricultural CO2 emissions actually INCREASED by 2.9% last year

    Irish EPA: agriculture greenhouse gas emissions increased by 2.9% in 2017 “The most significant drivers are higher dairy cow numbers (+3.1%) which reflects national plans to expand milk production”
    Feck's sake.

    (tags: epa ireland co2 greenhouse-gases emissions green farming agriculture)

  • "Bring home the bacon" debate is a case study in how stupid we've all become

    Well said, that Carl Kinsella.

    How are we supposed to focus on the things that matter when media organisations refuse to? Ivan Yates and Matt Cooper ran a segment on whether or not we've reached political correctness. Niall Boylan had a discussion about whether or not it's okay to ban phrases that nobody really wants to ban [as PETA has suggested]. As a matter of pure coincidence, other reports from outlets like the Daily Mail and Today FM reported that the HSE was going to ban its employees from using phrases like "love," "pet" or "dear." That wasn't true either. Again, it was one line in a huge report that asked the question as to whether or not it was the best course of action to use such terms. It wasn't mentioned again. Unlike phrases about meat, this actually matters. This is the kind of thing that could actually change how people are treated in hospital. But again, it wasn't true. The public – which has lost its capacity to verify what is true and what is not — was being lied to by the media. That's how it works now.

    (tags: media clickbait fake-news news today-fm daily-mail hse niall-boylan peta controversy political-correctness ivan-yates matt-cooper)

Links for 2018-12-05

Published December 5, 2018

Links for 2018-11-30

Published November 30, 2018

  • House Democrats Sent A New Letter To Jeff Bezos About Amazon’s Facial Recognition Tool

    The House Democrats’ questions focus largely on possible embedded bias in Amazon Rekognition, including how the tool’s accuracy breaks down by race, gender, ethnicity, and age. Also of particular concern is whether Amazon will build privacy protections into its facial recognition system and how it will ensure it is not abused for secret government surveillance. [....] Meanwhile, Jeff Bezos has yet to address mounting criticism of Amazon’s Rekognition technology by Amazon employees, shareholders, and civil rights groups. In November, Amazon executives defended the company’s controversial facial recognition technology at an all-hands staff meeting after employees raised civil rights concerns about the tech’s potential misuse. “It’s hard to trust that harm and abuse can be prevented if it is only post-mortem and through the Terms of Service,” an Amazon employee who requested anonymity told BuzzFeed News at the time.

    (tags: rekognition aws privacy data-protection surveillance amazon us-politics civil-rights)

  • Google Tried to Patent My Work After a Job Interview

    I looked up the patent application and luckily, this time the patent application was still being reviewed by the patent examiner.  It had not issued! The provisional was filed August 29, 2014, months after my first interview and visit back in March 2014.  Two of the inventors listed were the same people who had interviewed me. 
    This is frankly appalling behaviour from Google -- total abuse of the patent system. If Joi Ito hadn't been around to mediate this patent probably would have issued and this researcher's life's work stolen from her through IP dirty tricks. (Also, patents need to die)

    (tags: patents software-patents google dirty-tricks interviewing ip mit medialab paper jie-qi)

  • Crowdfunding Backer Patented My Project

    I had thought thought all along that if we published everything openly, it wouldn’t be possible for someone else to patent stuff that’s already all over the web.  But I was wrong. Despite tons of prior art out on the web, in academic research papers and even for sale that are LED stickers, the patent examiner missed it and deemed the LED sticker patent “new” and “non-obvious.”   How could that happen?  The sad truth is that patents are approved all that time that probably shouldn’t be. [...] Can’t you invalidate the patent? Unfortunately, once a patent gets issued things get much more complicated and expensive. The cheapest option would be for us to go to the USPTO with our prior art list and invalidate the patent though a process called an inter partes review (IPR).  But such a process typically costs between $300,000 and $600,000 to file due to legal fees. In fact, it’s much more than the cost of getting the patent in the first place! So for now, we’ve decided not to go down this route.
    The US patent system is broken. This is appalling

    (tags: patents led-stickers uspto prior-art invention crowdfunding)

  • PRDD - Performance-Review Driven Development

    'If the way to get promoted is to launch a shiny new product, then your most senior people will be the best at finding shiny new products to launch, even if that's not the right technical decision to make.' (from a newsy thread about Twitter's latest messaging system switch)

    (tags: newsy messaging infrastructure twitter kafka pubsub ops architecture prdd performance-reviews)

Links for 2018-11-29

Published November 29, 2018

  • Presto Performance for Ad Hoc Workloads on AWS Instance Types

    good benchmark/review of instance types from Qubole

    (tags: qubole presto performance benchmarks ops aws instances ec2)

  • Party Parrot as a Service

    Enter an image URL and it'll generate an animated GIF of the party parrot version

    (tags: party-parrot gifs funny slack emojis)

  • event-stream vulnerability explained - Zach Schneider

    This was an incredibly clever attack, very reminiscent of this blog post from January about how a similar attack might work. The attacker covered their tracks well — the code and commit log on GitHub all tell an innocuous and fairly common story (a new maintainer joins a project, adds a feature, and then tweaks the implementation of their feature a bit). Other than the warning signs about flatmap-stream (new package, no contributors or download activity), the attack was virtually undetectable. And indeed, it wasn’t discovered for over two months — it was only found because the attacker made a tiny mistake and used the deprecated crypto.createDecipher rather than crypto.createDecipheriv, which raised a suspicious deprecation warning in another library that consumes event-stream. Unfortunately, this genre of attack isn’t going away anytime soon. JavaScript is the most popular language right now and it’s not really close, meaning it will continue to be an attractive target for hackers. JavaScript also has relatively few standard-library convenience features compared to other languages, which encourages developers to import them from npm packages instead — this, along with other cultural factors, means that JavaScript projects tend to have massive dependency trees.
    (via Nelson)

    (tags: npm malware bitcoin security javascript event-stream flatmap-stream hacks)

Links for 2018-11-28

Published November 28, 2018

Links for 2018-11-27

Published November 27, 2018

Links for 2018-11-26

Published November 26, 2018

  • Linkerd 2.0

    The 2.0 release of Linkerd brings two very significant changes. First, we’ve completely rewritten Linkerd to be orders of magnitude faster and smaller than Linkerd 1.x. Linkerd 2.0’s data plane is comprised of ultralight Rust proxies which consume around 10mb of RSS and have a p99 latency of <1ms. Linkerd’s minimalist control plane (written in Go) is similarly designed for speed and low resource footprint. Second, with the 2.0 release, Linkerd moves beyond the service mesh model to be something not more, but less: Linkerd 2.0 at its core is a service sidecar, running on a single service without requiring cluster-wide installation. This means that if you’re a developer or service owner who doesn’t have access to the whole Kubernetes cluster, you can run Linkerd on your service and get: Instant Grafana dashboards of your service’s success rates, latencies, and throughput; A topology graph of incoming and outgoing dependencies; A live view of requests being made to your service; Improved, latency-aware load balancing; … and much more.

    (tags: linkerd mesh networking services architecture sidecars)

Links for 2018-11-24

Published November 24, 2018

  • MuMufication

    the act of having a small portion of your cremated remains fired in a Brickof Mu. MuMufied is what you will be after the act of MuMufication has been carried out. What you get in the here and now is a Brick of Mu and a signed and stamped Certificate of MuMufication. What you get after you die is 23 grams of yours cremated remains fired in your Brick of Mu, which will then be laid to rest on The People’s Pyramid come the following Toxteth Day of the Dead on 23rd of November.

    (tags: klf mu mumufication 23 eris discordianism religion death toxteth liverpool cremation pyramids)

Links for 2018-11-21

Published November 21, 2018

  • Introducing Predictive Scaling for Amazon EC2 in AWS Auto Scaling

    Predictive Scaling predicts future traffic based on daily and weekly trends, including regularly-occurring spikes, and provisions the right number of EC2 instances in advance of anticipated changes. Provisioning the capacity just in time for an impending load change makes Auto Scaling faster than ever before. Predictive Scaling’s machine learning algorithms detect changes in daily and weekly patterns, automatically adjusting their forecasts. This removes the need for manual adjustment of Auto Scaling parameters over time, making Auto Scaling simpler to configure and consume. Auto Scaling enhanced with Predictive Scaling delivers faster, simpler, and more accurate capacity provisioning to our customers.
    Fantastic! More heavy lifting taken care of.

    (tags: aws amazon scaling autoscaling predictive-scaling ml ec2 asg)

  • Awful AI

    Artificial intelligence in its current state is unfair, easily susceptible to attacks and notoriously difficult to control. Nevertheless, more and more concerning uses of AI technology are appearing in the wild. This list aims to track all of them. We hope that Awful AI can be a platform to spur discussion for the development of possible contestational technology (to fight back!).

    (tags: ai algorithms ethics technology machine-learning)

Links for 2018-11-20

Published November 20, 2018

  • Some notes about HTTP/3

    Robert Graham from ErrataSec on QUIC aka HTTP/3: 'Google (pbuh) has both the most popular web browser (Chrome) and the two most popular websites (#1 Google.com #2 Youtube.com). Therefore, they are in control of future web protocol development.' Faster connection setup and latency; better bandwidth negotiation when using multiplexing; user-mode stacks by building on UDP and using recvmmsg(); and better mobile support for roaming IPs.

    (tags: google http3 quic protocols ip)

  • Traditional Chinese medicine origins: Mao invented it but didn’t believe in it

    Mikulski and the rest of the Senate may be surprised to learn that they were repeating 60-year-old justifications of Chinese medicine put forward by Chairman Mao. Unlike Mikulski, however, Mao was under no illusion that Chinese medicine—a key component of naturopathic education—actually worked. In The Private Life of Chairman Mao, Li Zhisui, one of Mao’s personal physicians, recounts a conversation they had on the subject. Trained as an M.D. in Western medicine, Li admitted to being baffled by ancient Chinese medical books, especially their theories relating to the five elements. It turns out his employer also found them implausible. 
    via Dr. Jen Gunter

    (tags: medicine tcm mao history china health naturopathy)

Links for 2018-11-19

Published November 19, 2018

  • Java's ByteBuffer native memory "leak"

    Well this is suboptimal:

    The Java NIO APIs use ByteBuffers as the source and destination of I/O calls, and come in two flavours. Heap ByteBuffers wrap a byte[] array, allocated in the garbage collected Java heap. Direct ByteBuffers wrap memory allocated outside the Java heap using malloc. Only "native" memory can be passed to operating system calls, so it won't be moved by the garbage collector. This means that when you use a heap ByteBuffer for I/O, it is copied into a temporary direct ByteBuffer. The JDK caches one temporary buffer per thread, without any memory limits. As a result, if you call I/O methods with large heap ByteBuffers from multiple threads, your process can use a huge amount of additional native memory, which looks like a native memory leak. This can cause your process to unexpectedly run into memory limits and get killed.

    (tags: jvm performance java memory leaks bytebuffers netty threads coding bugs)

  • The Time Our Provider Screwed Us

    Good talk (with transcript) from Paul Biggar about what happened when CircleCI had a massive security incident, and how Jesse Robbins helped them do incident response correctly. 'On the left, Jesse pointed out that we needed an incident commander. That’s me, Paul. And this is very good, because I was a big proponent, I think lots of were around the 2013 mark, of flat organizational structures, and so I hadn’t really got a handle of this whole being in charge thing. The fact that someone else came in and said, “No, no, no, you are in charge”: extremely useful. And he also laid out the order of our priorities. Number one priority; safety of customers. Number two priority: communicate with customers. Number three priority: recovery of service. I think a reasonable person could have put those in a different order, especially under the pressure and time constraints of the potential company-ending situation. So I was very happy to have those in order. If this is ever going to happen to you, I’d memorize them, maybe put it on an index card in your pocket, in case this ever happens. The last thing he said is to make sure that we log everything, that we go slow, and that we code review and communicate. His point there is that if we’re going to bring our site back up, if we’re going to do all the things that we need to do in order to save our business and do the right thing for our customers and all that, we can’t be making quick, bad decisions. You can’t just upload whatever code is on your computer now, because I have to do this now, I have to fix it. So we set up a Slack channel … This was pre-Slack; it was a HipChat channel, where all of our communications went. Every single communication that we had about this went in that chatroom. Which came in extremely useful the next day, when I had to write a blog post that detailed exactly what had happened and all the steps that we did to fix it and remediate this, and I had an exact time stamps of all the things that had happened.'

    (tags: incidents incident-response paul-biggar circleci security communication outages)

  • Deep learning can "discover" new knowledge from scans/images

    Amazing paper:

    Here, we show that deep learning can extract new knowledge from retinal fundus images. Using deep-learning models trained on data from 284,335 patients and validated on two independent datasets of 12,026 and 999 patients, we predicted cardiovascular risk factors not previously thought to be present or quantifiable in retinal images, such as age (mean absolute error within 3.26 years), gender (area under the receiver operating characteristic curve (AUC)?=?0.97), smoking status (AUC?=?0.71), systolic blood pressure (mean absolute error within 11.23?mmHg) and major adverse cardiac events (AUC?=?0.70). We also show that the trained deep-learning models used anatomical features, such as the optic disc or blood vessels, to generate each prediction.

    (tags: deep-learning data analysis ml machine-learning health medicine papers)

  • OpsMop

    'a next-generation, no-compromise automation system'.

    Uses: Web-scale configuration management of all Linux/Unix systems; Application deployment; Immutable systems build definition; Maintaining stateful services such as database and messaging platforms; Automating one-off tasks & processes; Deployment and management of the undercloud. Features: Python 3 DSL; Declarative resource model with imperative capabilities; Type / Provider plugin seperation; Implicit ordering (with handler notification); Formalized “Plan” vs “Apply” evaluation stages; Early validation prior to runtime; Programatically scoped variables; Strong object-orientation

    (tags: opsmop ops configuration-management deployment build)

  • The JVM in Docker 2018

    Later JDK versions have made it far easier to run a JVM application in a Linux container. The memory support means that if you relied on JVM ergonomics before than you can do the same inside a container where as previously you had to override all memory related settings. The CPU support for containers needs to be carefully evaluated for your application and environment. If you’ve previously set low cpu_shares in environments like Kubernetes to increase utilisation while relying on using up unused cycles then you might get a shock.

    (tags: jvm docker kubernetes linux containers ops)

Links for 2018-11-15

Published November 15, 2018

  • Tuning Spark Back Pressure by Simulation

    Interesting, Spark uses a PID controller algorithm to manage backpressure:

    Spark back pressure, which can be enabled by setting spark.streaming.backpressure.enabled=true, will dynamically resize batches so as to avoid queue build up. It is implemented using a Proportional Integral Derivative (PID) algorithm. This algorithm has some interesting properties, including the lack of guarantee of a stable fixed point. This can manifest itself not just in transient overshoot, but in a batch size oscillating around a (potentially optimal) constant throughput. The overshoot incurs latency; the undershoot costs throughput. Catastrophic overshoot leading to OOM is possible in degenerate circumstances (you need to choose the parameters quite deviously to cause this to happen). Having witnessed undershoot and slow recovery in production streaming jobs, I decided to investigate further by testing the algorithm with a simulator.

    (tags: backpressure streaming queueing pid-controllers algorithms congestion-control)

  • New – EC2 Auto Scaling Groups With Multiple Instance Types & Purchase Options | AWS News Blog

    Basically getting EC2 Fleet's featureset into ASGs, good news

    (tags: ec2 fleet asg ops architecture cost-control)

  • SpamAssassin is back [LWN.net]

    The SpamAssassin 3.4.2 release was the first from that project in well over three years. At the 2018 Open Source Summit Europe, Giovanni Bechis talked about that release and those that will be coming in the near future. It would seem that, after an extended period of quiet, the SpamAssassin project is back and has rededicated itself to the task of keeping junk out of our inboxes.
    This is good to see! Also, newsy thread: https://news.ycombinator.com/item?id=18458212

    (tags: spamassassin open-source oss anti-spam)

  • Google 'betrays patient trust' with DeepMind Health move | Technology | The Guardian

    Now that Streams is a Google product itself, that promise appears to have been broken, says privacy researcher Julia Powles: “Making this about semantics is a sleight of hand. DeepMind said it would never connect Streams with Google. The whole Streams app is now a Google product. That is an atrocious breach of trust, for an already beleaguered product.” A DeepMind spokesperson emphasised that the core of the promise remains intact: “All patient data remains under our partners’ strict control, and all decisions about its use lie with them. This data remains subject to strict audit and access controls and its processing remains subject to both our contracts and data protection legislation. The move to Google does not affect this.”

    (tags: google deepmind health nhs data-protection privacy healthcare)

Links for 2018-11-14

Published November 14, 2018

  • Jeff Bezos is wrong, tech workers are not bullies

    I decided to leave my job as a staff engineer at Google because of Project Maven, and because I believe that the artificial intelligence ethical guidelines they published afterwards were not strict enough: they allowed surveillance within “internationally accepted norms”. I am now joining forces with current and former Google employees who also opposed Maven and the Dragonfly search engine. We do not wish to be complicit in human rights violations and we believe that workers, and the public, deserve a voice. We support employees at Amazon, Microsoft, Salesforce, McKinsey and Deloitte who have similarly stood up to their employers. We also have a right to not contribute to killing. Most workers at Google or Amazon did not join those companies to work on military applications. Both companies are international employers with engineering offices across the world, and many of their workers are neither US citizens nor residents. I worked as an engineer in Google's European headquarters in Dublin, Ireland. To me, the US military is not our military (as Google Cloud chief executive Diane Greene referred to it in a blog post), nor is it a force we should automatically support as a matter of patriotism. As an engineer, I believe it is my responsibility to speak up for human rights and accountable decision making. As an industry, we in technology cannot compromise our principles or allow ourselves to be bullied by billionaires who stand to be enriched by our silence.

    (tags: project-maven dragonfly google amazon surveillance us-politics politics ai silicon-valley ethics work life)

  • HTTP-over-QUIC to be renamed HTTP/3

    Decent newsy comment thread about HTTP/3, QUIC, and how the modern internet treats IP protocols

    (tags: ip protocols http http3 quic networking internet newsy)

  • Brits getting into the online-disinfo game

    Disinformation and deception have been a part of warfare for thousands of years, but across the world, something new was starting to happen. Information has long been used to support combat operations, but now combat was seen to taking place primarily, sometimes exclusively, through it. From being a tool of warfare, each military began to realise that the struggle with, over and through information was what war itself actually was about. And it wasn’t confined to Russia, China or anyone else. A global informational struggle has broken out. Dozens of countries are already doing it. And these are just the campaigns that we know about.

    (tags: disinfo fake-news uk british-army military memes infowar)

Links for 2018-11-09

Published November 9, 2018

  • Specification gaming examples in AI

    A good list of examples where machine learning systems "figure out" how to cheat their fitness function, e.g.:

    'Creatures bred for speed grow really tall and generate high velocities by falling over'

    (tags: ai funny humor spreadsheets machine-learning ml fitness-functions)

  • What if the Placebo Effect Isn’t a Trick? - The New York Times

    It is not possible to assay levels of COMT directly in a living brain, but there is a snippet of the genome called rs4680 that governs the production of the enzyme, and that varies from one person to another: One variant predicts low levels of COMT, while another predicts high levels. When Hall analyzed the I.B.S. patients’ DNA, she found a distinct trend. Those with the high-COMT variant had the weakest placebo responses, and those with the opposite variant had the strongest. These effects were compounded by the amount of interaction each patient got: For instance, low-COMT, high-interaction patients fared best of all, but the low-COMT subjects who were placed in the no-treatment group did worse than the other genotypes in that group. They were, in other words, more sensitive to the impact of the relationship with the healer. The discovery of this genetic correlation to placebo response set Hall off on a continuing effort to identify the biochemical ensemble she calls the placebome — the term reflecting her belief that it will one day take its place among the other important “-omes” of medical science, from the genome to the microbiome. The rs4680 gene snippet is one of a group that governs the production of COMT, and COMT is one of a number of enzymes that determine levels of catecholamines, a group of brain chemicals that includes dopamine and epinephrine. (Low COMT tends to mean higher levels of dopamine, and vice versa.) Hall points out that the catecholamines are associated with stress, as well as with reward and good feeling, which bolsters the possibility that the placebome plays an important role in illness and health, especially in the chronic, stress-related conditions that are most susceptible to placebo effects.

    (tags: placebo comt health healthcare medicine enzymes brain)

  • Deadlines, lies and videotape: The tale of a gRPC bug

    HostedGraphite decided to use gRPC as an internal inter-service protocol and ran into a basic protocol bug -- it does not default to using an application-level keepalive on the TCP channel so can block indefinitely if sending-side buffers fill up. Always use application-level keepalives and don't trust TCP

    (tags: tcp protocols keepalive grpc rpc architecture networking)

Links for 2018-11-08

Published November 8, 2018

  • Sci-Fi Writer Greg Egan and 4chan anon Math Whiz Advance Permutation Problem | Quanta Magazine

    On September 16, 2011, an anime fan posted a math question to the online bulletin board 4chan about the cult classic television series 'The Melancholy of Haruhi Suzumiya'. Season one of the show, which involves time travel, had originally aired in non-chronological order, and a re-broadcast and a DVD version had each further rearranged the episodes. Fans were arguing online about the best order to watch the episodes, and the 4chan poster wondered: If viewers wanted to see the series in every possible order, what is the shortest list of episodes they’d have to watch? In less than an hour, an anonymous person offered an answer — not a complete solution, but a lower bound on the number of episodes required. The argument, which covered series with any number of episodes, showed that for the 14-episode first season of Haruhi, viewers would have to watch at least 93,884,313,611 episodes to see all possible orderings. “Please look over [the proof] for any loopholes I might have missed,” the anonymous poster wrote. The proof slipped under the radar of the mathematics community for seven years — apparently only one professional mathematician spotted it at the time, and he didn’t check it carefully. But in a plot twist last month, the Australian science fiction novelist Greg Egan proved a new upper bound on the number of episodes required. Egan’s discovery renewed interest in the problem and drew attention to the lower bound posted anonymously in 2011. Both proofs are now being hailed as significant advances on a puzzle mathematicians have been studying for at least 25 years.

    (tags: mathematics internet math greg-egan anime bizarre 4chan superpermutation permutation proofs)

  • How do you populate your development databases?

    Lots of comments pro/anti copying from production

    (tags: database data testing system-tests dev)

  • Welcome To The Dystopia: People Are Arguing Whether This Trump Press Conference Video Is Doctored Or Not

    To sum it up: A historically unreliable narrator who works for a conspiracy website tweets out a video in order to show alleged bad behavior on the part of a journalist. The clip goes viral. The White House picks up and disseminates that video and uses it as proof to ban the journalist from reporting at the White House. Outraged journalists decry the White House's use of a video taken from a historically unreliable narrator. Then, users attempt to debunk the video as "actual fake news." Others, unclear if the video is fake, urge caution, suggesting the media may be jumping the gun. An argument breaks out over the intricate technical details of doctoring a clip. The entire ordeal is a near perfect example of a scenario disinformation experts have predicted and warned of, where the very threat of video manipulation can lead to a blurring of reality. "These technological underpinnings [of AI and photoshop, and editing programs lead] to the increasing erosion of trust,” computational propaganda researcher Renee DiResta told BuzzFeed News in early 2018. “It makes it possible to cast aspersions on whether videos — or advocacy for that matter — are real.”

    (tags: twitter disinfo disinformation buzzfeed video reality fake-news photoshop)

Links for 2018-11-07

Published November 7, 2018

  • wifiscan.py

    A neat kragen hack:

    Report wireless signal strength using audio synthesis. This quick kludge is useful for figuring out where the dead spots in your wireless network coverage are. They’re where the pitch goes high and maybe you start getting clicks from audio buffer underruns. Example audio output can be found at . This is based on a brilliant hack by Seth Schoen, in which he generated a tone controlled by the signal strength indication from his wireless card in order to get a sort of 21st-century software Theremin. This adds some envelope modulation so that it’s useful as a network diagnostic tool rather than a musical instrument. It depends on PulseAudio and the interface to the usual set of Linux commands: pacat, ping, and iwconfig. (I should really just read /proc/net/wireless instead of depending on iwconfig.)

    (tags: kragen wifi scanning audio sound signal linux)

Links for 2018-11-06

Published November 6, 2018

  • Underground Utility Colour Codes Explained

    Underground utility colour codes are used to differentiate and identify underground utilities to protect it from damage during excavation. There are different types of utilities and in order to tell them apart coloured lines, flags or sometimes both are used. They help mark the location and indicate the type of utility that is buried underground.
    I had no idea! (via Tony Finch)

    (tags: utilities power underground excavation digging repair urban)

  • Meet the Irish master codebreaker you never heard of

    In 1943, one of Nazi Germany’s most notorious communication codes was broken by a mild-mannered librarian and family man from Abbeyfeale in west Limerick, Richard Hayes. His day job was director of the National Library of Ireland, but during the Emergency, he secretly led a covert team of cryptanalysts, working feverishly on the infamous “Görtz Cipher” – a fiendish Nazi code that had stumped many of the greatest code-breaking minds at Bletchley Park, the centre of British wartime cryptography. Astonishingly, the feat was accomplished not in one of the huts at Bletchley Park, but in a now derelict building colloquially known as “The Red House” on Montpellier Hill in Dublin. If this wasn’t an amazing enough feat, Hayes also broke a complex microdot enciphering system which had baffled the American OSS, as well an enciphering system used by the dreaded Sicherheitsdienst (or SD), the intelligence section of the SS. The breaking of the latter code was instrumental in the Allied victory at the Battle of the Bulge. Few individuals can be said to have altered the course of the second World War on their own, but Hayes was one such individual – and he did it not with a gun, but with a detailed knowledge of the complex algorithms and mathematical permutations involved in the art of cryptography.
    (via Colm)

    (tags: via:colmmacc crypto codes hermann-gortz wwii dublin ireland richard-hayes cryptanalysis)

Links for 2018-11-02

Published November 2, 2018

  • Physical spam using cheap Bluetooth beacons spotted in the wild

    Buzz Andersen on Twitter: "Crazy thing: my friends who run a high traffic coffee shop just found this thing under their bar. It turns out to be a super cheap Chinese Bluetooth LE beacon.… https://t.co/pecNBCR86u"

    (tags: bluetooth spam via:twitter alibaba eddystone ads)

  • Productionproofing EKS

    'We recently migrated SaleMove infrastructure from self-managed Kubernetes clusters running on AWS to using Amazon Elastic Container Service for Kubernetes (EKS). There were many surprises along the way to getting our EKS setup ready for production. This post covers some of these gotchas (others may already be fixed or are not likely to be relevant for a larger crowd) and is meant to be used as a reference when thinking of running EKS in production.'

    (tags: eks aws docker kubernetes k8s ops prod)

Links for 2018-11-01

Published November 1, 2018

  • Neoliberalism has conned us into fighting climate change as individuals | Martin Lukacs | Environment | The Guardian

    These pervasive exhortations to individual action — in corporate ads, school textbooks, and the campaigns of mainstream environmental groups, especially in the west — seem as natural as the air we breathe. But we could hardly be worse-served. While we busy ourselves greening our personal lives, fossil fuel corporations are rendering these efforts irrelevant. The breakdown of carbon emissions since 1988? A hundred companies alone are responsible for an astonishing 71%. You tinker with those pens or that panel; they go on torching the planet. The freedom of these corporations to pollute – and the fixation on a feeble lifestyle response – is no accident. It is the result of an ideological war, waged over the last 40 years, against the possibility of collective action. Devastatingly successful, it is not too late to reverse it. The political project of neoliberalism, brought to ascendence by Thatcher and Reagan, has pursued two principal objectives. The first has been to dismantle any barriers to the exercise of unaccountable private power. The second had been to erect them to the exercise of any democratic public will. [...] At the very moment when climate change demands an unprecedented collective public response, neoliberal ideology stands in the way. Which is why, if we want to bring down emissions fast, we will need to overcome all of its free-market mantras.

    (tags: politics environment neoliberalism future climate-change green)

  • Block Advertising on your Network with Pi-hole and Raspberry Pi

    A good walkthrough of the Pi-Hole network-wide adblocker install and operation

    (tags: pi-hole ads blocking ops home raspberry-pi)

Links for 2018-10-31

Published October 31, 2018

  • October 21 post-incident analysis | The GitHub Blog

    A network outage caused a split-brain scenario, and their failover system allowed writes to occur in both regional databases. Once the outage was repaired it was impossible to reconcile writes in an automated fashion as a result. Embarrassingly, this exact scenario was called out in their previous blog post about their Raft-based failover system at https://githubengineering.com/mysql-high-availability-at-github/ -- "In a data center isolation scenario, and assuming a master is in the isolated DC, apps in that DC are still able to write to the master. This may result in state inconsistency once network is brought back up. We are working to mitigate this split-brain by implementing a reliable STONITH from within the very isolated DC. As before, some time will pass before bringing down the master, and there could be a short period of split-brain. The operational cost of avoiding split-brains altogether is very high." Failover is hard.

    (tags: github fail outages failover replication consensus ops)

  • LGTM

    Analyses open source code repos on github, running static code analysis to find "zero-days and other critical bugs".

    (tags: security code-review static-code-analysis coding lgtm github)

  • cool twitter image compression hack

    D?v?d ?uc??n?n on Twitter:

    Assuming this all works out, the image in this tweet is also a valid ZIP archive, containing a multipart RAR archive, containing the complete works of Shakespeare. This technique also survives twitter's thumbnailer :P
    (via JK)

    (tags: via:johnke cool compression image jpeg twitter)

  • A Dark Consensus About Screens and Kids Begins to Emerge in Silicon Valley - The New York Times

    John Lilly, a Silicon Valley-based venture capitalist with Greylock Partners and the former C.E.O. of Mozilla, said he tries to help his 13-year-old son understand that he is being manipulated by those who built the technology. “I try to tell him somebody wrote code to make you feel this way — I’m trying to help him understand how things are made, the values that are going into things and what people are doing to create that feeling,” Mr. Lilly said. “And he’s like, ‘I just want to spend my 20 bucks to get my Fortnite skins.’”

    (tags: kids technology education parenting screentime apps tech phones)

  • Your Kid’s Apps Are Crammed With Ads - The New York Times

    In apps marketed for children 5 and under in the Google Play store, there were pop-up ads with disturbing imagery. There were ads that no child could reasonably be expected to close out of, and which, when triggered, would send a player into more ads. Dancing treasure chests would give young players points for watching video ads, potentially endlessly. The vast majority of ads were not marked at all. Characters in children’s games gently pressured the kids to make purchases, a practice known as host-selling, banned in children’s TV programs in 1974 by the Federal Trade Commission. At other times an onscreen character would cry if the child did not buy something. “The first word that comes to mind is furious,” said Dr. Radesky, an assistant professor of developmental behavioral pediatrics at the University of Michigan Medical School. “I’m a researcher. I want to stay objective. We started this study really just trying to look at distraction. My frustrated response is about all the surprising, potentially deceptive stuff we found.”
    brb, installing Pi-Hole.

    (tags: children kids ads advertising apps android google ftc games iap)