Skip to content

Category: Uncategorized

Links for 2018-05-31

Published May 31, 2018

  • How to revoke all ad permissions from Oath GDPR pages

    in summary:

    document.querySelectorAll('input[type=checkbox]').forEach(val => val.checked = false)
    (via stx)

    (tags: via:stx oath gdpr privacy tracking ads)

  • A first draft of history

    For journalists it is always easier to point to the politician with the pearly-white smile and the pithy sound-byte as the harbinger of change – they attract the cameras and the microphones and make us turn our backs on the truth. It’s like we cannot – or will not – believe that change can be brought about by ordinary people doing extraordinary things, no matter how often we see it. It’s like we need the fallacy that our leaders are somehow better than us, somehow in control to sleep safely at night, when in fact much of our insomnia and worry is their creation. My first draft of history is this: “On Friday May 25 2018, the women of Ireland repealed the Eighth Amendment.” And that’s it. It may have taken them 35 years, and in that time they were scorned and laughed at and belittled and abused, right up until Saturday morning and in some cases beyond, and yet they did it. Nothing else is relevant. Through the day I saw women, from teenagers who had just cast their first vote to political veterans who started out on this trail 35 years previously, gradually realising what they had done. One by one, it dawned on them the immense power that they now wield. They banded together, and over the weeks and months and years, they changed a country. And they’re not done yet.
    Amen to that. Resist the rewriting of history -- this was a revolutionary moment for Ireland, and in some ways, the world.

    (tags: ireland history repealthe8th abortion referenda journalism)

Links for 2018-05-30

Published May 30, 2018

Links for 2018-05-29

Published May 29, 2018

  • _Random Slicing: Efficient and Scalable Data Placement for Large-Scale Storage Systems_, ACM Transactions on Storage, July 2014

    'The ever-growing amount of data requires highly scalable storage solutions. The most flexible approach is to use storage pools that can be expanded and scaled down by adding or removing storage devices. To make this approach usable, it is necessary to provide a solution to locate data items in such a dynamic environment. This article presents and evaluates the Random Slicing strategy, which incorporates lessons learned from table-based, rule-based, and pseudo-randomized hashing strategies and is able to provide a simple and efficient strategy that scales up to handle exascale data. Random Slicing keeps a small table with information about previous storage system insert and remove operations, drastically reducing the required amount of randomness while delivering a perfect load distribution.'

    (tags: randomness architecture algorithms storage hashing slicing scaling)

  • Archiving the 8th

    'archiving & collecting the 2018 referendum':

    This site was set up as a voluntary effort to answer some of these questions, and to quickly compile information on all known archiving and collecting activities happening nationwide, on both sides of the referendum campaign. It’s still very much a work in progress but the aspirations include: to provide an immediate, temporary resource to consolidate information on who’s archiving the 8th, and offer contact details share resources and suggestions, particularly for people wishing to donate material identify potential gaps or opportunities in collecting support networking of folks around the country engaged in archiving the 8th share models of protocols and examples of other ‘rapid response’ collecting elsewhere

    (tags: repealthe8th history archives archival 2018 referenda)

  • I am a computer — docubyte

    absolutely glorious classic microcomputing GIFs

    (tags: micros computing history apple ibm gifs images art)

Links for 2018-05-23

Published May 23, 2018

  • ACLU to Amazon: Get out of the surveillance business

    This is a fair point from the ACLU:

    Already, Rekognition is in use in Florida and Oregon. Government agencies in California and Arizona have sought information about it, too. And Amazon didn't just sell Rekognition to law enforcement, it's actively partnering with them to ensure that authorities can fully utilize Rekognition's capabilities. Amazon has branded itself as customer-centric, opposed secret government surveillance, and has a CEO who publicly supported First Amendment freedoms and spoke out against the discriminatory Muslim Ban. Yet, Amazon is powering dangerous surveillance that poses a grave threat to customers and communities already unjustly targeted in the current political climate. We must make it clear to Amazon that we won't stand by and let it pad its bottom line by selling out our civil rights.

    (tags: aclu amazon rekognition facial-recognition faces law privacy data-privacy civil-rights)

Links for 2018-05-21

Published May 21, 2018

Links for 2018-05-18

Published May 18, 2018

  • EC2 Instance Update – C5 Instances with Local NVMe Storage (C5d)

    With a 25% to 50% improvement in price-performance over the C4 instances, the C5 instances are designed for applications like batch and log processing, distributed and or real-time analytics, high-performance computing (HPC), ad serving, highly scalable multiplayer gaming, and video encoding. Some of these applications can benefit from access to high-speed, ultra-low latency local storage. For example, video encoding, image manipulation, and other forms of media processing often necessitates large amounts of I/O to temporary storage. While the input and output files are valuable assets and are typically stored as Amazon Simple Storage Service (S3) objects, the intermediate files are expendable. Similarly, batch and log processing runs in a race-to-idle model, flushing volatile data to disk as fast as possible in order to make full use of compute resources.
    Very nice!

    (tags: ec2 instance-types ops storage hardware aws)

  • Thanos: Prometheus at Scale

    interesting

    (tags: devops monitoring tools prometheus ops metrics)

Links for 2018-05-17

Published May 17, 2018

  • Canaries As Poisonous Gas Detectors

    n the late 1890s, [John] Haldane began experimenting on small animals like white mice and canaries [to detect carbon monoxide]. Small animals have faster metabolism rate, and hence show the effects of carbon monoxide poisoning much earlier even in the presence of small quantities of the noxious gas. Canaries are especially good at detecting toxins in the air because of their specialized respiratory system.

    (tags: carbon-monoxide gas safety canaries coal mining mines respiration gas-detectors)

  • Completely Silent Computer

    This computer makes no noise when it starts up.  It makes no noise when it shuts down.  It makes no noise when it idles.  It makes no noise when it’s under heavy load.  It makes no noise when it’s reading or writing data.  It can’t be heard in a regular room during the day.  It can’t be heard in a completely quiet house in the middle of the night.  It can’t be heard from 1m away.  It can’t be heard from 1cm away.  It can’t be heard — period.  It’s taken nearly 30 years to reach this point, but I’ve finally arrived.  The journey is over and it feels great. If you are after a silent — not just quiet, but silent — daily driver, then I strongly recommend a passively-cooled case, heat pipes and solid state drives.  Eliminate the moving parts (e.g. fans, HDDs) and you eliminate the noise — it’s not that complicated.  It also doesn’t need to be really expensive (my system requirements were not ‘average’ so please don’t infer from this post that all DB4-based systems are as expensive).  Silence (and a perfectly respectable computer) can easily be had for half the price.

    (tags: diy hardware pc silence quiet-hardware cooling fanless amd)

  • Docker is the dangerous gamble which we will regret : devops

    The article this Reddit thread links to is garbage clickbait, but the responses are insightful and much better

    (tags: reddit ops containerization docker contrarians rkt)

  • Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

    LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.

    (tags: locationsmart verizon sprint t-mobile att brian-krebs security location-tracking tracking mobile phones location)

  • Bitcoin’s energy use got studied, and you libertarian nerds look even worse than usual | Grist

    This is awful. What a waste:

    Bitcoin’s energy footprint has more than doubled since Grist first wrote about it six months ago. It’s expected to double again by the end of the year, according to a new peer-reviewed study out Wednesday. And if that happens, bitcoin would be gobbling up 0.5 percent of the world’s electricity, about as much as the Netherlands. That’s a troubling trajectory, especially for a world that should be working overtime to root out energy waste and fight climate change. By late next year, bitcoin could be consuming more electricity than all the world’s solar panels currently produce — about 1.8 percent of global electricity, according to a simple extrapolation of the study’s predictions. That would effectively erase decades of progress on renewable energy.

    (tags: energy bitcoin blockchain cryptocurrencies money climate-change planet green)

Links for 2018-05-16

Published May 16, 2018

Links for 2018-05-15

Published May 15, 2018

  • GDPR will pop the adtech bubble

    Without adtech, the EU’s GDPR (General Data Protection Regulation) would never have happened. But the GDPR did happen, and as a result websites all over the world are suddenly posting notices about their changed privacy policies, use of cookies, and opt-in choices for “relevant” or “interest-based” (translation: tracking-based) advertising. Email lists are doing the same kinds of things. “Sunrise day” for the GDPR is 25 May. That’s when the EU can start smacking fines on violators. Simply put, your site or service is a violator if it extracts or processes personal data without personal permission. Real permission, that is. You know, where you specifically say “Hell yeah, I wanna be tracked everywhere.” Of course what I just said greatly simplifies what the GDPR actually utters, in bureaucratic legalese. The GDPR is also full of loopholes only snakes can thread; but the spirit of the law is clear, and the snakes will be easy to shame, even if they don’t get fined. (And legitimate interest—an actual loophole in the GDPR, may prove hard to claim.) Toward the aftermath, the main question is What will be left of advertising—and what it supports—after the adtech bubble pops?

    (tags: advertising europe law privacy gdpr tracking data-privacy)

  • Attacks against GPG signed APT repositories - Packagecloud Blog

    It is a common misconception that simply signing your packages and repository metadata with GPG is enough to create a secure APT repository. This is false. Many of the attacks outlined in the paper and this blog post are effective against GPG-signed APT repositories. GPG signing Debian packages themselves does nothing, as explained below. The easiest way to prevent the attacks covered below is to always serve your APT repository over TLS; no exceptions.
    This is excellent research. My faith in GPG sigs on packages is well shaken.

    (tags: apt security debian packaging gpg pgp packages dpkg apt-get ops)

  • "Mudslinging" campaigns drive down voting rates, particularly among the unsure

    Does negative campaigning influence the likelihood of voting in elections? Our study of U.S. Senate campaigns indicates the answer is “yes.” We find that people distinguish between useful negative information presented in an appropriate manner and irrelevant and harsh mudslinging. As the proportion of legitimate criticisms increases in campaigns, citizens become more likely to cast ballots. When campaigns degenerate into unsubstantiated and shrill attacks, voters tend to stay home. Finally, we find that individuals vary in their sensitivity to the tenor of campaigns. In particular, the tone is more consequential for independents, for those with less interest in politics, and for those with less knowledge about politics.
    (via Mark Dennehy)

    (tags: politics strategy ireland referenda via:markdennehy dirty-tricks)

  • Abortion - the street demonstrations in pictures

    There's me, marching after the X Case in 1992; bookmarking for posterity and my own scrapbook! Repeal the 8th! '1992: A demonstration against the High Court injunction forbidding a 14-year-old alleged rape victim from obtaining an abortion in Britain. Photograph: The Irish Times'

    (tags: 1992 1990s history ireland x-case abortion repealthe8th law)

  • Dickens invented "gammon" as a slur in 1838, in 'Nicholas Nickleby'

    This is thoroughly brexiteering stuff:

    The time had been, when this burst of enthusiasm would have been cheered to the very echo; but now, the deputation received it with chilling coldness. The general impression seemed to be, that as an explanation of Mr Gregsbury’s political conduct, it did not enter quite enough into detail; and one gentleman in the rear did not scruple to remark aloud, that, for his purpose, it savoured rather too much of a ‘gammon’ tendency. ‘The meaning of that term — gammon,’ said Mr Gregsbury, ‘is unknown to me. If it means that I grow a little too fervid, or perhaps even hyperbolical, in extolling my native land, I admit the full justice of the remark. I AM proud of this free and happy country. My form dilates, my eye glistens, my breast heaves, my heart swells, my bosom burns, when I call to mind her greatness and her glory.’

    (tags: brexit funny gammon charles-dickens history gb politics uk-politics uk)

Links for 2018-05-08

Published May 8, 2018

  • The Tidelift Subscription

    The core idea of the Tidelift Subscription is to pay for “promises about the future” of your software components.   When you incorporate an open source library into your application, you need to know not just that you can use it as-is today, but that it will be kept secure, properly licensed, and well maintained in the future. The Tidelift Subscription creates a direct financial incentive for the individual maintainers of the software stacks you use to follow through on those commitments. Aligning everyone’s interests—professional development teams and maintainers alike. Critically, the Tidelift Subscriptions for React, Angular, and Vue.js cover not just the core libraries, but the vast set of dependencies and libraries typically used in these stacks. For example, a basic React web application pulls in over 1,000 distinct npm packages as dependencies. The Tidelift Subscription covers that full depth of packages which originate from all parts of the open source community, beyond the handful of core packages published by the React engineering team itself.

    (tags: tidelift open-source libraries dependencies coding)

Links for 2018-05-03

Published May 3, 2018

Links for 2018-05-02

Published May 2, 2018

Links for 2018-05-01

Published May 1, 2018

  • Silicon Valley Can't Be Trusted With Our History

    the internet is messing with human cognition in ways that will take decades to fully understand. Some researchers believe it is altering the way we create memories. In one study, researchers told a group of people to copy a list of facts onto a computer. They told half the group that the facts would be saved when they finished and the other half that the facts would be erased. Those who thought that the facts would be saved were much worse at remembering them afterward. Instead of relying on our friends and neighbors — or on books, for that matter — we have started outsourcing our memories to the internet. So what happens if those memories are erased — and if the very platforms responsible for their storage are the ones doing the erasing? That scenario is a threat everywhere, but particularly in countries where the authorities are most aggressively controlling speech and editing history. We say the internet never forgets, but internet freedom isn’t evenly distributed: When tech companies have expanded into parts of the world where information suppression is the norm, they have proven willing to work with local censors. Those censors will be emboldened by new efforts at platform regulation in the US and Europe, just as authoritarian regimes have already enthusiastically repurposed the rhetoric of “fake news.” The reach and power of tech platforms such as Facebook and Twitter are so new and strange that we’ve barely begun formulating a response. But we can learn from the activists already doing it; from Mosireen, or the team behind the Syrian Archive — six people, with a budget of $96,000, who are preserving thousands of hours of footage from their country’s civil war. The archive recently published the Chemical Weapons Database, documenting 221 chemical weapons attacks with 861 verified videos, implicating the Assad regime in a pattern of war crimes and putting the lie to armchair investigators helping to propagate conspiracy theories in the West. One of its cofounders recently told the Intercept that he spends nearly all his time making sure videos aren’t deleted from the big tech platforms before he gets a chance to download them.

    (tags: censorship syria chemical-weapons assad history youtube video archival mosireen the-syrian-archive archives memory facebook)

  • I tried leaving Facebook. I couldn’t - The Verge

    Facebook events, Facebook pages, Facebook photos, and Facebook videos are for many people an integral part of the church picnic, the Christmas party, the class reunion, the baby shower. (The growing scourge of gender reveal parties with their elaborate “reveal” rituals and custom-made cakes seems particularly designed to complement documentation on social media). The completeness of Facebook allows people to create better substitutes for in-person support groups in a wide range of ever-narrowing demographics — from casual interests like Instant Pot recipes for Korean food to heavy life-altering circumstances like rare forms of cancer. Of all people, I know why I shouldn’t trust Facebook, why my presence on its network contributes to the collective problem of its monopolistic hold on people. Everyone is on Facebook because everyone is on Facebook. And because everyone is on Facebook, even the people who aren’t are having their data collected in shadow profiles. My inaction affects even the people who have managed to stay away. I know this, I barely use Facebook, I don’t even like Facebook, and I find it nearly impossible to leave.

    (tags: privacy facebook deletefacebook social-networking social life social-media data-privacy)

Links for 2018-04-30

Published April 30, 2018

  • Europe fires back at ICANN's delusional plan to overhaul Whois for GDPR by next, er, year • The Register

    So was it European law experts Hamilton that wrongly advised ICANN that it could request for a "moratorium" over the new law until it came up with a new solution? It seems unlikely given their expertise and the fact it was them that first warned ICANN that it had wrongly persuaded itself that it was not affected by the new law. What seems more probable is that ICANN's staff and management board simply persuaded themselves that they could stall for time for no reason other than the fact that it would be convenient for them.

    (tags: icann fail gdpr whois law regulation eu)

  • Warning signs for TSB's IT meltdown were clear a year ago – insider | Business | The Guardian

    The team behind the development were celebrating. In a LinkedIn post since removed, those involved in the migration were describing themselves as “champions”, a “hell of a team” and were pictured raising glasses of bubbly to cheers of “TSB transfer done and dusted”. However, only hours after the switch was flicked, systems crumpled and up to 1.9m TSB customers who use internet and mobile banking were locked out. “I could have put money on the rollout being the disaster it has been, with evidence of major code changes on the hoof over last weekend and into this week,” the insider said. Customers reported receiving texts saying their cards had been used abroad, that they had discovered thousands of pounds in their accounts they did not have – or that mortgage accounts had vanished, multiplied or changed currency. One bemused account holder showed his TSB banking app recording a direct debit paid to Sky Digital 81 years from now. Some saw details of other people’s accounts and holidaymakers complained that they had been left unable to pay restaurant and hotel bills.
    What an incredible shitfest.

    (tags: banks tsb fail banking uk sabadell)

  • The brave new world of genetic genealogy - MIT Technology Review

    The combination of DNA and genealogy is a potentially a huge force for good in the world, but it must be used responsibly. In all cases where public databases like GEDmatch are used, the potential for good must be balanced against the potential for harm. In cases involving adoptee searches, missing persons, and unidentified bodies, the potential for good usually markedly outweighs the potential for harm. But the situation is not so clear-cut when it comes to the use of the methodology to identify suspects in rape and murder cases. The potential for harm is much higher under these circumstances, because of the risk of misuse, misapplication or misinterpretation of the data leading to wrongful identification of suspects. The stakes are too high for the GEDmatch database to be used by the police without oversight by a court of law.  However, we are not looking at a dystopian future. In the long run the public sharing of DNA data, when done responsibly, is likely to have huge benefits for society. If a criminal can be caught not by his own DNA but through a match with one of his cousins he will be less likely to commit a crime in the first place. With the move to whole genome sequencing in forensic cases in the future, it will be possible to make better use of genetic genealogy methods and databases to identify missing people, the remains of soldiers from World War One and World War Two as well as more recent wars, and casualties from natural and manmade disasters. We will be able to give many more unidentified people the dignity of their identity in death. But we each control our own DNA and we should all be able to decide what, if anything, we wish to share.

    (tags: gedmatch genealogy dna police murder rape dna-matching privacy data-privacy)

  • For the first time, parents will be able to limit YouTube Kids to human-reviewed channels and recommendations | TechCrunch

    FINALLY. what took so long

    (tags: youtube google parents parenting kids apps)

Links for 2018-04-26

Published April 26, 2018

  • twitter thread on incel culture, the "manosphere" and the rest of that toxic garbage

    For the past little while, I've been working on a piece about Toronto's relationship to the alt-right, especially the "manosphere." Unfortunately that research has become relevant. I'm going to share as much as I can here for people who may not be familiar with these movements.

    (tags: incels manosphere 4chan hate internet pua kill-all-normies)

  • TheJournal.ie FactCheck is first Irish outlet to officially tackle misinformation on Facebook

    TheJournal.ie FactCheck project has signed on to carry out third-party fact-checking on Facebook. This will involved testing the veracity of articles posted on the platform and attaching a rating and contextual information to contested items.
    Awesome. nice one TJ

    (tags: the-journal fact-checking facebook fake-news facts journalism)

  • The Joy Reid fight reinforces how critical the Internet Archive is to modern politics - The Washington Post

    What the Wayback Machine provides, in essence, is a third-party archiving service that largely escapes the influence of the content creators. If you publish a blog on a blogging platform (or a tweet on Twitter, etc.), you still have the power to go in and remove or alter what you’ve written. The Wayback Machine makes it much more difficult to cover your tracks, should you wish to. As more people who grew up creating content for the Web enter positions of authority in media and politics, that archive becomes more important. If the Wayback Machine hadn’t indexed Reid’s site, her words might have been lost. Or if someone had stumbled onto her old blog post, her expert’s argument that the post was fraudulent in some way might carry more weight. But with that index timestamped more than a decade ago, the argument is substantially undercut. Reid’s blog, though, is not currently available on the Wayback Machine. Her old blog updated the file on its server telling automated systems what can and can’t be indexed, a set of instructions that the Wayback Machine’s system respects as it gathers information from around the Web. By changing that file, Reid’s team essentially pulled a curtain down on her past writing.

    (tags: internet-archive archival history joy-reid web blogging wayback-machine robots.txt)

  • keiichishima/yacryptopan

    'Yet another Crypto-PAn implementation for Python':

    This package provides a function to anonymize IP addresses keeping their prefix consistency. This program is based on the paper "Prefix-Preserving IP Address Anonymization: Measurement-based Security Evaluation and a New Cryptography-based Scheme" written by Jun Xu, Jinliang Fan, Mostafa H. Ammar, and Sue B. Moon. The detailed explanation can be found in [Xu2002]. This package supports both IPv4 and IPv6 anonymization.
    (via Alexandre Dulaunoy)

    (tags: via:adulau anonymization ip-addresses internet ipv4 ipv6 security crypto python crypto-pan)

  • The Handmaid’s Tale doesn’t quite get modern American misogyny - The Verge

    Soft biological determinism doesn’t inevitably lead to harsh oppression, but that’s not the point. In The Handmaid’s Tale, Margaret Atwood imagined how seeds of xenophobia, misogyny, and authoritarianism could utterly corrupt a popular ideology with many well-meaning supporters — because a Gilead can grow in any group that lets its principles take root. That includes Evangelical Christianity, but also a modern secular rationalism that’s being co-opted by white male supremacists, speaking the language of science and logic. It’s not hard to envision a world that’s as cruel to women as Gilead, which is why watching The Handmaid’s Tale is so exhausting. But despite all its brutality, the show softens a more painful truth: misogyny doesn’t just persist, it evolves.

    (tags: handmaids-tale margaret-atwood science-fiction sf misogyny incels 4chan)

Links for 2018-04-24

Published April 24, 2018

  • Parallelizing S3 Workloads with s5cmd

    nice parallel download/upload tool for S3, developed by Peak Games, open source, in Go

    (tags: golang go s5cmd open-source tools cli s3 aws)

  • The Australian Bureau of Statistics Tracked People By Their Mobile Device Data.

    The ABS claims population estimates have a “major data gap” and so they’ve been a busy bee figuring out a way to track crowd movement. Their solution? Mobile device user data. “…with its near-complete coverage of the population, mobile device data is now seen as a feasible way to estimate temporary populations,” states a 2017 conference extract for a talk by ABS Demographer Andrew Howe. While the “Estimated Resident Population” (ERP) is Australia’s official population measure, the ABS felt the pre-existing data wasn’t ‘granular’ enough. What the ABS really wanted to know was where you’re moving, hour by hour, through the CBD, educational hubs, tourist areas. Howe’s ABS pilot study of mobile device user data creates population estimates with the help of a trial engagement with an unnamed telco company. The data includes age and sex breakdowns. The study ran between the 18th April to 1st May 2016. [....] Electronic Frontiers Australia board member Justin Warren also pointed out that while there are beneficial uses for this kind of information, “…the ABS should be treading much more carefully than it is. The ABS damaged its reputation with its bungled management of the 2016 Census, and with its failure to properly consult with civil society about its decision to retain names and addresses. Now we discover that the ABS is running secret tracking experiments on the population?” “Even if the ABS’ motives are benign, this behaviour?—?making ethically dubious decisions without consulting the public it is experimenting on?—?continues to damage the once stellar reputation of the ABS.” “This kind of population tracking has a dark history. During World War II, the US Census Bureau used this kind of tracking information to round up Japanese-Americans for internment. Census data was used extensively by Nazi Germany to target specific groups of people. The ABS should be acutely aware of these historical abuses, and the current tensions within society that mirror those earlier, dark days all too closely.”

    (tags: abs australia tracking location-data privacy data-privacy mobile)

Links for 2018-04-23

Published April 23, 2018

Links for 2018-04-20

Published April 20, 2018

  • Palantir Knows Everything About You

    This is so fucking dystopian:

    Operation Laser has made L.A. cops more surgical — and, according to community activists, unrelenting. Once targets are enmeshed in a [Palantir] spidergram, they’re stuck. Manuel Rios, 22, lives in the back of his grandmother’s house at the top of a hill in East L.A., in the heart of the city’s gang area. [...] He grew up surrounded by friends who joined Eastside 18, the local affiliate of the 18th Street gang, one of the largest criminal syndicates in Southern California. Rios says he was never “jumped in”—initiated into 18. He spent years addicted to crystal meth and was once arrested for possession of a handgun and sentenced to probation. But except for a stint in county jail for a burglary arrest inside a city rec center, he’s avoided further trouble and says he kicked his meth habit last year. In 2016, Rios was sitting in a parked car with an Eastside 18 friend when a police car pulled up. His buddy ran, pursued by the cops, but Rios stayed put. “Why should I run? I’m not a gang member,” he says over steak and eggs at the IHOP near his home. The police returned and handcuffed him. One of them took his picture with a cellphone. “Welcome to the gang database!” the officer said. Since then he’s been stopped more than a dozen times, he says, and told that if he doesn’t like it he should move. He has nowhere to go. His girlfriend just had a baby girl, and he wants to be around for them. “They say you’re in the system, you can’t lie to us,” he says. “I tell them, ‘How can I be in the hood if I haven’t got jumped in? Can’t you guys tell people who bang and who don’t?’ They go by their facts, not the real facts.” The police, on autopilot with Palantir, are driving Rios toward his gang friends, not away from them, worries Mariella Saba, a neighbor and community organizer who helped him get off meth. When whole communities like East L.A. are algorithmically scraped for pre-crime suspects, data is destiny, says Saba. “These are systemic processes. When people are constantly harassed in a gang context, it pushes them to join. They internalize being told they’re bad.”

    (tags: palantir surveillance privacy precrime spidergrams future la gangs justice algorithms data-protection data-privacy policing harrassment)

Links for 2018-04-19

Published April 19, 2018

  • _Building a Bw-Tree Takes More Than Just Buzz Words_, SIGMOD 2018

    'An account of our disappointing journey to build a open-source lock-free Bw-Tree for the Peloton DBMS.' 'In 2013, Microsoft Research proposed the Bw-Tree (humorously termed the “Buzz Word Tree”), a lock-free index that provides high throughput for transactional database workloads in SQL Server’s Hekaton engine. The Bw-Tree avoids locks by appending delta record to tree nodes and using an indirection layer that allows it to atomically update physical pointers using compare-and-swap (CaS). Correctly implementing this techniques requires careful attention to detail. Unfortunately, the Bw-Tree papers from Microsoft are missing important details and the source code has not been released. This paper has two contributions: First, it is the missing guide for how to build a lock-free Bw-Tree. We clarify missing points in Microsoft’s original design documents and then present techniques to improve the index’s performance. Although our focus here is on the Bw-Tree, many of our methods apply more broadly to designing and implementing future lock-free in-memory data structures. Our experimental evaluation shows that our optimized variant achieves 1.1–2.5× better performance than the original Microsoft proposal for highly concurrent workloads. Second, our evaluation shows that despite our improvements, the Bw-Tree still does not perform as well as other concurrent data structures that use locks.' Finally: https://twitter.com/andy_pavlo/status/986647389820747776 : 'Our results show that @ViktorLeis's ART index and @xexd's MassTree and a non-fancy B+Tree are currently the best for in-memory workloads. Skip Lists are always terrible.'

    (tags: skip-lists algorithms data-structures storage bw-trees mass-trees benchmarks performance multithreading lock-free locking trees)

Links for 2018-04-18

Published April 18, 2018

Links for 2018-04-17

Published April 17, 2018

Links for 2018-04-14

Published April 14, 2018

  • How to report graphic abortion imagery to the gardai under Irish law

    I tried to report ICBR graphic abortion imagery to the Gardai today and met a lot of resistance. The following thread gives an account of what happened and how someone can effectively report this imagery. 1/x At 2pm on Friday the 13th of April I noticed the presence of ICBR graphic abortion imagery being displayed outside the Nassau street entrance of Trinity. I called Kevin Street Garda Station in order to make a complaint under Section 7 of the Public Order Act 1994 2/x I was told that the Gardai had been instructed by their superiors to not intervene with such imagery and that this direction had come from the Refendum Commission itself. I then called the Refendum Commission in order to query this, as they'd never been involved previously. 3/x A representative from the commission informed me that no such direction had been given to the Gardai as it is not in the commission's remit to influence such imagery. The representative told me that they would contact with Kevin Street Station about this miscommunication. 4/x I then rang Kevin Street Station again to inform them of what I had been told by the Refendum Commission. I was then told that a complaint had to be made in person to either a Garda on the scene or to a local station (Trinity would be Pearse Street), which is understandable. 5/x I informed the Gardai of a similar experience in Dundrum in which the local station had dispatched officers to move along those displaying the imagery to prevent a breach of the peace without a complaint being made in person. 6/x I was finally told that Pearse Street Station would be contacted to have an available car dispatched to Trinity. 8/x TLDR: If you see this imagery, report it under Section 7. If you are told that the Gardai cannot intervene, let them know that other stations have before. If they say they have been directed by the Referendum Commission, let them know there is no such directive on record. 9/x I hope this miscommunication can be cleared up and that both @gardainfo and @RefCom_ie end up on the same page, so that Gardai can continue to do their jobs effectively and respond to public complaints of breach of the peace. 10/10
    Very illuminating.

    (tags: twitter threads abortion propaganda gardai law ireland public-order-act)

  • Thomas Mayne (politician) - Wikipedia

    An illustrious ancestor, apparently! 'Thomas Mayne (1832–1915) was an Irish Parliamentary Party politician. He was elected as Member of Parliament (MP) for Tipperary at a by-election in 1883,[1] and held the seat until the constituency was divided at the 1885 general election. He was then elected for the new Mid division of Tipperary,[2] and held that seat until he resigned in 1890 by becoming Steward of the Manor of Northstead.[3]' He was known for helping Charles Stewart Parnell in a sticky situation -- from http://www.online-literature.com/elbert-hubbard/journeys-vol-thirteen/6/ : 'About six months after this, London was convulsed with laughter at a joke too good to keep: One Captain O'Shea [Kitty O'Shea's husband] had challenged Charles Parnell, the Irish Leader, to a duel. Parnell accepted the challenge, but the fight was off, because Thomas Mayne had gone to O'Shea and told him he "would kick him the length of Rotten Row if he tried to harm or even opened his Galway yawp about Parnell."'

    (tags: parnell thomas-mayne ancestors history ireland nationalism mps 1800s 19th-century kitty-oshea)

Links for 2018-04-12

Published April 12, 2018

Links for 2018-04-11

Published April 11, 2018

  • Uses This / Leonard Lin

    lhl describes the stuff he uses, day to day. Lots of travel gear, drones, Linux and a surprising lack of Macs

    (tags: travel shopping hardware gear uses-this lhl drones vr linux vive chromebook tips)

  • #Repealthe8th | Are the Irish Media Up To The Job?

    For years we were subject to speculation and debate about the emergence of new party in Irish politics. Endless coverage for Lucinda Creighton, Michael McDowell and whoever else. All the while, the most incredibly vibrant social movement touching every county in Ireland has emerged and the majority of journalists are unable to write about it. Media comment has concerned itself not so much with the issues but with grave concern that this is happening outside perceived boundaries of respectable politics. This is ordinary people getting together and putting a most unspeakable issue on the agenda and soon to vote – in spite of the Normal Rules. It is not just that regime journalists live in a bubble or don’t care to inform themselves. They genuinely do not understand how this campaign has played out. It is beyond their entire conception. This is what happens when your idea of politics only extends to the ritual of posters on lamp posts.

    (tags: media ireland politics political-correspondents oireachtas-retort analysis society marref repealthe8th)

Links for 2018-04-10

Published April 10, 2018

Links for 2018-04-09

Published April 9, 2018

  • If iPads were meant for kids

    A long list of the misfeatures that IOS/Android devices have regarding child use. 100% agreed with this

    (tags: ios ipad iphone parenting devices kids android youtube)

  • A Closer Look at Experian Big Data and Artificial Intelligence in Durham Police

    'UK police bought profiling data for their artificial intelligence (AI) system, deciding whether to hold suspects in custody, from ... Experian.' 'The AI tool uses 34 data categories including the offender’s criminal history, combined with their age, gender and two types of residential postcode. The use of postcode data is problematic in predictive software of this kind as it carries a risk of perpetuating bias towards areas marked by community deprivation.'

    (tags: experian marketing credit-score data policing uk durham ai statistics crime hart)

  • lemire/JavaFastPFOR: A simple integer compression library in Java

    a library to compress and uncompress arrays of integers very fast. The assumption is that most (but not all) values in your array use much less than 32 bits, or that the gaps between the integers use much less than 32 bits. These sort of arrays often come up when using differential coding in databases and information retrieval (e.g., in inverted indexes or column stores). Please note that random integers are not compressible, by this library or by any other means. If you ever had the means of systematically compressing random integers, you could compress any data source to nothing, by recursive application of your technique. This library can decompress integers at a rate of over 1.2 billions per second (4.5 GB/s). It is significantly faster than generic codecs (such as Snappy, LZ4 and so on) when compressing arrays of integers. The library is used in LinkedIn Pinot, a realtime distributed OLAP datastore. Part of this library has been integrated in Parquet (http://parquet.io/). A modified version of the library is included in the search engine Terrier (http://terrier.org/). This libary is used by ClueWeb Tools (https://github.com/lintool/clueweb). It is also used by Apache NiFi.

    (tags: compression java pfor encoding integers algorithms storage)

  • Austerity is an Algorithm

    Fucking hell, things sound grim Down Under:

    Things changed in December 2016, when the government announced that the system had undergone full automation. Humans would no longer investigate anomalies in earnings. Instead, debt notices would be automatically generated when inconsistencies were detected. The government’s rationale for automating the process was telling. “Our aim is to ensure that people get what they are entitled to—no more and no less,” read the press release. “And to crack down hard when people deliberately defraud the system.” The result was a disaster. I’ve had friends who’ve received an innocuous email urging them to check their MyGov account—an online portal available to Australian citizens with an internet connection to access a variety of government services—only to log in and find they’re hundreds or thousands of dollars in arrears, supposedly because they didn’t accurately report their income. Some received threats from private debt collectors, who told them their wages would be seized if they didn’t submit to a payment plan. Those who wanted to contest their debts had to lodge a formal complaint, and were subjected to hours of Mozart’s Divertimento in F Major before they could talk to a case worker. Others tried taking their concerns directly to the Centrelink agency on Twitter, where they were directed to calling Lifeline, a 24-hour hotline for crisis support and suicide prevention. At the end of 2015, my friend Chloe received a notice claiming she owed $20,000 to the government. She was told that she had reported her income incorrectly while on Youth Allowance, which provides financial assistance to certain categories of young people. The figure was shocking and, like others in her position, she grew suspicious. She decided to contest the debt: she contacted all of her previous employers so she could gather pay slips, and scanned them into the MyGov app. “I gave them all of my information to prove that there was no way I owed them $20,000,” she says. The bean counters were unmoved. They maintained that Chloe had reported her after-tax income instead of her before-tax income. As a result, they increased the amount she owed to $30,000. She agreed to a payment plan, which will see her pay off the debt in fortnightly installments of $50 over the course of two decades. “I even looked into bankruptcy because I was so stressed by it,” she says. “All I could think about was the Centrelink debt, and once they upped it to 30k, I was so ashamed and sad and miserable,” she says.

    (tags: austerity algorithms automation dystopia australia government debt-collectors robo-debt dole benefit grim-meathook-future)

  • The Irish Border's Ladybird How It Works book on The Technological Solution

    amazing

    (tags: ladybird parody funny ireland politics northern-ireland brexit)

  • Mythology about security…

    A valuable history lesson from Jim Gettys:

    Government export controls crippled Internet security and the design of Internet protocols from the very beginning: we continue to pay the price to this day.  Getting security right is really, really hard, and current efforts towards “back doors”, or other access is misguided. We haven’t even recovered from the previous rounds of government regulations, which has caused excessive complexity in an already difficult problem and many serious security problems. Let us not repeat this mistake…
    I remember the complexity of navigating crypto export controls. As noted here, it was generally easier just not to incorporate security features.

    (tags: security crypto export-control jim-gettys x11 history x-windows mit athena kerberos)

Links for 2018-04-04

Published April 4, 2018

Links for 2018-03-30

Published March 30, 2018

Links for 2018-03-28

Published March 28, 2018

Links for 2018-03-27

Published March 27, 2018

Links for 2018-03-23

Published March 23, 2018

  • Brad Templeton's commentary on the Uber robocar killing a pedestrian

    At this point, it does seem as though a wrongful death lawsuit might emerge from the family of the victim. The fame for the lawyer will cause pro bono representation to appear, and the deep pockets of Uber will certainly be attractive. I recommend Uber immediately offer a settlement the courts would consider generous. And tell us more information about what really happened. And, if it's as surmised, to get their act together. The hard truth is, that if Uber's vehicle is unable to detect a pedestrian like this in time to stop, Uber has no business testing at 40mph on a road like this. Certainly not with an inattentive solo safety driver.
    It certainly sounds like they need to answer questions about LIDAR usage on that car.

Links for 2018-03-22

Published March 22, 2018

  • Arena

    Film by Páraic McGloughlin A brief look at the earth from above, based on the shapes we make, the game of life, our playing ground - Arena. Created using Google Earth imagery. Pearse McGloughlin and I collaborated on the audio resulting in something between music and a soundtrack. Audio mastered by TJ LippleHear

Links for 2018-03-21

Published March 21, 2018

Links for 2018-03-20

Published March 20, 2018

  • SXSW 2018: A Look Back at the 1960s PLATO Computing System - IEEE Spectrum

    Author Brian Dear on how these terminals were designed for coursework, but students preferred to chat and play games [...] “Out of the top 10 programs on PLATO running any day, most were games,” Dear says. “They used more CPU time than anything else.” In one popular game called Empire, players blast each other’s spaceships with phasers and torpedoes in order to take over planets.
    And PLATO had code review built into the OS:
    Another helpful feature that no longer exists was called Term Comment. It allowed users to leave feedback for developers and programmers at any place within a program where they spotted a typo or had trouble completing a task. To do this, the user would simply open a comment box and leave a note right there on the screen. Term Comment would append the comment to the user’s place in the program so that the recipient could easily navigate to it and clearly see the problem, instead of trying to recreate it from scratch on their own system. “That was immensely useful for developers,” Dear says. “If you were doing QA on software, you could quickly comment, and it would track exactly where the user left this comment. We never really got this on the Web, and it’s such a shame that we didn’t.”

    (tags: plato computing history chat empire gaming code-review coding brian-dear)

Links for 2018-03-19

Published March 19, 2018

Links for 2018-03-16

Published March 16, 2018

Links for 2018-03-14

Published March 14, 2018

  • Interesting Twitter thread on email UI design, vs Slack

    "When redesigning Outlook, we found two basic groups of users: pilers and filers. Pilers kept a single, ever-expanding list of mail in their Inbox and then worked it down to "inbox zero." Filers wrote rules or manually filed mail into folders, creating an organizational system. Filers rely on their bespoke, highly customized knowledge of where things go in their email system, much like you might organize your kitchen in a way that makes sense to you. You know where the strainer or little corn-cob-holders go, and no one else does (or needs to.) Pilers rely on search to find things in their huge amassed pile. We moved Outlook from the fundamental organization unit of "message" to "conversation" (or "thread") so that when pilers found mail via search, messages would return with the context of the surrounding conversation. Both pilers and filers have one key thing in common: their systems require an affirmative, discrete action to take a mail out of their list. Filers file to a folder when done with a message, and pilers archive/delete. This turned out to be essential for people to feel in control."
    really, "filers" (update:) "pilers" are using the UI that GMail pioneered, where credit is due (as far as I know at least).

    (tags: mail ux ui pilers-and-filers filepile email slack outlook)

Links for 2018-03-13

Published March 13, 2018

Links for 2018-03-11

Published March 11, 2018

Links for 2018-03-09

Published March 9, 2018

Links for 2018-03-04

Published March 4, 2018

Links for 2018-03-01

Published March 1, 2018

  • Yes, bacon really is killing us - The Guardian Long Read

    Nooooo!

    Since we eat with our eyes, the main way we judge the quality of cured meats is pinkness. Yet it is this very colour that we should be suspicious of, as the French journalist Guillaume Coudray explains in a book published in France last year called Cochonneries, a word that means both “piggeries” and “rubbish” or “junk food”. The subtitle is “How Charcuterie Became a Poison”. Cochonneries reads like a crime novel, in which the processed meat industry is the perpetrator and ordinary consumers are the victims. The pinkness of bacon – or cooked ham, or salami – is a sign that it has been treated with chemicals, more specifically with nitrates and nitrites. It is the use of these chemicals that is widely believed to be the reason why “processed meat” is much more carcinogenic than unprocessed meat. Coudray argues that we should speak not of “processed meat” but “nitro-meat”. [...] When nitrates interact with certain components in red meat (haem iron, amines and amides), they form N-nitroso compounds, which cause cancer. The best known of these compounds is nitrosamine. This, as Guillaume Coudray explained to me in an email, is known to be “carcinogenic even at a very low dose”. Any time someone eats bacon, ham or other processed meat, their gut receives a dose of nitrosamines, which damage the cells in the lining of the bowel, and can lead to cancer. You would not know it from the way bacon is sold, but scientists have known nitrosamines are carcinogenic for a very long time. More than 60 years ago, in 1956, two British researchers called Peter Magee and John Barnes found that when rats were fed dimethyl nitrosamine, they developed malignant liver tumours. By the 1970s, animal studies showed that small, repeated doses of nitrosamines and nitrosamides – exactly the kind of regular dose a person might have when eating a daily breakfast of bacon – were found to cause tumours in many organs including the liver, stomach, oesophagus, intestines, bladder, brain, lungs and kidneys.
    But there IS some good news for Parma ham and sausages:
    In 1993, Parma ham producers in Italy made a collective decision to remove nitrates from their products and revert to using only salt, as in the old days. For the past 25 years, no nitrates or nitrites have been used in any Prosciutto di Parma. Even without nitrate or nitrite, the Parma ham stays a deep rosy-pink colour. We now know that the colour in Parma ham is totally harmless, a result of the enzyme reactions during the ham’s 18-month ageing process. [...] the average British sausage – as opposed to a hard sausage like a French saucisson – is not cured, being made of nothing but fresh meat, breadcrumbs, herbs, salt and E223, a preservative that is non-carcinogenic. After much questioning, two expert spokespeople for the US National Cancer Institute confirmed to me that “one might consider” fresh sausages to be “red meat” and not processed meat, and thus only a “probable” carcinogen.

    (tags: bacon sausages meat parma-ham ham food cancer carcinogens big-meat nitrates nitrites)

Links for 2018-02-28

Published February 28, 2018

  • 30 kWh Leaf Nissan Connect Issues

    seems there's some kind of firmware/importation issue with the Nissan Leaf app integration.... bit of a mess

    (tags: nissan-leaf nissan leaf apps mobile cars driving)

  • Palantir has secretly been using New Orleans to test its predictive policing technology - The Verge

    Predictive policing technology has proven highly controversial wherever it is implemented, but in New Orleans, the program escaped public notice, partly because Palantir established it as a philanthropic relationship with the city through Mayor Mitch Landrieu’s signature NOLA For Life program. Thanks to its philanthropic status, as well as New Orleans’ “strong mayor” model of government, the agreement never passed through a public procurement process. In fact, key city council members and attorneys contacted by The Verge had no idea that the city had any sort of relationship with Palantir, nor were they aware that Palantir used its program in New Orleans to market its services to another law enforcement agency for a multimillion-dollar contract. Even James Carville, the political operative instrumental in bringing about Palantir’s collaboration with NOPD, said that the program was not public knowledge. “No one in New Orleans even knows about this, to my knowledge,” Carville said.

    (tags: palantir creepy surveillance crime forecasting precrime new-orleans us-politics privacy)

  • Huy Fong sriracha hot sauce label - Fonts In Use

    The fonts of the iconic sriracha bottle, analysed. Interestingly, the Chinese serif text is typeset in a universally-reviled font, PMingLiu:

    For East Asian designers, PMingLiu was probably as despicable as Papyrus. Many have publicly voiced their disdain for PMingLiu, and some even see the elimination of PMingLiu from public sight as a career goal. Julius Hui, then consultant for Commercial Type, exclaims: PMingLiu inhibits the type business, maims the public’s aesthetic judgment, and puts a bad face on the Minch? genre. As long as the public have not harbored a deep hatred against PMingLiu, it is futile to completely eliminate it from the world.

    (tags: typography packaging sriracha pmingliu mincho fonts type food labels)

Links for 2018-02-22

Published February 22, 2018

  • The Codex - I Do Not Like Go

    Some gripes about Go from this blog, specifically around developer ergonomics (syntax highlighting and language-inherent error detection), politics, packaging and distribution, GOPATH, and the tuple-oriented error handling idiom. As R. I. Pienaar noted, the Go community seems full of "at-Google-wes", which is an excellent way of putting it.

    (tags: golang go criticism blogs syntax-highlighting coding languages google at-google-we)

  • Can I Extend and Renovate my “Fixer Upper” for €100,000? A First Time Buyer’s Renovation Budget Explained

    In 2013, €100,000 was like a king’s ransom to most businesses in the Irish construction industry. Now clients approach us with budgets at this level and are shocked when we tell them how little can be achieved with such a large sum of money. We have decided to tackle this issue with a clear worked example. In 2018, rates for some types of construction have increased 50% since the recession, client expectations have increased, there is a shortage of competent construction workers, and subcontractors are now more accountable for quality. These pressures have inflated the many expenses which make up a typical renovation budget. Even the most seasoned commercial clients are struggling to achieve tenable construction prices, and first time buyers must understand the financial risk of buying a home in need of complete renovation.
    whoa.

    (tags: renovation homes architecture houses building)

Links for 2018-02-19

Published February 19, 2018

Links for 2018-02-15

Published February 15, 2018

Links for 2018-02-14

Published February 14, 2018

  • Single Trapped Atom Captures Science Photography Competition's top prize - EPSRC website

    An image of a single positively-charged strontium atom, held near motionless by electric fields, has won the overall prize in a national science photography competition, organised by the Engineering and Physical Sciences Research Council (EPSRC). ‘Single Atom in an Ion Trap’, by David Nadlinger, from the University of Oxford, shows the atom held by the fields emanating from the metal electrodes surrounding it. The distance between the small needle tips is about two millimetres. When illuminated by a laser of the right blue-violet colour the atom absorbs and re-emits light particles sufficiently quickly for an ordinary camera to capture it in a long exposure photograph. The winning picture was taken through a window of the ultra-high vacuum chamber that houses the ion trap.

    (tags: atom photography science strontium ion-traps light)

Links for 2018-02-12

Published February 12, 2018

  • Thousands of websites hijacked by hidden crypto-mining code after Browsealoud hacked

    The affected sites all use a fairly popular plugin called Browsealoud, made by Brit biz Texthelp, which reads out webpages for blind or partially sighted people. This technology was compromised in some way – either by hackers or rogue insiders altering Browsealoud's source code – to silently inject Coinhive's Monero miner into every webpage offering Browsealoud. For several hours today, anyone who visited a site that embedded Browsealoud inadvertently ran this hidden mining code on their computer, generating money for the miscreants behind the caper. A list of 4,200-plus affected websites can be found here: they include The City University of New York (cuny.edu), Uncle Sam's court information portal (uscourts.gov), Lund University (lu.se), the UK's Student Loans Company (slc.co.uk), privacy watchdog The Information Commissioner's Office (ico.org.uk) and the Financial Ombudsman Service (financial-ombudsman.org.uk), plus a shedload of other .gov.uk and .gov.au sites, UK NHS services, and other organizations across the globe. Manchester.gov.uk, NHSinform.scot, agriculture.gov.ie, Croydon.gov.uk, ouh.nhs.uk, legislation.qld.gov.au, the list goes on.

    (tags: browsealoud accessibility http sri coinhive monero hacks ico nhs)

Links for 2018-02-09

Published February 9, 2018

  • How the Game Genie worked

    "Sometimes it was really easy to find cheats, because the code was very straightforward, and sometimes it was a massive pain in the arse," recalls Jon. "In simple terms, if a game started you with three lives I'd set up the logic analyser to stop when it found the value three being written to RAM. Then I'd use the Game Genie to change that 3 to say a 5, reboot the game and see if I started with 5 lives. If not, then I'd let it find the next time it wrote 3 into RAM and try that. "Infinite lives codes were always the best. Once I'd found where in RAM the lives value was stored I'd then monitor when it got decremented. What I was looking for was where the game's original coder used -most likely - the DEC A (&H3D) instruction after reading the lives value from RAM, and then storing it back into RAM. If I found this then all I had to do was swap out the DEC A (&H3D) decrement operation with a NOP (&H00), which performed no operation. So the lives value would be left as-is and voila the player had infinite lives."

    (tags: games gameboy game-genie via:its logic-analysers reverse-engineering history hacking)

  • Last orders: Ireland's vanishing 'quirky' shopfronts – in pictures | Cities | The Guardian

    Graphic designer Trevor Finnegan spent seven years documenting traditional shopfronts throughout Ireland.
    Lovely examples of a vanishing vernacular style.

    (tags: architecture ireland rural shopfronts signs history)

  • Russia Did It, Y’all. And Nobody Fucking Cares.

    That’s right, that’s CRAZY LIBERAL CONSPIRACY THEORIST George W. Bush [...] saying it’s still an open question whether Russia actually successfully rigged the 2016 election. What a Code Pink Occupy Democracy Now liberal George W. Bush is being, to even ask that question!

    (tags: wonkette elections donald-trump 2016 us-politics george-w-bush hacking)

  • Car Hacker's Handbook

    Modern cars are more computerized than ever. Infotainment and navigation systems, Wi-Fi, automatic software updates, and other innovations aim to make driving more ­convenient. But vehicle technologies haven't kept pace with today's more hostile security environment, leaving ­millions vulnerable to attack. The Car Hacker's Handbook will give you a deeper understanding of the computer systems and embedded software in modern ­vehicles. It begins by examining vulnerabilities and providing detailed explanations of communications over the CAN bus and ­between devices and systems. Then, once you have an understanding of a vehicle's communication network, you'll learn how to intercept data and perform specific hacks to track vehicles, unlock doors, glitch engines, flood communication, and more.
    Creative Commons Attribution-Noncommercial-ShareAlike license.

    (tags: cars books hacking exploits can-bus)

Links for 2018-02-07

Published February 7, 2018

Links for 2018-02-02

Published February 2, 2018

  • Amazon Aurora Parallel Query is Available for Preview

    Looks very nifty (at least once it's GA)

    Parallel Query improves the performance of large analytic queries by pushing processing down to the Aurora storage layer, spreading processing across hundreds of nodes. With Parallel Query, you can run sophisticated analytic queries on Aurora tables with an order of magnitude performance improvement over serial query processing, in many cases. Parallel Query currently pushes down predicates used to filter tables and hash joins. 

    (tags: parallel aurora amazon mysql sql performance joins architecture data-model)

Links for 2018-01-30

Published January 30, 2018

Links for 2018-01-29

Published January 29, 2018

  • Key metrics for RabbitMQ monitoring

    Good suggestions from Datadog

    (tags: rabbitmq mq monitoring metrics graphite ops)

  • Amazing thread from @gavinsblog on the Strava leak

    'This often led to the same results you see with Strava. In low population countries, or countries with low smartphone penetration, it was often easy to detect Westerners (usually soldiers) in remote areas. this usually led to being able to identify bases and other types of things based solely on social data. Iraq, Afghanistan = always easy to find US troops (Instagram being a common sharing tool). Same true of IDF troops in staging areas before invasion of Gaza in 2014. and the same true in 2014 with Russian troops in Ukraine. All too easy. Of course the other thing you might be nosey about [is] known military facilities. Social geotagging can give you staff/visitor lists if you persist long enough. the difference between this technique and Strava was you could usually quickly deduce first name/last name if you wanted, and infer other social profiles eg LinkedIn -> FB -> FB friends -> work colleagues. Not only that but it was possible to automate.'

    (tags: strava privacy military security geotagging geodata gavin-sheridan)

  • My £300 32Amp Charging Station Install

    good writeup of a DIY EV car charger install

    (tags: ev cars diy car-chargers home)

Links for 2018-01-28

Published January 28, 2018

  • Strava app gives away location of secret US army bases

    This is a privacy nightmare. Even with anonymized userids the data was far too user-specific.

    The details were released by Strava in a data visualisation map that shows all the activity tracked by users of its app, which allows people to record their exercise and share it with others. The map, released in November 2017, shows every single activity ever uploaded to Strava – more than 3 trillion individual GPS data points, according to the company. The app can be used on various devices including smartphones and fitness trackers like Fitbit to see popular running routes in major cities, or spot individuals in more remote areas who have unusual exercise patterns.

    (tags: strava privacy fail army us-army data)

Links for 2018-01-27

Published January 27, 2018

  • 'A Look into 30 Years of Malware Development from a Software Metrics Perspective'

    'During the last decades, the problem of malicious and unwanted software (malware) has surged in numbers and sophistication. Malware plays a key role in most of today’s cyber attacks and has consolidated as a commodity in the underground economy. In this work, we analyze the evolution of malware since the early 1980s to date from a software engineering perspective. We analyze the source code of 151 malware samples and obtain measures of their size, code quality, and estimates of the development costs (effort, time, and number of people). Our results suggest an exponential increment of nearly one order of magnitude per decade in aspects such as size and estimated effort, with code quality metrics similar to those of regular software. Overall, this supports otherwise confirmed claims about the increasing complexity of malware and its production progressively becoming an industry.'

    (tags: malware coding metrics software history complexity arms-race)

Links for 2018-01-25

Published January 25, 2018

  • Rocket Lab secretly launched a disco ball satellite on its latest test flight - The Verge

    I'm quite conflicted about this -- I think I like it:

    Shaped a bit like a disco ball, the Humanity Star is a 3-foot-wide carbon fiber sphere, made up of 65 panels that reflect the Sun’s light. The satellite is supposed to spin in space, too, so it’s constantly bouncing sunlight. In fact, the probe is so bright that people can see it with the naked eye. The Humanity Star’s orbit also takes it all over Earth, so the satellite will be visible from every location on the planet at different times. Rocket Lab has set up a website that gives real-time updates about the Humanity Star’s location. People can find out when the satellite will be closest to them, and then go outside to look for it. The goal of the project is to create “a shared experience for all of humanity,” according to Rocket Lab.

    (tags: rocket-lab disco-balls satellites humanity-star orbit space)

  • 3D Scans of 7,500 Famous Sculptures, Statues & Artworks: Download & 3D Print Rodin's Thinker, Michelangelo's David & More | Open Culture

    oh my.

    (tags: 3d-printing art history british-museum models cool)

  • 'DolphinAttack: Inaudible Voice Commands' [pdf]

    'Speech recognition (SR) systems such as Siri or Google Now have become an increasingly popular human-computer interaction method, and have turned various systems into voice controllable systems(VCS). Prior work on attacking VCS shows that the hidden voice commands that are incomprehensible to people can control the systems. Hidden voice commands, though hidden, are nonetheless audible. In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f > 20 kHz) to achieve inaudibility. By leveraging the nonlinearity of the microphone circuits, the modulated low frequency audio commands can be successfully demodulated, recovered, and more importantly interpreted by the speech recognition systems. We validate DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile. We propose hardware and software defense solutions. We validate that it is feasible to detect DolphinAttack by classifying the audios using supported vector machine (SVM), and suggest to re-design voice controllable systems to be resilient to inaudible voice command attacks.' via Zeynep (https://twitter.com/zeynep/status/956520320504123392)

    (tags: alexa siri attacks security exploits google-now speech-recognition speech audio acm papers cortana)

Links for 2018-01-24

Published January 24, 2018

  • Targeted Audio Adversarial Examples

    This is phenomenal:

    We have constructed targeted audio adversarial examples on speech-to-text transcription neural networks: given an arbitrary waveform, we can make a small perturbation that when added to the original waveform causes it to transcribe as any phrase we choose. In prior work, we constructed hidden voice commands, audio that sounded like noise but transcribed to any phrases chosen by an adversary. With our new attack, we are able to improve this and make an arbitrary waveform transcribe as any target phrase.
    The audio examples on this page are impressive -- a little bit of background noise, such as you might hear on a telephone call with high compression, hard to perceive if you aren't listening out for it. Paper here: https://arxiv.org/abs/1801.01944 (Via Parker Higgins, https://twitter.com/xor )

    (tags: papers audio adversarial-classification neural-networks speech-to-text speech recognition voice attacks exploits via:xor)

Links for 2018-01-22

Published January 22, 2018

Links for 2018-01-18

Published January 18, 2018

Links for 2018-01-17

Published January 17, 2018

  • Boost your immunity: Cold and flu treatments suppress innate immune system

    The next time you feel a cold coming on, maybe what you really want is just a little teensy bit of innate immune suppression, not an immunity boost. Over-the-counter medications like ibuprofen and antihistamines should help you feel better. Meanwhile, sit back while your acquired B and T cells do the rest. And if you aren't yet sick, stay up-to-date on your vaccines, including the yearly influenza vaccine. Most importantly, practice vigorous hand washing — after all, the skin is also a component of your natural defenses and one that actually can be enhanced by good hygiene. Take care of yourself by keeping a balanced diet, maintaining good sleep habits, and minimizing stress. These are interventions that have been shown to help keep your immune system at its best. These alone can "boost" your odds of staving off an infection this cold season.

    (tags: immunity health immune-system colds b-cells t-cells flu)

  • Sarah Jeong's hilarious Twitter thread on Bitcoin

    "People are sick of the Federal Reserve, sick of bailouts, sick of inflation. You know what we need? Internet money with the usability of PGP and the reliability of BART" and much, much more

    (tags: bitcoin funny sarah-jeong comedy lols pgp twitter threads)

  • How To Measure the Working Set Size on Linux

    A nifty metric:

    The Working Set Size (WSS) is how much memory an application needs to keep working. Your app may have populated 100 Gbytes of main memory, but only uses 50 Mbytes each second to do its job. That's the working set size. It is used for capacity planning and scalability analysis. You may never have seen WSS measured by any tool (I haven't either). OSes usually show you virtual memory and resident memory, shown as the "VIRT" and "RES" columns in top. Resident memory is real memory: main memory that has been allocated and page mapped. But we don't know how much of that is in heavy use, which is what WSS tells us. In this post I'll introduce some new things I've developed for WSS estimation: two Linux tools, and WSS profile charts. The tools use either the referenced or the idle page flags to measure a page-based WSS, and were developed out of necessity for another performance problem.
    (via Amy Tobey)

    (tags: via:amytobey memory linux rss wss proc ps processes metrics working-set-size ram)

Links for 2018-01-15

Published January 15, 2018

  • The likely user interface which led to Hawaii's false-alarm incoming-ballistic-missile alert on Saturday 2018-01-13

    @supersat on Twitter: "In case you're curious what Hawaii's EAS/WEA interface looks like, I believe it's similar to this. Hypothesis: they test their EAS authorization codes at the beginning of each shift and selected the wrong option." This is absolutely classic enterprisey, government-standard web UX -- a dropdown template selection and an easily-misclicked pair of tickboxes to choose test or live mode.

    (tags: testing ux user-interfaces fail eas hawaii false-alarms alerts nuclear early-warning human-error)

  • The Death of Microservice Madness in 2018

    Quite a good set of potential gotchas, which I've run into myself, including: 'Real world systems often have poorly defined boundaries' 'The complexities of state are often ignored' 'The complexitities of communication are often ignored' 'Versioning can be hard' 'Microservices can be monoliths in disguise'

    (tags: architecture devops microservices services soa coding monoliths state systems)

  • Do algorithms reveal sexual orientation or just expose our stereotypes?

    'A study claiming that artificial intelligence can infer sexual orientation from facial images caused a media uproar in the Fall of 2017. [...] Michal Kosinski, who co-authored the study with fellow researcher Yilun Wang, initially expressed surprise, calling the critiques “knee-jerk” reactions. However, he then proceeded to make even bolder claims: that such AI algorithms will soon be able to measure the intelligence, political orientation, and criminal inclinations of people from their facial images alone.' 'In [this paper], we have shown how the obvious differences between lesbian or gay and straight faces in selfies relate to grooming, presentation, and lifestyle? — ?that is, differences in culture, not in facial structure. [...] We’ve demonstrated that just a handful of yes/no questions about these variables can do nearly as good a job at guessing orientation as supposedly sophisticated facial recognition AI. Therefore?—?at least at this point?—?it’s hard to credit the notion that this AI is in some way superhuman at “outing” us based on subtle but unalterable details of our facial structure.'

    (tags: culture facial-recognition ai papers facial-structure sexual-orientation lgbt computer-vision)

  • Shanzhai ?? China & its Contents

    As he drinks Sino-coffee for around RMB 10, Comrade X might well be wearing the latest ‘ZARE’ couture while watching the TV news streaming on his HiPhone.[2] Back in Guangdong, his girlfriend — a sales consultant at a small stall in one of Shenzhen’s many wholesale electronics markets — sports a ‘high-end replica’ ?? Louis Vuitton bag and makes a living selling ‘domestically produced’ ?? and ‘smuggled’ ?? smartphones. The imitation products that festoon the couple’s lives are part of ‘shanzhai ?? China’. Shanzhai, the word means roughly ‘mass-produced imitation goods’, has created a Chinese landscape that is littered with products derided by the media, Chinese and international, as ‘copycat’, ‘guerrilla counterfeits’ and ‘knockoffs’, all the work of thieves.[3] Those who feel that their intellectual property and copyright has been infringed by shanzhai producers describe the products as ‘rubbish’, ‘piracy in disguise’ and ‘hooligan’.[4] Regardless of such righteous outrage, shanzhai — the producers, the products and the mentality — continues to flourish as an essential, quasi-legitimate shadow dimension of the Chinese economy. And, in practical terms, shanzhai products give disenfranchised ‘non-consumers’ of the orthodox economy — that is, people who would like to own but can’t afford the ‘original’ products — cut-price access to high-end technologies, as well as offering aspirational shoppers consumer satisfaction.

    (tags: shanzai china fakes consumerism hiphone smartphones copycat knockoffs imitation consumption)

  • Don Norman on "Human Error", RISKS Digest Volume 23 Issue 07 2003

    It is far too easy to blame people when systems fail. The result is that over 75% of all accidents are blamed on human error. Wake up people! When the percentage is that high, it is a signal that something else is at fault -- namely, the systems are poorly designed from a human point of view. As I have said many times before (even within these RISKS mailings), if a valve failed 75% of the time, would you get angry with the valve and simply continual to replace it? No, you might reconsider the design specs. You would try to figure out why the valve failed and solve the root cause of the problem. Maybe it is underspecified, maybe there shouldn't be a valve there, maybe some change needs to be made in the systems that feed into the valve. Whatever the cause, you would find it and fix it. The same philosophy must apply to people.

    (tags: don-norman ux ui human-interface human-error errors risks comp.risks failures)

Links for 2018-01-14

Published January 14, 2018

Links for 2018-01-12

Published January 12, 2018

  • google/highwayhash: Fast strong hash functions: SipHash/HighwayHash

    HighwayHash: 'We have devised a new way of mixing inputs with AVX2 multiply and permute instructions. The multiplications are 32x32 -> 64 bits and therefore infeasible to reverse. Permuting equalizes the distribution of the resulting bytes. The internal state occupies four 256-bit AVX2 registers. Due to limitations of the instruction set, the registers are partitioned into two 512-bit halves that remain independent until the reduce phase. The algorithm outputs 64 bit digests or up to 256 bits at no extra cost. In addition to high throughput, the algorithm is designed for low finalization cost. The result is more than twice as fast as SipTreeHash. We also provide an SSE4.1 version (80% as fast for large inputs and 95% as fast for short inputs), an implementation for VSX on POWER and a portable version (10% as fast). A third-party ARM implementation is referenced below. Statistical analyses and preliminary cryptanalysis are given in https://arxiv.org/abs/1612.06257.' (via Tony Finch)

    (tags: siphash highwayhash via:fanf hashing hashes algorithms mac google hash)

  • Brain Cells Share Information With Virus-Like Capsules - The Atlantic

    ...a gene called Arc which is active in neurons, and plays a vital role in the brain. A mouse that’s born without Arc can’t learn or form new long-term memories. If it finds some cheese in a maze, it will have completely forgotten the right route the next day. “They can’t seem to respond or adapt to changes in their environment,” says Shepherd, who works at the University of Utah, and has been studying Arc for years. “Arc is really key to transducing the information from those experiences into changes in the brain.” Despite its importance, Arc has been a very difficult gene to study. Scientists often work out what unusual genes do by comparing them to familiar ones with similar features—but Arc is one-of-a-kind. Other mammals have their own versions of Arc, as do birds, reptiles, and amphibians. But in each animal, Arc seems utterly unique—there’s no other gene quite like it. And Shepherd learned why when his team isolated the proteins that are made by Arc, and looked at them under a powerful microscope. He saw that these Arc proteins assemble into hollow, spherical shells that look uncannily like viruses. “When we looked at them, we thought: What are these things?” says Shepherd. They reminded him of textbook pictures of HIV, and when he showed the images to HIV experts, they confirmed his suspicions. That, to put it bluntly, was a huge surprise. “Here was a brain gene that makes something that looks like a virus,” Shepherd says. That’s not a coincidence. The team showed that Arc descends from an ancient group of genes called gypsy retrotransposons, which exist in the genomes of various animals, but can behave like their own independent entities.* They can make new copies of themselves, and paste those duplicates elsewhere in their host genomes. At some point, some of these genes gained the ability to enclose themselves in a shell of proteins and leave their host cells entirely. That was the origin of retroviruses—the virus family that includes HIV.

    (tags: brain evolution retroviruses viruses genes arc gag proteins memory biology)

Links for 2018-01-11

Published January 11, 2018

  • [1801.02780] Rogue Signs: Deceiving Traffic Sign Recognition with Malicious Ads and Logos

    Well, so much for that idea.

    We propose a new real-world attack against the computer vision based systems of autonomous vehicles (AVs). Our novel Sign Embedding attack exploits the concept of adversarial examples to modify innocuous signs and advertisements in the environment such that they are classified as the adversary's desired traffic sign with high confidence. Our attack greatly expands the scope of the threat posed to AVs since adversaries are no longer restricted to just modifying existing traffic signs as in previous work. Our attack pipeline generates adversarial samples which are robust to the environmental conditions and noisy image transformations present in the physical world. We ensure this by including a variety of possible image transformations in the optimization problem used to generate adversarial samples. We verify the robustness of the adversarial samples by printing them out and carrying out drive-by tests simulating the conditions under which image capture would occur in a real-world scenario. We experimented with physical attack samples for different distances, lighting conditions, and camera angles. In addition, extensive evaluations were carried out in the virtual setting for a variety of image transformations. The adversarial samples generated using our method have adversarial success rates in excess of 95% in the physical as well as virtual settings.

    (tags: signs road-safety roads traffic self-driving-cars cars avs security machine-learning computer-vision ai)

  • The Stress of Remote Working – Martin De Wulf – Medium

    There is a lot of good to say about remote working, and I see a lot of rabid defence of the practice. That said, I have been working remotely for a little more than 5 years now, and I now must acknowledge that it does not come without stress. This might come as a surprise for some, but in the end, I think that remote working has taken some toll on me over the last two years, especially when I went almost fully remote for a year.
    I have to say, I agree with this 100% -- I spent a few years remote working full time, and by the end of it I was absolutely delighted to return to a mainly office-based job.

    (tags: business work life coding teleworking remote-work stress anxiety mental-health)

  • Best way designing a GDPR compliant datalake using AWS services : aws

    interesting thread at Reddit

    (tags: gdpr reddit aws tips design services ops)

Links for 2018-01-10

Published January 10, 2018

Links for 2018-01-09

Published January 9, 2018

Links for 2018-01-04

Published January 4, 2018

Links for 2018-01-03

Published January 3, 2018

Links for 2018-01-01

Published January 1, 2018

  • Steven Bellovin on Bitcoin

    When you engineer a system for deployment you build it to meet certain real-world goals. You may find that there are tradeoffs, and that you can't achieve all of your goals, but that's normal; as I've remarked, "engineering is the art of picking the right trade-off in an overconstrained environment". For any computer-based financial system, one crucial parameter is the transaction rate. For a system like Bitcoin, another goal had to be avoiding concentrations of power. And of course, there's transaction privacy. There are less obvious factors, too. These days, "mining" for Bitcoins requires a lot of computations, which translates directly into electrical power consumption. One estimate is that the Bitcoin network uses up more electricity than many countries. There's also the question of governance: who makes decisions about how the network should operate? It's not a question that naturally occurs to most scientists and engineers, but production systems need some path for change. In all of these, Bitcoin has failed. The failures weren't inevitable; there are solutions to these problems in the acdemic literature. But Bitcoin was deployed by enthusiasts who in essence let experimental code escape from a lab to the world, without thinking about the engineering issues—and now they're stuck with it. Perhaps another, better cryptocurrency can displace it, but it's always much harder to displace something that exists than to fill a vacuum.

    (tags: steven-bellovin bitcoin tech software systems engineering deployment cryptocurrency cypherpunks)

Links for 2017-12-19

Published December 19, 2017

Links for 2017-12-18

Published December 18, 2017

Links for 2017-12-15

Published December 15, 2017

Links for 2017-12-14

Published December 14, 2017

Links for 2017-12-13

Published December 13, 2017

Links for 2017-12-12

Published December 12, 2017

  • The Case for Learned Index Structures

    'Indexes are models: a B-Tree-Index can be seen as a model to map a key to the position of a record within a sorted array, a Hash-Index as a model to map a key to a position of a record within an unsorted array, and a BitMap-Index as a model to indicate if a data record exists or not. In this exploratory research paper, we start from this premise and posit that all existing index structures can be replaced with other types of models, including deep-learning models, which we term learned indexes. The key idea is that a model can learn the sort order or structure of lookup keys and use this signal to effectively predict the position or existence of records. We theoretically analyze under which conditions learned indexes outperform traditional index structures and describe the main challenges in designing learned index structures. Our initial results show, that by using neural nets we are able to outperform cache-optimized B-Trees by up to 70% in speed while saving an order-of-magnitude in memory over several real-world data sets. More importantly though, we believe that the idea of replacing core components of a data management system through learned models has far reaching implications for future systems designs and that this work just provides a glimpse of what might be possible.' Excellent follow-up thread from Henry Robinson: https://threadreaderapp.com/thread/940344992723120128 'The fact that the learned representation is more compact is very neat. But also it's not really a surprise that, given the entire dataset, we can construct a more compact function than a B-tree which is *designed* to support efficient updates.' [...] 'given that the model performs best when trained on the whole data set - I strongly doubt B-trees are the best we can do with the current state-of-the art.'

    (tags: data-structures ml google b-trees storage indexes deep-learning henry-robinson)

  • Internet protocols are changing

    per @mnot. HTTP/2; TLS 1.3; QUIC and UDP; and DOH (DNS over HTTP!)

    (tags: crypto encryption http https protocols http2 tls quic udp tcp dns tunnelling)

Links for 2017-12-06

Published December 6, 2017

  • In first, 3-D printed objects connect to WiFi without electronics

    This. is. magic.

    Physical motion—pushing a button, laundry soap flowing out of a bottle, turning a knob, removing a hammer from a weighted tool bench—triggers gears and springs elsewhere in the 3-D printed object that cause a conductive switch to intermittently connect or disconnect with the antenna and change its reflective state. Information—in the form of 1s and 0s—is encoded by the presence or absence of the tooth on a gear. Energy from a coiled spring drives the gear system, and the width and pattern of gear teeth control how long the backscatter switch makes contact with the antenna, creating patterns of reflected signals that can be decoded by a WiFi receiver.

    (tags: magic wifi whoa 3d-printing objects plastic gears springs)

Links for 2017-12-05

Published December 5, 2017

  • AMERICAN AIRLINES 737MAX8: “LIKE A FLYING PRISON”

    Quite unusual to see an honest review of travelling coach-class on an internal US flight. This is a massive stinker: “I admit American isn’t my favourite airline, but this has made me seriously re-evaluate ever travelling on them again. And it won’t be economy. If this is Americans idea of their future standards, they can keep it. Aviation enthusiasts might find it really interesting- I felt like I was in a flying prison”.

    (tags: coach travel aa airlines 737 boeing reviews comfort)

  • Using AWS Batch to Generate Mapzen Terrain Tiles · Mapzen

    Using this setup on AWS Batch, we are able to generate more than 3.75 million tiles per minute and render the entire world in less than a week! These pre-rendered tiles get stored in S3 and are ready to use by anyone through the AWS Public Dataset or through Mapzen’s Terrain Tiles API.

    (tags: mapzen mapping tiles batch aws s3 lambda docker)

  • Theresa May's Blue Monday -- Fintan O’Toole

    Having backed down, May was then peremptorily informed that she was not even allowed to back down. She left her lunch with the president of the European Commission, Jean-Claude Juncker, to take a phone call from the DUP’s Arlene Foster, who told her that the deal she had just made was unacceptable. May then had to go back in and tell Juncker that she could not agree to what she had just agreed to. It is a scarcely credible position for a once great state to find itself in: its leader does not even have the power to conduct a dignified retreat.

    (tags: eu ireland brexit uk theresa-may dup politics ec fintan-otoole)

  • Handling GDPR: How to make Kafka Forget

    How do you delete (or redact) data from Kafka? The simplest way to remove messages from Kafka is to simply let them expire. By default Kafka will keep data for two weeks and you can tune this as required. There is also an Admin API that lets you delete messages explicitly if they are older than some specified time or offset. But what if we are keeping data in the log for a longer period of time, say for Event Sourcing use cases or as a source of truth? For this you can make use of  Compacted Topics, which allow messages to be explicitly deleted or replaced by key.
    Similar applies to Kinesis I would think.

    (tags: kafka kinesis gdpr expiry deleting data privacy)

Links for 2017-12-04

Published December 4, 2017

  • Bella Caledonia: A Wake-Up Call

    Swathes of the British elite appeared ignorant of much of Irish history and the country’s present reality. They seemed to have missed that Ireland’s economic dependence on exports to its neighbour came speedily to an end after both joined the European Economic Community in 1973. They seemed unacquainted with Ireland’s modern reality as a confident, wealthy, and internationally-oriented nation with overwhelming popular support for EU membership. Repeated descriptions of the border as a “surprise” obstacle to talks betrayed that Britain had apparently not listened, or had dismissed, the Irish government’s insistence in tandem with the rest of the EU since April that no Brexit deal could be agreed that would harden the border between Ireland and Northern Ireland. The British government failed to listen to Ireland throughout history, and it was failing to listen still.

    (tags: europe ireland brexit uk ukip eu northern-ireland border history)

  • AWS re:invent 2017: Advanced Design Patterns for Amazon DynamoDB (DAT403) - YouTube

    Video of one of the more interesting sessions from this year's Re:invent

    (tags: reinvent aws dynamodb videos tutorials coding)

  • AWS re:invent 2017: Container Networking Deep Dive with Amazon ECS (CON401) // Practical Applications

    Another re:Invent highlight to watch -- ECS' new native container networking model explained

    (tags: reinvent aws containers docker ecs networking sdn ops)

  • VLC in European Parliament's bug bounty program

    This was not something I expected:

    The European Parliament has approved budget to improve the EU’s IT infrastructure by extending the free software security audit programme (FOSSA) and by including a bug bounty approach in the programme. The Commission intends to conduct a small-scale "bug bounty" activity on open-source software with companies already operating in the market. The scope of this action is to: Run a small-scale "bug bounty" activity for open source software project or library for a period of up to two months maximum; The purpose of the procedure is to provide the European institutions with open source software projects or libraries that have been properly screened for potential vulnerabilities; The process must be fully open to all potential bug hunters, while staying in-line with the existing Terms of Service of the bug bounty platform.

    (tags: vlc bug-bounties security europe europarl eu ep bugs oss video open-source)