Skip to content

Category: Uncategorized

Links for 2016-10-02

Published October 2, 2016

  • The ultimate off-site backup

    So assuming the mission continues well, in 2014 the Rosetta Probe will land on Comet 67P/Churyumov-Gerasimenko, where it will measure the comet's molecular composition. Then it will remain at rest as the comet orbits the sun for hundreds of millions of years. So somewhere in the solar system, where it is safe but hard to reach, a backup sample of human languages is stored, in case we need one.
    As jwz says: 'The Rosetta Disc is now safely installed on 67P/Churyumov-Gerasimenko.'

    (tags: rosetta long-now history language comets solar-system space)

Links for 2016-09-30

Published September 30, 2016

  • Airflow/AMI/ASG nightly-packaging workflow

    Some tantalising discussion on twitter of an Airflow + AMI + ASG workflow for ML packaging: 'We build models using Airflow. We deploy new models as AMIs where each AMI is model + scoring code. The AMI is hence a version of code + model at a point in time : #immutable_infrastructure. It's natural for Airflow to build & deploy the model+code with each Airflow DAG Run corresponding to a versioned AMI. if there's a problem, we can simply roll back to the previous AMI & identify the problematic model building Dag run. Since we use ASGs, Airflow can execute a rolling deploy of new AMIs. We could also have it do a validation & ASG rollback of the AMI if validation fails. Airflow is being used for reliable Model build+validation+deployment.'

    (tags: ml packaging airflow asg ami deployment ops infrastructure rollback)

Links for 2016-09-29

Published September 29, 2016

Links for 2016-09-28

Published September 28, 2016

  • Snooping powers saw 13 people wrongly held on child sex charges in the UK

    Sorry, Daily Mail article --

    Blunders in the use of controversial snooping powers meant 13 people were wrongly arrested last year on suspicion of being paedophiles. Another four individuals had their homes searched by detectives following errors in attempts to access communications data, a watchdog revealed yesterday. Other mistakes also included people unconnected to an investigation being visited by police and delayed welfare checks on vulnerable people including children whose lives were at risk, said the Interception of Communications Commissioner. [....] A large proportion of the errors involved an internet address which was wrongly linked to an individual. Of the 23 serious mistakes, 14 were human errors and the other nine ‘technical system errors’.

    (tags: surveillance ip-addresses privacy uk daily-mail snooping interception errors)

Links for 2016-09-27

Published September 27, 2016

  • The best thing to mark National Stalking Awareness Week would be to scrap the law on stalking

    "The Secret Barrister" explains a classic case of empty-gesture lawmaking in the UK:

    in 2012, the coalition government, in a fit of virtue signalling, announced a bold plan to offer extra protection to victims of stalking, following a rash of reported cases where obsessive nutjobs had slipped through the net. Hence, via the 2012 Act, section 2A was shoved into the Protection from Harassment Act, creating a shiny new offence of stalking. What is stalking, you ask? Well here’s the clever bit. Stalking is…”a course of conduct which amounts to harassment…and [where] the acts or omissions involved are ones associated with stalking“. To inject some colour into the dull circularity of the definition, section 2A(3) provides “examples of acts or omissions associated with stalking”. In other words, you need to prove that the defendant is guilty of both harassment and stalking, in order to convict them of stalking. Therefore, proving stalking is by definition harder for the prosecution than simply proving harassment. And what do you get if you opt for the harder road? What prize awaits the victorious prosecutor who has slogged her way through the additional evidential burden thrust upon her by section 2A? The answer is….nothing. Or at least, nothing more than if you successfully prosecuted for harassment. The maximum sentence in each case is 6 months’ imprisonment. It is the very definition of empty gesture legislating. Section 2A is so very pointlessly pointless that I want urgently to go back in time to the day when then-crime prevention minister Jeremy Browne was hubristically prattling on about what a difference this law is going to make and shove a whoopee pie right up his schnoz. Section 2A does nothing other than create a new offence that is harder to prove than an existing offence that prohibits the same conduct, solely, it seems, to allow for the drawing of an entirely semantic distinction between “harassment” and “stalking”.

    (tags: harrassment stalking law legislation uk police crime prosecution)

Links for 2016-09-26

Published September 26, 2016

  • "Better truck design could save hundreds of pedestrian and cyclist lives"

    European transport group, Transport and Environment, said that the Loughborough study shows that better design “could save hundreds of pedestrian and cyclists’ lives”. It added that the study “finds huge differences in the direct vision – what drivers can see with their own eyes – of best and worst-in-class trucks in all categories, and that ‘low-entry cabs’ like the Mercedes Econic out perform all of today’s best performing vehicles.” A P-Series truck, from truck maker Scania, was rated at the best of its class with zero blind spots — this could go a long way to explaining why the makers of a Road Safety Authority video using another P-Series truck reportedly had to fake blind spots last year. Mandatory extra mirrors has been EU policy to try to reduce collisions with people cycling and walking but researchers point out that blind spots remain on many trucks and improving direct vision may be a better policy than improving indirect vision using mirrors. [...] The EU currently has a deadline of 2028 for improved vision in trucks but Transport and Environment said: “Given that better vision cabs are already available on the market and in all market segments (best in class, smarter configurations, low entry vehicles) a 2028 deadline is not justifiable.”

    (tags: cycling safety trucks law scania roads pedestrians)

  • How to Quantify Scalability

    good page on the Universal Scalability Law and how to apply it

    (tags: usl performance scalability concurrency capacity measurement excel equations metrics)

  • Artist Tricks Tourists With Elaborate Monument To Staten Island Ferry Octopus Attack

    'You probably don't know much about the Staten Island Ferry Disaster Memorial Museum, which honors the 400 victims who died when a giant octopus attacked the Cornelius G. Kolff, a Staten Island Ferry boat, on Nov. 22, 1963. That isn't because the event was overshadowed by the assassination of JFK that same day—it's because, as you may have guessed based on the word "tricks" in the headline, there was no such octopus-induced tragedy.'

    (tags: ferries staten-island octopi funny pranks tourism)

Links for 2016-09-25

Published September 25, 2016

  • iPhones4Autism

    great idea -- donate old, obsolete iPhone 4/4s phones to a charity which repurposes them for autistic/non-verbal kids

    (tags: autism communication health phones recycling charity iphones)

  • Brian Krebs - The Democratization of Censorship

    Events of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely potent cyber weapons with transnational reach. More than 20 years after Gilmore first coined [his] turn of phrase, his most notable quotable has effectively been inverted — “Censorship can in fact route around the Internet.” The Internet can’t route around censorship when the censorship is all-pervasive and armed with, for all practical purposes, near-infinite reach and capacity.

    (tags: brian-krebs censorship ddos internet web politics crime security iot)

Links for 2016-09-21

Published September 21, 2016

  • "The couple, who had no experience of wine-making but much faith in professorial expertise…"

    I love this story -- a wealthy couple buy a vineyard in the Languedoc for its theoretically-optimal microclimate for wine-making. Defying what one's preconceptions would expect (mine included!), the results were fantastic.

    In the Languedoc there is a vineyard that teaches us an important lesson about textbook learning and its application to the world. In the early Seventies it was bought by a wealthy couple, who consulted professors Emile Peynaud and Henri Enjalbert, the world’s leading academic oenologist and oenological geologist respectively. Between them these men convinced the couple that their new vineyard had a theoretically ideal microclimate for wine-making. When planted with theoretically ideal vines whose fruits would be processed in the optimal way according to the up-to-date science of oenology, this vineyard had the potential to produce wine to match the great first growths of Bordeaux. The received wisdom that great wine was the product of an inscrutable (and untransferable) tradition was quite mistaken, the professors said: it could be done with hard work and a fanatical attention to detail. The couple, who had no experience of wine-making but much faith in professorial expertise, took a deep breath and went ahead. If life were reliably like novels, their experiment would have been a disaster. In fact Aimé and Véronique Guibert have met with a success so unsullied that it would make a stupefying novel (it has already been the subject of a comatogenic work of non-fiction). The first vintage they declared (in 1978) was described by Gault Millau as ‘Château Lafite du Languedoc’; others have been praised to the heights by the likes of Hugh Johnson and Robert Parker. The wine is now on the list at the Tour d’Argent and the 1986 vintage retails at the vineyard for £65 a bottle. The sole shadow on the lives of these millionaires is cast by the odd hailstorm. No one to whom I have begun recounting the story believes it will end well. Most people are extremely unwilling to grant that faith in textbook knowledge should ever be crowned with success. We have a very strong narrative bias against such stories. It is a bias we forget once our children fall sick or we have to travel in an aeroplane, but so long as we are in storytelling mode we simply deny that systematic textbook reasoning can make headway against whimsy and serendipity. Apart from anything else, it is deeply unfair that it should.

    (tags: books science languedoc wine academia microclimates preconceptions)

  • The Problem With Cul-de-Sac Design - CityLab

    “A lot of people feel that they want to live in a cul-de-sac, they feel like it’s a safer place to be,” Marshall says. “The reality is yes, you’re safer – if you never leave your cul-de-sac. But if you actually move around town like a normal person, your town as a whole is much more dangerous.” This is the opposite of what traffic engineers (and home buyers) have thought for decades. And it’s just the beginning of what we’re now starting to understand about the relative advantages of going back to the way we designed communities a century ago. Marshall and Garrick took the same group of California cities and also examined all their minutely classified street networks for the amount of driving associated with them. On average, they found, people who live in more sparse, tree-like communities drive about 18 percent more than people who live in dense grids. And that’s a conservative calculation.
    (via Tony Finch)

    (tags: cul-de-sacs cities city design layout simcity grids safety)

Links for 2016-09-20

Published September 20, 2016

  • Osso

    "A modern standard for event-oriented data". Avro schema, events have time and type, schema is external and not part of the Avro stream. 'a modern standard for representing event-oriented data in high-throughput operational systems. It uses existing open standards for schema definition and serialization, but adds semantic meaning and definition to make integration between systems easy, while still being size- and processing-efficient. An Osso event is largely use case agnostic, and can represent a log message, stack trace, metric sample, user action taken, ad display or click, generic HTTP event, or otherwise. Every event has a set of common fields as well as optional key/value attributes that are typically event type-specific.'

    (tags: osso events schema data interchange formats cep event-processing architecture)

Links for 2016-09-13

Published September 13, 2016

Links for 2016-09-12

Published September 12, 2016

  • A Loud Sound Just Shut Down a Bank's Data Center for 10 Hours | Motherboard

    The purpose of the drill was to see how the data center's fire suppression system worked. Data centers typically rely on inert gas to protect the equipment in the event of a fire, as the substance does not chemically damage electronics, and the gas only slightly decreases the temperature within the data center. The gas is stored in cylinders, and is released at high velocity out of nozzles uniformly spread across the data center. According to people familiar with the system, the pressure at ING Bank's data center was higher than expected, and produced a loud sound when rapidly expelled through tiny holes (think about the noise a steam engine releases). The bank monitored the sound and it was very loud, a source familiar with the system told us. “It was as high as their equipment could monitor, over 130dB”. Sound means vibration, and this is what damaged the hard drives. The HDD cases started to vibrate, and the vibration was transmitted to the read/write heads, causing them to go off the data tracks. “The inert gas deployment procedure has severely and surprisingly affected several servers and our storage equipment,” ING said in a press release.

    (tags: ing hardware outages hard-drives fire fire-suppression vibration data-centers storage)

Links for 2016-09-08

Published September 8, 2016

  • Basetrip

    'All the information you need while traveling including visa requirements, currency, electricity, communication info and more.'

    (tags: travel reference visas holidays)

  • The Internet Thinks I’m Still Pregnant - The New York Times

    This is pretty awful -- an accidental, careless and brutal side effect of marketers passing on sensitive info to one another, without respect for their users' privacy: 'I hadn’t realized, however, that when I had entered my information into the pregnancy app, the company would then share it with marketing groups targeting new mothers. Although I logged my miscarriage into the app and stopped using it, that change in status apparently wasn’t passed along. Seven months after my miscarriage, mere weeks before my due date, I came home from work to find a package on my welcome mat. It was a box of baby formula bearing the note: “We may all do it differently, but the joy of parenthood is something we all share.”'

    (tags: privacy pregnancy miscarriage data-protection apps babies parenthood)

Links for 2016-09-07

Published September 7, 2016

Links for 2016-09-06

Published September 6, 2016

Links for 2016-09-05

Published September 5, 2016

  • Auto Scaling for EC2 Spot Fleets

    'we are enhancing the Spot Fleet model with the addition of Auto Scaling. You can now arrange to scale your fleet up and down based on a Amazon CloudWatch metric. The metric can originate from an AWS service such as EC2, Amazon EC2 Container Service, or Amazon Simple Queue Service (SQS). Alternatively, your application can publish a custom metric and you can use it to drive the automated scaling.'

    (tags: asg auto-scaling ec2 spot-fleets ops scaling)

  • How a Japanese cucumber farmer is using deep learning and TensorFlow

    Unfortunately the usual ML problem arises at the end:

    One of the current challenges with deep learning is that you need to have a large number of training datasets. To train the model, Makoto spent about three months taking 7,000 pictures of cucumbers sorted by his mother, but it’s probably not enough. "When I did a validation with the test images, the recognition accuracy exceeded 95%. But if you apply the system with real use cases, the accuracy drops down to about 70%. I suspect the neural network model has the issue of "overfitting" (the phenomenon in neural network where the model is trained to fit only to the small training dataset) because of the insufficient number of training images."
    In other words, as with ML since we were using it in SpamAssassin, maintaining the training corpus becomes a really big problem. :(

    (tags: google machine-learning tensorflow cucumbers deep-learning ml)

  • Northland man denies burning down house but insurer refuses to pay out

    This is a mad story. The insurance company is accusing a guy in NZ of using remote-login software from 400km away to trigger a "print" command to a complicated Heath Robinson setup in order to light a fire to burn down his house

    (tags: fraud insurance weird nz crime printers remote-login)

Links for 2016-08-19

Published August 19, 2016

  • How the NSA snooped on encrypted Internet traffic for a decade | Ars Technica

    In a revelation that shows how the National Security Agency was able to systematically spy on many Cisco Systems customers for the better part of a decade, researchers have uncovered an attack that remotely extracts decryption keys from the company's now-decommissioned line of PIX firewalls. The discovery is significant because the attack code, dubbed BenignCertain, worked on PIX versions Cisco released in 2002 and supported through 2009. Even after Cisco stopped providing PIX bug fixes in July 2009, the company continued offering limited service and support for the product for an additional four years. Unless PIX customers took special precautions, virtually all of them were vulnerable to attacks that surreptitiously eavesdropped on their VPN traffic.

    (tags: nsa hacks exploits pix cisco security)

Links for 2016-08-18

Published August 18, 2016

  • NPR Website To Get Rid Of Comments

    Sadly, this makes sense and I'd have to agree.

    Mike Durio, of Phoenix, seemed to sum it up in an email to my office back in April. "Have you considered doing away with the comments sections, or tighter moderation?" he wrote. "The comments have devolved into the Punch-and-Judy-Fest of moronic, un-illuminating observations and petty insults I've seen on other pretty much every other Internet site that allows comments." He added, "This is not in keeping with NPR's take-a-step-back, take-a-deep-breath reporting," and noted, "Now, thread hijacking and personal insults are becoming the stock in trade. Frequent posters use the forums to duke it out with one another." A user named Mary, from Raleigh, N.C., wrote to implore: "Remove the comments section from your articles. The rude, hateful, racist, judgmental comments far outweigh those who may want to engage in some intelligent sideline conversation about the actual subject of the article. I am appalled at the amount of 'free hate' that is found on a website that represents honest and unbiased reporting such as NPR. What are you really gaining from all of these rabid comments other than proof that a sad slice of humanity that preys on the weak while spreading their hate?"

    (tags: abuse comments npr racism web discussion)

  • Meeting the Free Speech Crusaders Who Want to End Political Correctness | VICE | United Kingdom

    The 'Young British Heritage Society', aka gam*rgate as a college society

    (tags: gamergate funny sad trolls ybhs reactionaries uk politics)

Links for 2016-08-16

Published August 16, 2016

  • The Mattress Industry is One Big Scam

    yes, yes it is

    (tags: mattresses scams buying shopping consumer)

  • Unchecked exceptions for IO considered harmful - Google Groups

    Insightful thread from the mechanical sympathy group, regarding the checked-vs-unchecked style question:

    Peter Lawrey: Our view is that Checked Exception makes more sense for library writers as they can explicitly pass off errors to the caller. As a caller, especially if you are new to a product, you don't understand the exceptions or what you can do about them.  They add confusion. For this reason we use checked exceptions internally in the lower layers and try to avoid passing them in our higher level interfaces. Note: A high percentage of our fall backs are handling iOExceptons and recovering from them. [....] My experience is that the more complex and layered your libraries the more essential checked exceptions become. I see them as essential for scalability of your software.

    (tags: exceptions java style coding checked-exceptions ioexceptions io error-handling)

Links for 2016-08-09

Published August 9, 2016

  • TV detector vans may have been a con all along

    This is shaking my world view -- although I find it more plausible that (as responses to https://www.theguardian.com/notesandqueries/query/0,5753,-22440,00.html claim) they _did_ work until about 10-20 years ago, by detecting RF emissions from the local oscillator inside the TV. Ross Anderson, at https://www.cl.cam.ac.uk/~rja14/Papers/SE-15.pdf , notes:

    During [..] World War II, radio engineering saw advances in radar, passive direction finding, and low-probability-of-intercept techniques, which I’ll discuss in the next chapter. By the 1960s, the stray RF leaking from the local oscillator signals in domestic television sets was being targeted by direction-finding equipment in “TV detector vans,” in Britain, where TV owners must pay an annual license fee that is supposed to support public broadcast services. Its use has since expanded to satellite and cable TV operators, who use detector vans to find pirate decoders. Some people in the computer security community were also aware that information could leak from cross-coupling and stray RF (see, for example, [259, 791]).

    (tags: rf radio tv bbc tv-licenses tv-license-detector-vans security emissions tempest)

  • “I Want to Know What Code Is Running Inside My Body” — Backchannel

    Sandler wants to be able to explore the code running her device for programming flaws and vulnerability to hacking, but she can’t. “Because I don’t have access to the source code, I have no power to do anything about it,” she says. In her eyes, it’s a particularly obvious example of a problem that now cuts across much of modern life: proprietary software has become crucial to daily survival, and yet is often locked away from public exploration and discussion by copyright.

    (tags: copyright safety health pacemakers law proprietary-software life medicine implants)

Links for 2016-08-07

Published August 7, 2016

  • the Wire-Wire fraud

    'Researchers learn about wire-fraud scam after Nigerian scammers infect themselves with their own malware.'

    The researchers observed Wire-Wire scores of $5,000 to $250,000 with the average between $30,000-$50,000 from small- and medium-sized businesses. The scammers themselves were "well-respected and admired" in their communities.
    I've heard about this scam -- it's nasty, and worst of all, banks won't reimburse the losses.

    (tags: scams fraud wire-wire nigeria malware banking)

  • Showing bottle: one man's vision crafted a revolution

    A eulogy for Oliver Hughes, founder of the Porterhouse and Dingle Distillery, and arguably the progenitor of Ireland's craft beer scene. I had the pleasure of sharing a table with him at a beer tasting in Sweeney's off license a while back, and it was both educational and a good fun night. RIP

    (tags: oliver-hughes porterhouse beer ireland dublin dingle-distillery rip deaths)

Links for 2016-08-06

Published August 6, 2016

  • Fake Time

    'FakeTime is simulated time."

    When testing RealTime software a simulator is often employed, which injects events into the program which do not occur in RealTime. If you are writing software that controls or monitors some process that exists in the real world, it takes a long time to test it. But if you simulate it, there is no reason in the simulated software (if it is disconnected from the real world completely) not to make the apparent system time inside your software appear to move at a much faster rate. For example, I have written simulators that can verify the operational steps taken by industrial controllers over a 12 hour FakeTime period, which executes in 60 seconds. This allows me to run '12 hours' of fake time through my test cases and test scenarios, without waiting 12 hours for the testing to complete. Of course, after a successful fakeTime test, an industrial RealTime system still needs to be tested in non-simulated fashion.

    (tags: faketime time testing mocks mocking system-tests)

  • Introducing Winston

    'Event driven Diagnostic and Remediation Platform' -- aka 'runbooks as code'

    (tags: runbooks winston netflix remediation outages mttr ops devops)

Links for 2016-08-05

Published August 5, 2016

  • International Olympic Committee bans GIFs

    hahaha. gtfo, IOC

    (tags: gifs animation olympics sports tv events)

  • Ratas - A hierarchical timer wheel

    excellent explanation and benchmarks of a timer wheel implementation

    (tags: timer-wheels timing-wheels algorithms c linux timers data-structures)

  • AWS Case Study: mytaxi

    ECS, Docker, ELB, SQS, SNS, RDS, VPC, and spot instances. Pretty canonical setup these days...

    The mytaxi app is also now able to predict daily and weekly spikes. In addition, it has gained the elasticity required to meet demand during special events. Herzberg describes a typical situation on New Year's Eve: “Shortly before midnight everyone needs a taxi to get to parties, and after midnight people want to go home. In past years we couldn't keep up with the demand this generated, which was around three and a half times as high as normal. In November 2015 we moved our Docker container architecture to Amazon ECS, and for the first time ever in December we were able to celebrate a new year in which our system could handle the huge number of requests without any crashes or interruptions—an accomplishment that we were extremely proud of. We had faced the biggest night on the calendar without any downtime.”

    (tags: mytaxi aws ecs docker elb sqs sns rds vpc spot-instances ops architecture)

Links for 2016-08-03

Published August 3, 2016

  • Exit Scam Survival Guide : Buttcoin

    Bitcoin lols:

    Honesty is most important. Be sure to carefully explain that (excluding the mountain of evidence to the contrary) there was no way to foresee the [Bitcoin] exchange hacking. Practice phrases like, "this operation was the most trustworthy exchange running out of a vacant building in Singapore" and "no we can't just call the exchange, they don't have a phone number". If your significant other criticizes your decision to buy cryptocurrencies, be sure to fall back on technical merits of cryptocurrencies. Mention, "it's backed by math" and "[insert cryptocurrency here] didn't fail, people failed".

    (tags: bitcoin buttcoin lol funny cryptocurrency security exchanges)

  • Prepaid Data SIM Card Wiki

    awesome resource.

    This WIKI collects information about prepaid (or PAYG) mobile phone plans from all over the world. Not just any plans though, they must include good data rates, perfect for smartphone travellers, as well as tablet or mobile modem users.

    (tags: data mobile travel sim prepaid payg)

  • awyisser

    'aw yiss comic generator'. AW YISS

    (tags: aw-yiss memes meme-generators funny kate-beaton)

Links for 2016-07-28

Published July 28, 2016

  • Photographer Files $1 Billion Suit Against Getty for Licensing Her Public Domain Images

    Massive, massive copyright fail by Alamy and Getty Images.

    Since each violation of copyright in this case allows the plaintiff to seek damages up to $25,000, the statutory damages for Getty’s 18,755 violations amount to $468,875,000. But because the company was found to have violated the same copyright law within the past three years — in 2013, Daniel Morel was awarded $1.2 million in a suit against Getty, after the agency pulled his photos from Twitter and distributed them without permission to several major publications — Highsmith can elect to seek three times that amount: hence the $1 billion suit. “The economic damage that Ms. Highsmith has suffered includes, without limitation, any and all revenue received by the Defendants based on purported licenses sold for the Highsmith Photos. These funds represent money that Ms. Highsmith could have received had she attempted to monetize her photos through the Defendants,” the complaint states. “The injury to Ms. Highsmith’s reputation has been … severe,” it continues. “There is at least one example of a recipient of a threatening letter for use of a Highsmith Photo researching the issue and determining that Ms. Highsmith had made her photos freely available and free to use through the Library website. … Therefore, anyone who sees the Highsmith Photos and knows or learns of her gift to the Library could easily believe her to be a hypocrite.”

    (tags: getty alamy images copyright licensing relicensing public-domain carol-highsmith)

Links for 2016-07-26

Published July 26, 2016

  • Noirmoutier Indigo Campsite, France

    As recommended by J & F: 'Most of the campsites we've stayed in have had great facilities for kids - pools, activities, entertainment etc - but the problem with that is you spend your day being dragged from one to the other. There's none of that at Camping Indigo in Noirmoutier apart from a playground, some kayaks and some music in the bar at night but it is on the beach so the kids either run wild around the campsite or play on the beach - it was the best and most relaxing holiday we ever had and we definitely met the coolest people there. There's a really nice town in the centre of the island and great beaches all around it so hire bikes and roam free.' Bookmarking for next year's holiday planning!

    (tags: holidays fun france camping noirmoutier chaize-wood loire nantes recommendations)

Links for 2016-07-25

Published July 25, 2016

  • Kelsey Hightower - healthz: Stop reverse engineering applications and start monitoring from the inside

    his Monitorama 2016 talk, talking about the "deep health checks" concept (which I implemented at Swrve earlier this year ;)

    (tags: monitorama health deep-health-checks healthz testing availability reliability)

  • The sweat houses of Leitrim

    I never knew we had a native take on the sauna, the “teach alluis”:

    Sweathouses were used for the treatment for a wide range of ailments up to the late 19th and early 20th centuries, primarily rheumatism but also including sciatica, lameness, sore eyes, gout, skin disorders, psychiatric disorders, impotence and infertility. Surviving records indicate that treatment was often a group activity for 4-8 persons. The sweathouse was heated by filling the interior with fuel (turf, heather, wood etc. as available), and firing the structure for a period of up to two days to heat the stone structure, the hot ashes were then raked out and the interior floor lined with bracken, grass or straw. The bathers entered and blocked the entrance with turves, clothes or some other means. The sweating period could last a number of hours while the structure retained heat. Some authors note that water was thrown on hot stones to create steam. Afterwards, the “patients” would either take a cold plunge in the nearby water source, or go home and rest for a few hours, or simply return to their normal daily activities.
    (via Aileen)

    (tags: via:aileen sweating sweat-houses irish history saunas heat)

Links for 2016-07-21

Published July 21, 2016

  • Regexp Disaster

    Course notes from Gerald Jay Sussman's "Adventures in Advanced Symbolic Programming" class at MIT. Hard to argue with this:

    The syntax of the regular-expression language is awful. There are various incompatable forms of the language and the quotation conventions are baroquen [sic]. Nevertheless, there is a great deal of useful software, for example grep, that uses regular expressions to specify the desired behavior. Although regular-expression systems are derived from a perfectly good mathematical formalism, the particular choices made by implementers to expand the formalism into useful software systems are often disastrous: the quotation conventions adopted are highly irregular; the egregious misuse of parentheses, both for grouping and for backward reference, is a miracle to behold. In addition, attempts to increase the expressive power and address shortcomings of earlier designs have led to a proliferation of incompatible derivative languages.
    (via Rob Pike's twitter: https://twitter.com/rob_pike/status/755856685923639296)

    (tags: regex regexps regular-expressions functional combinators gjs rob-pike coding languages)

  • A Cute Internet Star Flirts. All He Wants Is Your Password. - The New York Times

    whoa.

    Mr. Johnson’s fans are not naïve. Handing over their passwords to some strange, cute boy actually constitutes a minor act of youthful rebellion. The whole encounter delivers a heady mix of intimacy and transgression — the closest digital simulation yet to a teenage crush.
    (via Adam Shostack)

    (tags: via:adam-shostack passwords authentication security teens rebellion)

  • Just As We Warned: A Chinese Tech Giant Goes On The Patent Attack -- In East Texas | Techdirt

    Techdirt has been warning for years that the West's repeated demands for China to "respect" patents could backfire badly. [...] And guess what? That is exactly what has just happened, as The Wall Street Journal reports: 'Huawei Technologies Co. said it has filed a lawsuit against T-Mobile US Inc., alleging the U.S. telecommunications carrier violated the Chinese company’s patents related to wireless networks. In its complaint filed this week in the U.S. District Court for the Eastern District of Texas, Huawei said T-Mobile is using its patented technology without signing a licensing agreement.'
    At least this is the most likely scenario to result in patent reform, finally.

    (tags: patents east-texas huawei t-mobile telecoms law)

  • A New Wrinkle in the Gig Economy: Workers Get Most of the Money - The New York Times

    So using money from the sale of iStock to Getty, she and Mr. Livingstone set out to create Stocksy, paying photographers 50 to 75 percent of sales. That is well above the going rate of 15 to 45 percent that is typical in the stock photography field. The company also distributes 90 percent of its profit at the end of each year among its photographers. Stocksy is part of a new wave of start-ups that are borrowing the tools of Silicon Valley to create a more genuine “sharing” economy that rewards the individuals generating the value.

    (tags: stocksy stock-photos photos fair sharing photography work)

Links for 2016-07-19

Published July 19, 2016

  • Violet Club

    eye-poppingly bizarre half-assed safety features of the 1950s -- a megaton nuclear weapon rendered safe from accidental criticality accidents only by a plastic bag full of ball bearings

    (tags: nuclear-weapons nukes safety 1950s uk funny bizarre violet-club ball-bearings via:cstross)

  • Frankly Useless Crank “Knowledge,” Only For Fools

    A wonderfully-sweary post on the etymology of swear words, and how they're not derived from acronyms, really.

    shit? Also from an old Germanic root, descended equally to modern German Scheiss (which sounds closer to Scots shite). It shows up in Old English, fully inflected: “Wiþ þon þe men mete untela melte & gecirre on yfele wætan & scittan” (that scittan is an infinitive form of ‘shit’ and was said like “shit-tan”). I can assure you that an acronym Ship High In Transit – supposedly meaning that manure was to be loaded in the upper parts of ships – was not possible in the language in the Old English period, not just because transit was not borrowed from Latin until half a millennium later, or because they didn’t use acronyms like that then, but because what the fuck are you even thinking. They didn’t need to ship manure. Animals produce it on the spot everywhere. Holy shit, fucking seriously.

    (tags: shit funny words etymology acronyms)

Links for 2016-07-14

Published July 14, 2016

Links for 2016-07-12

Published July 12, 2016

  • Shopify/ejson

    'a small library to manage encrypted secrets using asymmetric encryption.'

    The main benefits provided by ejson are: Secrets can be safely stored in a git repo. Changes to secrets are auditable on a line-by-line basis with git blame. Anyone with git commit access has access to write new secrets. Decryption access can easily be locked down to production servers only. Secrets change synchronously with application source (as opposed to secrets provisioned by Configuration Management). Simple, well-tested, easily-auditable source.

    (tags: crypto security credentials encryption ejson json configuration config)

Links for 2016-07-11

Published July 11, 2016

  • The mysterious syndrome impairing astronauts’ sight - The Washington Post

    Visual impairment intracranial pressure syndrome (VIIP) is named for the leading theory to explain it. On Earth, gravity pulls bodily fluids down toward the feet. That doesn’t happen in space, and it is thought that extra fluid in the skull increases pressure on the brain and the back of the eye.

    (tags: viip sight eyes space zero-gravity health)

  • Designing the Perfect Anti-Object

    This pale, amorphous lump of sculpted concrete is designed to resist almost everything in a city that it might come into contact with. Named for the London authority that commissioned it, the Camden Bench has a special coating which makes it impervious to graffiti and vandalism. The squat, featureless surface gives drug dealers nowhere to hide their secret caches. The angled sides repel skateboarders and flyposters, litter and rain. The cambered top throws off rough sleepers. In fact, it is specially crafted to make sure that it is not used as anything except a bench. This makes it a strange artifact, defined far more by what it is not than what it is. The Camden Bench is a concerted effort to create a non-object.

    (tags: non-objects objects city camden benches vandalism skating london)

Links for 2016-07-08

Published July 8, 2016

  • The Apollo 11 AGC source code was uploaded to Github, and someone opened an issue

    For the famous Apollo 13 near-fatal failure scenario:

    'A customer has had a fairly serious problem with stirring the cryogenic tanks with a circuit fault present. To reproduce: Build CSM; Perform mission up to translunar coast; During translunar coast, attempt to stir cryo tanks If a wiring fault exists, the issue may be replicated. Be aware that this may be hazardous to the tester attempting it.' Sample response: 'Does it happens only with translunar coast (sol-3-a), or any moon coasting? It may be a problem with the moon. Just trying to narrow down the issue.'

    (tags: lol funny apollo apollo-11 apollo-13 agc history space github)

  • Law to allow snooping on social media defies European court ruling

    Karlin on fire:

    But there’s lots in this legislation that should scare the public far more. For example, the proposal that the legislation should allow the retention of “superfluous data” gathered in the course of an investigation, which is a direct contravention of the ECJ’s demand that surveillance must be targeted and data held must be specifically relevant, not a trawl to be stored for later perusal “just in case”. Or the claim that interception and retention of data, and access to it, will only be in cases of the most serious crime or terrorism threats. Oh, please. This was, and remains, the supposed basis for our existing, ECJ-invalidated legislation. Yet, as last year’s Gsoc investigation into Garda leaks revealed, it turns out a number of interconnected pieces of national legislation allow at least 10 different agencies access to retained data, including Gsoc, the Competition Authority, local authorities and the Irish Medicines Board.

    (tags: surveillance ireland whatsapp viber snowden snooping karlin-lillington facebook internet data-retention)

Links for 2016-07-06

Published July 6, 2016

  • Raintank investing in Graphite

    paying Jason Dixon to work on it, improving the backend, possibly replacing the creaky Whisper format. great news!

    (tags: graphite metrics monitoring ops open-source grafana raintank)

  • conventional-changelog-atom 502 Bad Gateway · Issue #13284 · npm/npm

    npm down for most of the (EU) day. What a shitshow

    (tags: npm fail javascript dependencies coding)

  • Camille Fournier's excellent rant on microservices

    I haven’t even gotten into the fact that your microservices are an inter-dependent environment, as much as you may wish otherwise, and one service acting up can cause operational problems for the whole team. Maybe if you have Netflix-scale operational hardening that’s not a problem. Do you? Really? Is that the best place to spend your focus and money right now, all so teams can throw shit against the wall to see if it sticks? Don’t sell people fantasies. This is not the reality for a mid-sized tech team working in microservices. There are enough valuable components to building out such a system without the fantastical claims of self-organizing teams who build cool hack projects in 2 week sprints that change the business. Microservices don’t make organizational problems disappear due to self-organization. They allow for some additional degrees of team and process independence and force very explicit decoupling, in exchange, there is overall system complexity and overall system coordination overhead. I personally think that’s enough value, especially when you are coming from a monolith that is failing to scale, but this model is not a panacea.

    (tags: microservices rants camille-fournier architecture decoupling dependencies)

Links for 2016-07-05

Published July 5, 2016

Links for 2016-06-29

Published June 29, 2016

Links for 2016-06-28

Published June 28, 2016

  • My kids don't have a YouTube channel — but they pretend they do

    “Dad is making a right turn now,” my 5-year-old son Jack will say as he newscasts the ride to school to a fictional audience. “Don’t forget to subscribe,” his sister Ella, 6, will often interject -- again, to no one in particular. When I was their age, I’d pretend to be a soldier or a baseball player. Today, kids apparently aspire to be vloggers. It’s not enough for them to watch their favorite shows. They want to broadcast their lives, banter with commenters and keep their make-believe view counts high.

    (tags: youtube kids wtf video broadcasting)

Links for 2016-06-27

Published June 27, 2016

  • Cops Use Stingray To Almost Track Down Suspected Fast Food Thief

    Law enforcement spokespeople will often point to the handful of homicide or kidnapping investigations successfully closed with the assistance of cell site simulators, but they'll gloss over the hundreds of mundane deployments performed by officers who will use anything that makes their job easier -- even if it's a tool that's Constitutionally dubious. Don't forget, when a cell site simulator is deployed, it gathers cell phone info from everyone in the surrounding area, including those whose chicken wings have been lawfully purchased. And all of this data goes... somewhere and is held onto for as long as the agency feels like it, because most agencies don't seem to have Stingray data retention policies in place until after they've been FOIA'ed/questioned by curious legislators. Regular policework -- which seemed to function just fine without cell tracking devices -- now apparently can't be done without thousands of dollars of military equipment. And it's not just about the chicken wing thieves law enforcement can't locate. It's about the murder suspects who are caught but who walk away when the surveillance device wipes its feet on the Fourth Amendment as it serves up questionable, post-facto search warrants and pen register orders.

    (tags: stingrays mobile surveillance imsi-catchers data-retention privacy chicken-wings fast-food)

  • A fast alternative to the modulo reduction

    (x * N) div 2^32 is an equally fair map reduction, but faster on modern 64-bit CPUs

    (tags: fairness modulo arithmetic algorithms fair-mapping reduce daniel-lemire)

Links for 2016-06-26

Published June 26, 2016

  • There are liars and then there’s Boris Johnson and Michael Gove

    Post-brexit post-mortem from Nicholas Cohen in the grauniad:

    The Vote Leave campaign followed the tactics of the sleazy columnist to the letter. First, it came out with the big, bold solution: leave. Then it dismissed all who raised well-founded worries with “the country is sick of experts”. Then, like Johnson the journalist, it lied.

    (tags: eu politics uk brexit boris-johnson michael-gove)

  • 'If you've got money, you vote in ... if you haven't got money, you vote out' | Politics | The Guardian

    The prime minister evidently thought that the whole debate could be cleanly started and finished in a matter of months. His Eton contemporary Boris Johnson – and, really, can you believe that the political story of the last four months has effectively been a catastrophic contest between two people who went to the same exclusive school? – opportunistically embraced the cause of Brexit in much the same spirit. What they had not figured out was that a diffuse, scattershot popular anger had not yet decisively found a powerful enough outlet, but that the staging of a referendum and the cohering of the leave cause would deliver exactly that. Ukip were held back by both the first-past-the-post electoral system, and the polarising qualities of Farage, but the coalition for Brexit effectively neutralised both. And so it came to pass: the cause of leaving the EU, for so long the preserve of cranks and chancers, attracted a share of the popular vote for which any modern political party would give its eye teeth.

    (tags: brexit europe eu uk eton ukip politics)

Links for 2016-06-23

Published June 23, 2016

  • In Wisconsin, a Backlash Against Using Data to Foretell Defendants’ Futures - The New York Times

    More trial-by-algorithm horrors:

    Company officials say the algorithm’s results are backed by research, but they are tight-lipped about its details. They do acknowledge that men and women receive different assessments, as do juveniles, but the factors considered and the weight given to each are kept secret. “The key to our product is the algorithms, and they’re proprietary,” said Jeffrey Harmon, Northpointe’s general manager. “We’ve created them, and we don’t release them because it’s certainly a core piece of our business. It’s not about looking at the algorithms. It’s about looking at the outcomes.” That secrecy is at the heart of Mr. Loomis’s lawsuit. His lawyer, Michael D. Rosenberg, who declined to be interviewed because of the pending appeal, argued that Mr. Loomis should be able to review the algorithm and make arguments about its validity as part of his defense. He also challenges the use of different scales for each sex. The Compas system, Mr. Rosenberg wrote in his brief, “is full of holes and violates the requirement that a sentence be individualized.”

    (tags: ethics compas sentencing wisconsin northpointe law trial-by-algorithm algorithms)

Links for 2016-06-20

Published June 20, 2016

  • Holloways: Roads Tunneled into the Earth by Time

    Appearing like trenches dragged into the earth, sunken lanes, also called hollow-ways or holloways, are centuries-old thoroughfares worn down by the traffic of time. They're one of the few examples of human-made infrastructure still serving its original purpose, although many who walk through holloways don't realize they're retracing ancient steps.

    (tags: cool hiking geography roads paths holloways psychogeography lanes)

  • Terrorism and internet blocking – is this the most ridiculous amendment ever? - EDRi

    So, there you have it: Blocking is necessary, except it is not. Safeguards need to be implemented, except they don’t need to be. This approach is legal, except it isn’t. The text is based on the Child Exploitation Directive, except it isn’t. Is this really how we are going to create credible legislation on terrorism?

    (tags: edri blocking internet censorship eu ep)

  • E-Voting in Estonia needs to be discontinued

    After studying other e-voting systems around the world, the team was particularly alarmed by the Estonian I-voting system. It has serious design weaknesses that are exacerbated by weak operational management. It has been built on assumptions which are outdated and do not reflect the contemporary reality of state-level attacks and sophisticated cybercrime. These problems stem from fundamental architectural problems that cannot be resolved with quick fixes or interim steps. While we believe e-government has many promising uses, the Estonian I-voting system carries grave risks — elections could be stolen, disrupted, or cast into disrepute. In light of these problems, our urgent recommendation is that to maintain the integrity of the Estonian electoral process, use of the Estonian I-voting system should be immediately discontinued.

    (tags: internet technology e-voting voting security via:mattblaze estonia i-voting russia cybercrime)

Links for 2016-06-16

Published June 16, 2016

  • The Irish Internet in the 1980s

    from Dr Mark Humphrys in DCU:

    A collection of bits and pieces of Internet history. Focusing somewhat (but not exclusively) on: (a) the 1980s, when I first started using the Internet, and: (b) Ireland.

    (tags: mark-humphrys dcu history tcd bitnet ireland internet web www 1980s)

  • TechArchives

    I need to get in touch about the early days of the Irish web!

    an online home for stories from Ireland – stories about the country’s long and convoluted relationship with information technology. It aims to gather information on the most significant aspects of this relationship, to compile archives on the selected themes, and to store the assembled records for the benefit of future generations.

    (tags: web ireland history internet www)

  • The History of the Irish Internet

    This site is a companion effort to the techarchives website, except it is less well-researched, and is primarily a personal view of the development of the Internet in Ireland by your humble author, Niall Murphy.

    (tags: niallm internet ireland history networking heanet ieunet)

  • What's Actually Wrong with Yahoo's Purchase of Summly

    An old post about Y!'s acquisition of Summly, an iPhone app which uses NLP to summarise news stories. This is an excellent point about modern tech startups:

    [Summly] licensed the core engine from another company. They are the quintessential bolt-on engineers, taking a Japanese bike engine, slapping together a badly constructed frame aligned solely by eyeballs, and laying down a marketing blitz. That's why the story sells. "You, too, can do it." But do you want to? [...] it's critical to keep tabs on the ratio known as "glue versus thought." Sure, both imply progress and both are necessary. But the former is eminently mundane, replaceable, and outsource-able. The latter is typically what gives a company its edge, what is generally regarded as a competitive advantage. So, what is Yahoo signaling to the world? "We value glue more than thought."

    (tags: glue thought glue-vs-thought summly yahoo acquisitions licensing tech startups outsourcing open-source)

Links for 2016-06-15

Published June 15, 2016

  • What the Irish Ate Before Potatoes - Bon Appétit

    on the history of Irish cuisine -- mostly milk and butter, and notably "bog butter":

    And the Irish didn’t like their butter just one way: from the 12th century on, there are records of butter flavored with onion and garlic, and local traditions of burying butter in bogs. Originally, it’s thought that bog butter began as a good storage system, but after a time, buried bog butter came to be valued for its uniquely boggy flavor.

    (tags: bog-butter bogs ireland food eating milk curds whey banbidh dairy)

  • The tyranny of the algorithm yet again...

    Paypal will no longer handle payments if the user's address includes the word "Isis":

    That these place names exist won't be a surprise to anyone familiar with English limnology - the study of rivers and inland waters. As Wikipedia helpfully tells us, "The Isis is the name given to the part of the River Thames above Iffley Lock which flows through the university city of Oxford". In at least one local primary school I'm familiar with, the classes are called Windrush, Cherwell, Isis and Thames. [...] Now PayPal has decided that they are not prepared to facilitate payments for goods to be delivered to an address which includes the word "Isis". An Isis street resident ran into some unexpected difficulties when attempting to purchase a small quantity of haberdashery on the internet with the aid of a PayPal account. The transaction would not process. In puzzlement she eventually got irritated enough to brave the 24/7 customer support telephone tag labyrinth. The short version of the response from the eventual real person she managed to get through to was that PayPal have blacklisted addresses which include the name "Isis". They will not process payments for goods to be delivered to an Isis related address, whatever state of privileged respectability the residents of such properties may have earned or inherited in their lifetimes to this point.
    One has to wonder if this also brings the risk of adding the user to a secret list, somewhere. Trial by algorithm.

    (tags: isis algorithms automation fail law-enforcement paypal uk rivers)

  • Can the United Kingdom government legally disregard a vote for Brexit?

    Oh thank god, there's a "get out of jail" card before they destroy the global economy to appease the eurosceptics.

    On the day after a vote for Brexit, the UK will still be a member state of the EU. All the legislation which gives effect to EU law will still be in place. Nothing as a matter of law changes in any way just because of a vote to Leave. What will make all the legal difference is not a decision to leave by UK voters in a non-binding advisory vote, but the decision of the prime minister on how to react before making any Article 50 notification. And what the prime minister will do politically after a referendum vote for Brexit is, at the moment, as unknown as the result of the result of the referendum itself.

    (tags: brexit law uk government referenda eurosceptics eu)

  • Insurance Comparison Ireland

    comparison-shopping site for Irish car insurance. recommended by some random Broadsheet commenter, worth a try next time this comes up

    (tags: comparison shopping ireland car-insurance insurance)

  • Differential Privacy

    Apple have announced they plan to use it; Google use a DP algorithm called RAPPOR in Chrome usage statistics. In summary: "novel privacy technology that allows inferring statistics about populations while preserving the privacy of individual users".

    (tags: apple privacy anonymization google rappor algorithms sampling populations statistics differential-privacy)

  • Sample letter to refuse permission for a child's data to be transferred into POD - Tuppenceworth.ie blog

    The Department of Education has issued a new circular accepting it cannot defund the education of children whose parents do not want their kid’s data to be in POD [the privacy-infringing database of all Irish primary-school children]. They’ll only accept a written request as the basis of that refusal, however. So, here’s one you can use that meets the requirements. Send or give it to your school.

    (tags: pod privacy ireland children kids school)

  • Three starts network-level ad blocking trial

    Three, the mobile carrier, has begun warming up for a network-level ad blocking trial. It will become one of the first mobile carriers worldwide—and certainly in the UK—to try blocking ads before they are squirted over the network to the consumer, rather than attempting to hide or block ads locally on the device, which can cost both bandwidth and battery life. The ad blocking trial, which will affect both mobile websites and apps, will take place during a 24-hour period sometime between June 13 and 20. Three says it will contact customers and ask them to sign up for the trial, presumably via the online customer portal. It isn't clear how large the trial will be. Technologically, the network-level ad blocking will be powered by Shine. Due to the nature of the beast—the constant tussle between ad publishers and ad blockers—Shine doesn't like to talk about its tech in much detail. It sounds like Shine uses deep packet inspection and machine learning to find packets that contain ads, and then replaces or removes them in such a way that it doesn't break the layout of the website or app.

    (tags: shine three uk adblocking mobile isps)

  • Some thoughts on operating containers

    R.I.Pienaar talks about the conventions he uses when containerising; looks like a decent approach.

    (tags: ops containers docker ripienaar packaging)

  • ClickHouse — open-source distributed column-oriented DBMS

    'ClickHouse manages extremely large volumes of data in a stable and sustainable manner. It currently powers Yandex.Metrica, world’s second largest web analytics platform, with over 13 trillion database records and over 20 billion events a day, generating customized reports on-the-fly, directly from non-aggregated data. This system was successfully implemented at CERN’s LHCb experiment to store and process metadata on 10bn events with over 1000 attributes per event registered in 2011.' Yandex-tastic, but still looks really interesting

    (tags: yandex analytics database storage sql clickhouse)

Links for 2016-06-14

Published June 14, 2016

Links for 2016-06-13

Published June 13, 2016

Links for 2016-06-08

Published June 8, 2016

  • Stop it with short PGP key IDs!

    What happened today? We still don't really know, but it seems we found a first potentially malicious collision — that is, the first "nonacademic" case. Enrico found two keys sharing the 9F6C6333 short ID, apparently belonging to the same person (as would be the case of Asheesh, mentioned above). After contacting Gustavo, though, he does not know about the second — That is, it can be clearly regarded as an impersonation attempt. Besides, what gave away this attempt are the signatures it has: Both keys are signed by what appears to be the same three keys: B29B232A, F2C850CA and 789038F2. Those three keys are not (yet?) uploaded to the keyservers, though... But we can expect them to appear at any point in the future. We don't know who is behind this, or what his purpose is. We just know this looks very evil. Now, don't panic: Gustavo's key is safe. Same for his certifiers, Marga, Agustín and Maxy. It's just a 32-bit collision. So, in principle, the only parties that could be cheated to trust the attacker are humans, right? Nope. Enrico tested on the PGP pathfinder & key statistics service, a keyserver that finds trust paths between any two arbitrary keys in the strong set. Surprise: The pathfinder works on the short key IDs, even when supplied full fingerprints. So, it turns out I have three faked trust paths into our impostor.

    (tags: pgp gpg keys collisions hashing security debian)

  • UK at serious risk of over-blocking content online, human rights watchdog warns | Ars Technica UK

    The IWF in the spotlight...

    The blacklist operated by the IWF effectively amounts to censorship. Not only are the blacklist and notices sent to members of the IWF kept secret, but there is no requirement to notify website owners when their site has been added to the blacklist. Even where statutory rules do exist with respect to notice and take-down procedures (namely, the Terrorism Act 2006 and the Defamation (Operators of Websites) Regulations 2013), the provisions are not so concerned with safeguards for the protection of freedom of expression, as with offering an exemption from liability for ISPs.

    (tags: iwf censorship uk filtering coe eu europe)

Links for 2016-06-07

Published June 7, 2016

Links for 2016-06-03

Published June 3, 2016

  • FullPageOS Automatically Boots Your Raspberry Pi Into a Full Page Web Kiosk Mode

    set up to boot into a full-screen Chromium window on boot. This means if you’re using your Pi to power an information display, you won’t need to go through the process of disabling screen savers, editing display size, and forcing full-screen mode on your own. All you need to do is install FullPageOS on an SD card, then edit a TXT file to include your Wi-Fi network info and the URL you want it to load up.

    (tags: kiosks raspberry-pi fullpageos chrome chromium web appliances hacks)

  • _Could a Neuroscientist Understand a Microprocessor?_

    'There is a popular belief in neuroscience that we are primarily data limited, that producing large, multimodal, and complex datasets will, enabled by data analysis algorithms, lead to fundamental insights into the way the brain processes information. Microprocessors are among those artificial information processing systems that are both complex and that we understand at all levels, from the overall logical flow, via logical gates, to the dynamics of transistors. Here we take a simulated classical microprocessor as a model organism, and use our ability to perform arbitrary experiments on it to see if popular data analysis methods from neuroscience can elucidate the way it processes information. We show that the approaches reveal interesting structure in the data but do not meaningfully describe the hierarchy of information processing in the processor. This suggests that current approaches in neuroscience may fall short of producing meaningful models of the brain.' via Bryan O'Sullivan.

    (tags: via:bos neuroscience microprocessors 6502 computers hardware wetware brain biology neural-systems)

Links for 2016-06-01

Published June 1, 2016

  • ztellman/dirigiste

    'centrally-planned object and thread pools' for java. 'In the default JVM thread pools, once a thread is created it will only be retired when it hasn't performed a task in the last minute. In practice, this means that there are as many threads as the peak historical number of concurrent tasks handled by the pool, forever. These thread pools are also poorly instrumented, making it difficult to tune their latency or throughput. Dirigiste provides a fast, richly instrumented version of a java.util.concurrent.ExecutorService, and provides a means to feed that instrumentation into a control mechanism that can grow or shrink the pool as needed. Default implementations that optimize the pool size for thread utilization are provided. It also provides an object pool mechanism that uses a similar feedback mechanism to resize itself, and is significantly simpler than the Apache Commons object pool implementation.' Great metric support, too.

    (tags: async jvm dirigiste java threadpools concurrency utilization capacity executors object-pools object-pooling latency)

Links for 2016-05-31

Published May 31, 2016

Links for 2016-05-30

Published May 30, 2016

  • Green/Blue Deployments with AWS Lambda and CloudFormation - done right

    Basically, use a Lambda to put all instances from an ASG into the ELB, then remove the old ASG

    (tags: asg elb aws lambda deployment ops blue-green-deploys)

  • Six Years of Hacker News Comments about Twilio

    love it.

    (tags: twilio hn hackernews funny tech)

  • fiunchinho/dockerize-me

    'Tired of copy/pasting Dockerfiles around? Not sure about best practices for Dockerfiles or Docker entry points? This tool lets you Dockerize your applications using best practices to define your Dockerfile and Docker entry point files.' The best practices in question are defined here: https://github.com/docker-library/official-images#review-guidelines

    (tags: docker dockerfile images build best-practices alpine containers)

  • grammarly/rocker

    backward compatible replacement for Dockerfile. Yes, you can take any Dockerfile, rename it to Rockerfile and use rocker build instead of docker build. ... Rocker aims to solve the following use cases, which are painful with plain Docker: Mount reusable volumes on build stage, so dependency management tools may use cache between builds. Share ssh keys with build (for pulling private repos, etc.), while not leaving them in the resulting image. Build and run application in different images, be able to easily pass an artifact from one image to another, ideally have this logic in a single Dockerfile. Tag/Push images right from Dockerfiles. Pass variables from shell build command so they can be substituted to a Dockerfile. And more. These are the most critical issues that were blocking our adoption of Docker at Grammarly. The most challenging part is caching. While implementing those features seems to be not a big deal, it's not trivial to do that just by utilising Docker’s image cache (the one that docker build does). Actually, it is the main reason why those features are still not in Docker. With Rocker we achieve this by introducing a set of trade-offs. Search this page for "trade-off" to find out more details.

    (tags: docker rocker build containers dockerfiles)

  • How big an issue is the nausea problem for Virtual Reality products? - Quora

    Sadly (because I want a “holodeck” as much as the next red-blooded geek) - I don’t think it’s possible to make a VR system that both delivers the experience that everyone wants - and doesn’t make a sizeable proportion of the population so sick that they’ll never want to do it again. For the people who can stomach the display - my major concern is that the US Navy studies show that there is some disorientation that might persist long after finishing your game…so driving a car while “under the influence” of post-VR disorientation is probably as dangerous as drunk-driving. If these devices are in pretty much every home - then there are huge problems in store for the industry in terms of product liability. There have been plenty of warnings from the flight simulation industry - there are no excuses for not reading the Wikipedia article on the subject. If people are driving “under the influence” and the VR companies didn’t warn them about that - then they’re in deep trouble. IMHO, these consumer-grade VR devices should be carefully studied and if they do cause possible driving impairment, they should be banned until such time as the problems can be fixed…which may very well be “never”. Sorry to be the bearer of bad news.
    (via Tony Finch)

    (tags: holodeck vr oculus-rift hmds nausea head-mounted-displays biology brain flight-simulation)

  • Why do Selenium-style record/replay tests of web applications break?

    good data! Mostly because of element locations it seems....

    (tags: selenium testing web locators papers qa tests)

  • LinkedIn called me a white supremacist

    Wow. Massive, massive algorithm fail.

    n the morning of May 12, LinkedIn, the networking site devoted to making professionals “more productive and successful,” emailed scores of my contacts and told them I’m a professional racist. It was one of those updates that LinkedIn regularly sends its users, algorithmically assembled missives about their connections’ appearances in the media. This one had the innocent-sounding subject, “News About William Johnson,” but once my connections clicked in, they saw a small photo of my grinning face, right above the headline “Trump put white nationalist on list of delegates.” [.....] It turns out that when LinkedIn sends these update emails, people actually read them. So I was getting upset. Not only am I not a Nazi, I’m a Jewish socialist with family members who were imprisoned in concentration camps during World War II. Why was LinkedIn trolling me?

    (tags: ethics fail algorithm linkedin big-data racism libel)

  • [RFE] add a way to run in a new systemd scope automatically · Issue #428 · tmux/tmux

    omgwtfbbq. 1: User reports that their gnome session leaks processes; 2: systemd modifies default session behaviour to kill all processes, including screen/tmux; 3: _everyone_ complains because they break 30 years of UNIX process semantics, then 4: they request that tmux/screen hack their shit to workaround their brokenness. Get fucked, systemd. This is the kind of shit that would finally drive me to BSDland

    (tags: systemd horror linux fail unix gnome tmux bugs omgwtfbbq)

Links for 2016-05-27

Published May 27, 2016

Links for 2016-05-26

Published May 26, 2016

  • Anti-Choice Groups Use Smartphone Surveillance to Target 'Abortion-Minded Women' During Clinic Visits - Rewire

    Geofencing used for evil:

    What Flynn realized is that he could use [ad targeting] to infer that a woman might be seeking an abortion, and to target her for ads from anti-choice groups [using geofenced advertising]. “We can reach every Planned Parenthood in the U.S.,” he wrote in a PowerPoint display sent to potential clients in February. The Powerpoint included a slide titled “Targets for Pro-Life,” in which Flynn said he could also reach abortion clinics, hospitals, doctors’ offices, colleges, and high schools in the United States and Canada, and then “[d]rill down to age and sex.” “We can gather a tremendous amount of information from the [smartphone] ID,” he wrote. “Some of the break outs include: Gender, age, race, pet owners, Honda owners, online purchases and much more.” Flynn explained that he would then use that data to send anti-choice ads to women “while they’re at the clinic.”

    (tags: geofencing grim-meathook-future abortion phones smartphones pro-choice ads)

  • Live Streaming Security Games

    Rapid Fire is a special event we started hosting at our own in-person CTFs in 2014. The idea is pretty simple: Create several CTF challenges that can be solved in a few minutes each. Set up the challenges on 4 identical computers with some basic tools. Mirror the player’s screens so the audience can watch their actions. Whoever solves the most challenges the fastest wins. This event is interesting for a number of reasons: the players are under intense pressure, as everything they do is being watched by several people; the audience can watch several different approaches to the same problems; and people can follow along fairly easily with what is going on with the challenges.
    With e-sports-style video!

    (tags: gaming hacking security e-sports streaming twitch ctf)

  • Open Sourcing Twitter Heron

    Twitter are open sourcing their Storm replacement, and moving it to an independent open source foundation

    (tags: open-source twitter heron storm streaming architecture lambda-architecture)

  • Why the Very Silly Oracle v. Google Trial Actually Matters

    If it’s illegal to write clean room implementations of APIs, then no one has clean hands. The now-shelved open source project Apache Harmony, like Android, reimplemented Java SE, and tech giant IBM contributed code to that project. Oracle itself built its business off a proprietary implementation of SQL, which was created by IBM. The proposition “Reimplementations of APIs are infringements” creates a recursive rabbit hole of liability that spans across the industry. Even the very 37 Java APIs at issue in this trial contain reimplementations of other APIs. Google witness Joshua Bloch—who, while at Sun Microsystems, wrote many of the Java APIs—testified that specific Java APIs are reimplementations of other APIs from Perl 5 and the C programming language.

    (tags: apis fair-use copyright ip android java google oracle law)

Links for 2016-05-24

Published May 24, 2016

Links for 2016-05-23

Published May 23, 2016

  • 100 thieves steal $13m in three hours from cash machines across Japan

    'Police believe that as many as 100 people, none of whom have been apprehended, worked together using forged credit cards containing account details illegally obtained from a bank in South Africa. The culprits used the fake cards at 1,400 convenience store automated teller machines on the morning of 15 May, according to police. Each made a single withdrawal of 100,000 yen – the maximum allowed by the cash machines.' 1,600 forged/stolen credit card credentials from a single bank, then a synchronised attack made possible by the eventually-consistent ledger model of ATM accounting. (via William Gibson)

    (tags: atms banking japan fraud security credit-cards)

  • Revealed: How copyright law is being misused to remove material from the internet

    Automated DMCA takedowns used to fraudulently censor online content.

    In fact, no copyright infringement had occurred at all. Instead, something weirder had happened. At some point after Narey posted her comments on Mumsnet, someone had copied the entire text of one of her posts and pasted it, verbatim, to a spammy blog titled “Home Improvement Tips and Tricks”. The post, headlined “Buildteam interior designers” was backdated to September 14 2015, three months before Narey had written it, and was signed by a “Douglas Bush” of South Bend, Indiana. The website was registered to someone quite different, though: Muhammed Ashraf, from Faisalabad, Pakistan. Quite why Douglas Bush or Muhammed Ashraf would be reviewing a builder based in Clapham is not explained in “his” post. BuildTeam says it has no idea why Narey’s review was reposted, but that it had nothing to do with it. “At no material times have we any knowledge of why this false DCMA take down was filed, nor have we contracted any reputation management firms, or any individual or a group to take such action on our behalf. Finally, and in conjunction to the above, we have never spoken with a ‘Douglas Bush,’ or a ‘Muhammed Ashraf.’”

    (tags: fraud censorship mumsnet dmca takedowns google automation copyright)

  • 3 Reasons AWS Lambda Is Not Ready for Prime Time

    This totally matches my own preconceptions ;)

    When we at Datawire tried to actually use Lambda for a real-world HTTP-based microservice [...], we found some uncool things that make Lambda not yet ready for the world we live in: Lambda is a building block, not a tool; Lambda is not well documented; Lambda is terrible at error handling Lung skips these uncool things, which makes sense because they’d make the tutorial collapse under its own weight, but you can’t skip them if you want to work in the real world. (Note that if you’re using Lambda for event handling within the AWS world, your life will be easier. But the really interesting case in the microservice world is Lambda and HTTP.)

    (tags: aws lambda microservices datawire http api-gateway apis https python ops)

  • Machine Bias: There’s Software Used Across the Country to Predict Future Criminals. And it’s Biased Against Blacks. - ProPublica

    holy crap, this is dystopian:

    The first time Paul Zilly heard of his score — and realized how much was riding on it — was during his sentencing hearing on Feb. 15, 2013, in court in Barron County, Wisconsin. Zilly had been convicted of stealing a push lawnmower and some tools. The prosecutor recommended a year in county jail and follow-up supervision that could help Zilly with “staying on the right path.” His lawyer agreed to a plea deal. But Judge James Babler had seen Zilly’s scores. Northpointe’s software had rated Zilly as a high risk for future violent crime and a medium risk for general recidivism. “When I look at the risk assessment,” Babler said in court, “it is about as bad as it could be.” Then Babler overturned the plea deal that had been agreed on by the prosecution and defense and imposed two years in state prison and three years of supervision.

    (tags: dystopia law policing risk risk-assessment northpointe racism fortune-telling crime)

  • Guillermo Del Toro's Tweetstorm About John Carpenter

    'Regarding [John] Carpenter: We all talk about inequalities in film. We can add a huge one: Genre inequality. Horror will always be punk rock!'

    (tags: horror punk john-carpenter movies film guillermo-del-toro)

Links for 2016-05-19

Published May 19, 2016

  • PLOS ONE: Tyrannobdella rex N. Gen. N. Sp. and the Evolutionary Origins of Mucosal Leech Infestations

    Today in nose-leech news -- the paper!

    Principal Findings: A new genus and species of leech from Perú was found feeding from the nasopharynx of humans. Unlike any other leech previously described, this new taxon has but a single jaw with very large teeth. Phylogenetic analyses of nuclear and mitochondrial genes using parsimony and Bayesian inference demonstrate that the new species belongs among a larger, global clade of leeches, all of which feed from the mucosal surfaces of mammals. Conclusions: This new species, found feeding from the upper respiratory tract of humans in Perú, clarifies an expansion of the family Praobdellidae to include the new species Tyrannobdella rex n. gen. n.sp., along with others in the genera Dinobdella, Myxobdella, Praobdella and Pintobdella. Moreover, the results clarify a single evolutionary origin of a group of leeches that specializes on mucous membranes, thus, posing a distinct threat to human health.

    (tags: leeches nose-leech papers science species tyrannobdella-rex horror)

  • Bike thief reveals tricks of the trade in this shockingly candid interview

    This is an eye-opener:

    A former bicycle thief has revealed the tricks of the trade in an interview, which clearly and shockingly shows the extent that thieves will go to in order to steal a bike. He talks about the motivations behind the theft, the tools used to crack locks and how the bikes were moved around and sold for a significant sum. He also gives tips on how to prevent your bike from being stolen. [...] 'Don’t be fooled by Kryptonite locks, they’re not as tough as made out to be. Also D-bars with tubular locks, never use them, they’re the most easy to pick with a little tool. It’s small and discreet, no noise and it looks like you are just unlocking your bike. With the bolt cutters we would go out on high performance motorbikes, two men on a bike.'

    (tags: bikes locks bike-locks security london theft lockpicking d-locks)

Links for 2016-05-18

Published May 18, 2016

Links for 2016-05-17

Published May 17, 2016

Links for 2016-05-15

Published May 15, 2016

  • Westminster social engineering to blame for 'Glasgow effect' mortality rate

    This is quite significant -- scientific proof that austerity/social engineering policies cause higher mortality rates:

    Researchers found that the historic effect of overcrowding was an important factor and highlighted the strategies of local government, which prioritised the regeneration of the city centre over investment in the cities housing schemes as having a significant impact on the health of Glaswegians. Data shows that Glasgow authorities spent far less on housing repairs, leaving people's homes poorly maintained and subject to damp. David Walsh, of the Glasgow Centre for Population Health, said that their work proved that poor health had political causes and could not simply be attributed to individual lifestyle choices.

    (tags: glasgow-effect scotland poverty glasgow lifestyle health mortality housing policies uk)

Links for 2016-05-13

Published May 13, 2016

Links for 2016-05-12

Published May 12, 2016

Links for 2016-05-11

Published May 11, 2016

Links for 2016-05-10

Published May 10, 2016

Links for 2016-05-06

Published May 6, 2016

  • plainas/tq

    command line utility that performs an HTML element selection on HTML content passed to the stdin. Using css selectors that everybody knows. Since input comes from stdin and output is sent to stdout, it can easily be used inside traditional UNIX pipelines to extract content from webpages and html files. tq provides extra formating options such as json-encoding or newlines squashing, so it can play nicely with everyones favourite command line tooling.

    (tags: tq linux unix cli command-line html parsing css tools)

Links for 2016-05-05

Published May 5, 2016

  • Apple Stole My Music. No, Seriously.

    some amazingly terrible product decisions here. Deleting local copies of unreleased WAV files -- on the assumption that the user will simply listen to them streamed down from Apple Music -- that is astonishingly bad, and it's amazing they didn't consider the "freelance composer" use case at all. (via Tony Finch)

    (tags: apple music terrible wav sound copyright streaming apple-music design product fail)

  • Rebel Without A Call.

    Purpose-built in 1898, the telephone exchange in Temple Bar was Dublin’s first automatic telephone exchange. Much like its newer neighbor, Internet House, it stood as a technological beacon shining through the luddite fog. With this in mind the Irish Citizen Army targeted the Telephone Exchange in 1916 as one of the communication hubs for the island. While many of us grew up learning of a history of ‘blood sacrifice’ and the futility of the Easter Rising, the truth is that the attack was meticulously planned both militarily and logistically. Sixty communication points around Dublin were hit in an effort to cut off all contact between British military forces within Ireland and to the ‘mainland’. The hope being that reserves and reinforcements would be delayed or misinformed.[...] Unfortunately for the rebels they could not take the Temple Bar exchange. A failure that would prove disastrous.

    (tags: temple-bar history dublin telephones communications 1916)

Links for 2016-05-04

Published May 4, 2016

Links for 2016-05-03

Published May 3, 2016

Links for 2016-05-01

Published May 1, 2016

  • CoreOS and Prometheus: Building monitoring for the next generation of cluster infrastructure

    Ooh, this is a great plan. :applause:

    Enabling GIFEE — Google Infrastructure for Everyone Else — is a primary mission at CoreOS, and open source is key to that goal. [....] Prometheus was initially created to handle monitoring and alerting in modern microservice architectures. It steadily grew to fit the wider idea of cloud native infrastructure. Though it was not intentional in the original design, Prometheus and Kubernetes conveniently share the key concept of identifying entities by labels, making the semantics of monitoring Kubernetes clusters simple. As we discussed previously on this blog, Prometheus metrics formed the basis of our analysis of Kubernetes scheduler performance, and led directly to improvements in that code. Metrics are essential not just to keep systems running, but also to analyze and improve application behavior. All things considered, Prometheus was an obvious choice for the next open source project CoreOS wanted to support and improve with internal developers committed to the code base.

    (tags: monitoring coreos prometheus metrics clustering ops gifee google kubernetes)

  • Let Them Make Noise: A ‘Dining Club’ Invites Toddlers - NYTimes.com

    This is a great idea. I miss eating out, and this is why:

    Throughout our three-hour meal, babies cried, mothers nursed, toddlers shrieked and farro grains flew, but the atmosphere was surprisingly leisurely. There was no reason to be self-conscious about a crying-nursing-dancing child because everyone knew every other parent was in the same boat. Or would be in a few seconds. So we relaxed and ate. This is not fine dining as I once knew it, and that’s O.K. That’s what date night is for. But my daughter got her first lesson in how to behave at a fancy restaurant. And I got to finish a delicious meal while it was still warm, toddler in tow.

    (tags: kids food restaurants eating children toddlers)

  • Image Dithering: Eleven Algorithms and Source Code

    Nice demos

    (tags: algorithms graphics coding dithering floyd-steinberg)

Links for 2016-04-29

Published April 29, 2016

  • A poem about Silicon Valley, made up of Quora questions about Silicon Valley

    Why do so many startups fail? Why are all the hosts on CouchSurfing male? Are we going to be tweeting for the rest of our lives? Why do Silicon Valley billionaires choose average-looking wives? What makes a startup ecosystem thrive? What do people plan to do once they’re over 35? Is an income of $160K enough to survive? What kind of car does Mark Zuckerberg drive? Are the real estate prices in Palo Alto crazy? Do welfare programs make poor people lazy? What are some of the biggest lies ever told? How do I explain Bitcoin to a 6-year-old? Why is Powdered Alcohol not successful so far? How does UberX handle vomiting in the car? Is being worth $10 million considered ‘rich’? What can be causing my upper lip to twitch? Why has crowdfunding not worked for me? Is it worth pre-ordering a Tesla Model 3? How is Clinkle different from Venmo and Square? Can karma, sometimes, be unfair? Why are successful entrepreneurs stereotypically jerks? Which Silicon Valley company has the best intern perks? What looks easy until you actually try it? How did your excretions change under a full Soylent diet? What are alternatives to online dating? Is living in small apartments debilitating? Why don’t more entrepreneurs focus on solving world hunger? What do you regret not doing when you were younger?

    (tags: funny tech poetry silicon-valley humour bitcoin soylent 2016)

Links for 2016-04-27

Published April 27, 2016

Links for 2016-04-26

Published April 26, 2016

Links for 2016-04-25

Published April 25, 2016

  • Bots won't replace apps. Better apps will replace apps

    As I’ll explain, messenger apps’ apparent success in fulfilling such a surprising array of tasks does not owe to the triumph of “conversational UI.” What they’ve achieved can be much more instructively framed as an adept exploitation of Silicon Valley phone OS makers’ growing failure to fully serve users’ needs, particularly in other parts of the world. Chat apps have responded by evolving into “meta-platforms.” Many of the platform-like aspects they’ve taken on to plaster over gaps in the OS actually have little to do with the core chat functionality. Not only is “conversational UI” a red herring, but as we look more closely, we’ll even see places where conversational UI has breached its limits and broken down.

    (tags: apps bots chatops chat ui messaging silicon-valley agents alexa siri phones)

Links for 2016-04-22

Published April 22, 2016

  • How I Hacked Facebook, and Found Someone's Backdoor Script

    Great writeup of a practical pen test. Those crappy proprietary appliances that get set up "so the CEO can read his email on the road" etc. are always a weak spot

    (tags: facebook hacking security exploits pen-tests backdoors)

  • Anti-innovation: EU excludes open source from new tech standards

    EC up to its old anti-competitive tricks:

    The European Commission is surprisingly coy about what exactly ['open'] means in this context. It is only on the penultimate page of the ICT Standardisation Priorities document that we finally read the following key piece of information: "ICT standardisation requires a balanced IPR [intellectual property rights] policy, based on FRAND licensing terms." It's no surprise that the Commission was trying to keep that particular detail quiet, because FRAND licensing—the acronym stands for "fair, reasonable, and non-discriminatory"—is incompatible with open source, which will therefore find itself excluded from much of the EU's grand new Digital Single Market strategy. That's hardly a "balanced IPR policy."

    (tags: open-source open frand eu ec)

  • I am Alex St. John’s Daughter, and He is Wrong About Women in Tech — Medium

    Great, great post from Amilia St. John, responding to the offensive sexist crap spewed by her father, Alex St. John

    (tags: sexism career tech amilia-st-john alex-st-john jobs work feminism)

  • The Rise of Pirate Libraries

    The history of this is fascinating:

    Today’s pirate libraries have their roots in the work of Russian academics to digitize texts in the 1990s. Scholars in that part of the world had long had a thriving practice of passing literature and scientific information underground, in opposition to government censorship—part of the samizdat culture, in which banned documents were copied and passed hand to hand through illicit channels. Those first digital collections were passed freely around, but when their creators started running into problems with copyright, their collections “retreated from the public view,” writes Balázs Bodó, a piracy researcher based at the University of Amsterdam. “The text collections were far too valuable to simply delete,” he writes, and instead migrated to “closed, membership-only FTP servers.” [....] There’s always been osmosis within the academic community of copyrighted materials from people with access to scholar without. “Much of the life of a research academic in Kazakhstan or Iran or Malaysia involves this informal diffusion of materials across the gated walls of the top universities,” he says.

    (tags: pirates pirate-libraries libraries archival history russia ussr samizdat samizdata academia papers)

Links for 2016-04-21

Published April 21, 2016

Links for 2016-04-20

Published April 20, 2016

  • ZIP SIM

    Prepaid talk+text+data or data-only mobile SIM cards, delivered to your home or hotel, prior to visiting the US. great service for temporary US business visits

    (tags: visiting us usa zip-sim sims mobile-phones travel phones mobile travelling data)

  • Detecting the use of "curl | bash" server side

    tl;dr:

    The better solution is never to pipe untrusted data streams into bash. If you still want to run untrusted bash scripts a better approach is to pipe the contents of URL into a file, review the contents on disk and only then execute it.

    (tags: bash security shell unix curl tcp buffers)

  • The Melancholy Mystery of Lullabies - NYTimes.com

    Fascinating article on lullabies:

    One way a mother might bond with a newborn is by sharing her joy; another way is by sharing her grief or frustration. We see this in songs across time. A 200-year-old Arabic lullaby still sung today goes: I am a stranger, and my neighbors are strangers; I have no friends in this world. Winter night and the husband is absent. And an old Spanish lullaby from Asturias, written down by the poet Federico García Lorca, goes: This little boy clinging so Is from a lover, Vitorio, May God, who gave, end my woe, Take this Vitorio clinging so. We assume the sound of these songs is sweet, as no lullaby endures without being effective at putting babies to sleep. Think of ‘‘Rock-a-bye Baby,’’ the way it tenderly describes an infant and its cradle falling to the ground: The singer gets to speak a fear, the baby gets to rest; the singer tries to accommodate herself to a possible loss that has for most of human history been rela­tively common, and the baby gets attentive care. In the Arabic and Spanish lullabies, the singers get to say something to the one being — their new burden, their new love — who can’t and won’t judge or discipline them for saying it. When even relatively happy, well-supported people become the primary caretaker of a very small person, they tend to find themselves eddied out from the world of adults. They are never alone — there is always that tiny person — and yet they are often lonely. Old songs let us feel the fellowship of these other people, across space and time, also holding babies in dark rooms.

    (tags: lullabies songs singing history folk babies children)

  • New Oil-Based Cityscapes Set at Dawn and Dusk by Jeremy Mann

    lovely art via This Is Colossal

    (tags: art pictures cities paintings graphics)

  • Amazon S3 Transfer Acceleration

    The AWS edge network has points of presence in more than 50 locations. Today, it is used to distribute content via Amazon CloudFront and to provide rapid responses to DNS queries made to Amazon Route 53. With today’s announcement, the edge network also helps to accelerate data transfers in to and out of Amazon S3. It will be of particular benefit to you if you are transferring data across or between continents, have a fast Internet connection, use large objects, or have a lot of content to upload. You can think of the edge network as a bridge between your upload point (your desktop or your on-premises data center) and the target bucket. After you enable this feature for a bucket (by checking a checkbox in the AWS Management Console), you simply change the bucket’s endpoint to the form BUCKET_NAME.s3-accelerate.amazonaws.com. No other configuration changes are necessary! After you do this, your TCP connections will be routed to the best AWS edge location based on latency.  Transfer Acceleration will then send your uploads back to S3 over the AWS-managed backbone network using optimized network protocols, persistent connections from edge to origin, fully-open send and receive windows, and so forth.

    (tags: aws s3 networking infrastructure ops internet cdn)

  • Darts, Dice, and Coins

    Earlier this year, I asked a question on Stack Overflow about a data structure for loaded dice. Specifically, I was interested in answering this question: "You are given an n-sided die where side i has probability pi of being rolled. What is the most efficient data structure for simulating rolls of the die?" This data structure could be used for many purposes. For starters, you could use it to simulate rolls of a fair, six-sided die by assigning probability 1616 to each of the sides of the die, or a to simulate a fair coin by simulating a two-sided die where each side has probability 1212 of coming up. You could also use this data structure to directly simulate the total of two fair six-sided dice being thrown by having an 11-sided die (whose faces were 2, 3, 4, ..., 12), where each side was appropriately weighted with the probability that this total would show if you used two fair dice. However, you could also use this data structure to simulate loaded dice. For example, if you were playing craps with dice that you knew weren't perfectly fair, you might use the data structure to simulate many rolls of the dice to see what the optimal strategy would be. You could also consider simulating an imperfect roulette wheel in the same way. Outside the domain of game-playing, you could also use this data structure in robotics simulations where sensors have known failure rates. For example, if a range sensor has a 95% chance of giving the right value back, a 4% chance of giving back a value that's too small, and a 1% chance of handing back a value that's too large, you could use this data structure to simulate readings from the sensor by generating a random outcome and simulating the sensor reading in that case. The answer I received on Stack Overflow impressed me for two reasons. First, the solution pointed me at a powerful technique called the alias method that, under certain reasonable assumptions about the machine model, is capable of simulating rolls of the die in O(1)O(1) time after a simple preprocessing step. Second, and perhaps more surprisingly, this algorithm has been known for decades, but I had not once encountered it! Considering how much processing time is dedicated to simulation, I would have expected this technique to be better- known. A few quick Google searches turned up a wealth of information on the technique, but I couldn't find a single site that compiled together the intuition and explanation behind the technique.
    (via Marc Brooker)

    (tags: via:marcbrooker algorithms probability algorithm coding data-structures alias dice random)

Links for 2016-04-19

Published April 19, 2016

Links for 2016-04-15

Published April 15, 2016

Links for 2016-04-14

Published April 14, 2016

  • Google Cloud Status

    Ouch, multi-region outage:

    At 14:50 Pacific Time on April 11th, our engineers removed an unused GCE IP block from our network configuration, and instructed Google’s automated systems to propagate the new configuration across our network. By itself, this sort of change was harmless and had been performed previously without incident. However, on this occasion our network configuration management software detected an inconsistency in the newly supplied configuration. The inconsistency was triggered by a timing quirk in the IP block removal - the IP block had been removed from one configuration file, but this change had not yet propagated to a second configuration file also used in network configuration management. In attempting to resolve this inconsistency the network management software is designed to ‘fail safe’ and revert to its current configuration rather than proceeding with the new configuration. However, in this instance a previously-unseen software bug was triggered, and instead of retaining the previous known good configuration, the management software instead removed all GCE IP blocks from the new configuration and began to push this new, incomplete configuration to the network. One of our core principles at Google is ‘defense in depth’, and Google’s networking systems have a number of safeguards to prevent them from propagating incorrect or invalid configurations in the event of an upstream failure or bug. These safeguards include a canary step where the configuration is deployed at a single site and that site is verified to still be working correctly, and a progressive rollout which makes changes to only a fraction of sites at a time, so that a novel failure can be caught at an early stage before it becomes widespread. In this event, the canary step correctly identified that the new configuration was unsafe. Crucially however, a second software bug in the management software did not propagate the canary step’s conclusion back to the push process, and thus the push system concluded that the new configuration was valid and began its progressive rollout.

    (tags: multi-region outages google ops postmortems gce cloud ip networking cascading-failures bugs)

  • Using jemalloc to get to the bottom of an off-heap Java memory leak

    Good technique

    (tags: debugging java jvm memory jemalloc off-heap)

Links for 2016-04-13

Published April 13, 2016