Justin's Linklog Posts

Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

All looking pretty shite for Western Digital — one of their engineers *removed* the need for authentication on the factory-reset PHP script for the My Book Live devices:

A Western Digital developer created five lines of code to password-protect the reset command. For unknown reasons, the authentication check was [….] commented out as indicated by the double / character at the beginning of each line. […] The discovery raises a vexing question: if the hackers had already obtained full root access by exploiting CVE-2018-18472 [a separate bug], what need did they have for this second security flaw? There’s no clear answer, but based on the evidence available, Abdine has come up with a plausible theory — that one hacker first exploited CVE-2018-18472 and a rival hacker later exploited the other vulnerability in an attempt to wrest control of those already compromised devices.

(tags: hacks exploits fail western-digital iot hardware php)

gProfiler

‘a system-wide profiler, combining multiple sampling profilers to produce unified visualization of what your CPU is spending time on.’ — claims to have little impact on performance of running code, supports Linux, java and Ruby

(tags: gprofiler profiling performance testing measurement coding ruby java linux perf via:reddit)

Why Is the Intellectual Dark Web Suddenly Hyping an Unproven COVID Treatment?

Ivermectin, in this case, but hydroxychloroquine before that, and other treatments for cancer and so on before that. ‘What seems to really be at work here, in the end, is a political battle, not a medical one. The laetrile wars of the 1970s also launched what’s known as the “health freedom” movement — a libertarian-tinged social tendency that holds Americans should have unrestricted access to alternative treatments—into the spotlight. […] It’s a familiar set of claims, amounting to an assertion that being given the broadest possible platform is the same as being silenced, and that one’s theories being tested is the same as them having been suppressed.’ I think part of the appeal of these drugs is that you can claim that they _are_ a miracle cure, and that they are being suppressed by a conspiracy of silence by Big Pharma. The conspiracy part is a key selling point for the promoters. Interesting phenomenon, though.

(tags: conspiracy-theories hcq hydroxychloroquine laetrile ivermectin treatments covid-19 medicine big-pharma miracle-cures)

QUIC at Snapchat – Snap Engineering

Snapchat are fans, using cronet on the Android/iPhone client side. The HN comment thread at https://news.ycombinator.com/item?id=27626394 is also a decent read, some insightful discussion

(tags: http3 quic tcp networking mobile udp cronet snapchat)

Interesting AWS performance tip

we determined that calls to time.Now() or time.Since(time.Time) in Golang were taking about 200 times longer on new servers than they were on old servers. We found similar impacts in Python, which lead us to the clocksource. It turns out that in our Grub boot parameters for AL2, we had added clocksource=hpet about two years ago, but all of our servers launched prior to 6/17 had a clocksource of kvm-clock, apparently ignoring the Grub config. Servers launched after 6/17 (with the same AMI, Grub config, everything) were honoring the specified clocksource, which caused our performance issue.

(tags: ec2 aws clocksource linux kvm)

Apollo Flight Controller 101: Every console explained | Ars Technica

Amazing level of detail on how the Apollo mission control room operated! (plus more from Ken Shirriff at https://twitter.com/kenshirriff/status/1409241533757345792 )

(tags: apollo nasa moon mission-control)

COVID-19 symptoms vary depending on vaccination status

It seems that ‘symptoms vary slightly based on whether you’re fully vaccinated, half vaccinated or unvaccinated.’

(tags: vaccination covid-19 sars-cov-2 symptoms medicine health)

French spyware bosses indicted for their role in the torture of dissidents | MIT Technology Review

Senior executives at a French spyware firm have been indicted for the company’s sale of surveillance software to authoritarian regimes in Libya and Egypt that resulted in the torture and disappearance of dissidents. While high-tech surveillance is a multibillion-dollar industry worldwide, it is rare for companies or individuals to face legal consequences for selling such technologies—even to notorious dictatorships or other dangerous regimes. But charges in the Paris Judicial Court against leaders at Amesys, a surveillance company that later changed its name to Nexa Technology, claim that the sales to Libya and Egypt over the last decade led to the crushing of opposition, torture of dissidents, and other human rights abuses. The former head of Amesys, Philippe Vannier, and three current and former executives at Nexa technologies were indicted for “complicity in acts of torture” for selling spy technology to the Libyan regime. French media report that Nexa president Olivier Bohbot, managing director Renaud Roques, and former president Stéphane Salies face the same charges for surveillance sales to Egypt.

(tags: spyware surveillance france nexa amesys libya egypt torture human-rights)

Turn Your Old, Cracked Android Phone Into a Backup Server

It’s gratifying to see that an apk called ‘Linux Deploy’ will run a chrooted Debian install on a rooted Android phone — that’s a great way to reuse and recycle old, nearly-dead hardware

(tags: backup android servers linux ops home)

google/fully-homomorphic-encryption

This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set. […] Fully Homomorphic Encryption (FHE) is an emerging data processing paradigm that allows developers to perform transformations on encrypted data. FHE can change the way computations are performed by preserving privacy end-to-end, thereby giving users even greater confidence that their information will remain private and secure.

(tags: cryptography encryption google security fhe homomorphic privacy data-privacy)

GPRS was deliberately backdoored by its designer (probably)

Matthew Green writes: “This is an amazing paper. It implies (with strong statistical evidence) that the design of a major mobile-data encryption algorithm — used in GPRS data — was deliberately backdoored by its designer.”

Instead of providing full 64-bit security, we show that the initial state of GEA-1 can be recovered from as little as 65 bits of known keystream (with at least 24 bits coming from one frame) in time 240 GEA-1 evaluations and using 44.5 GiB of memory. The attack on GEA-1 is based on an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance. This unusual pattern indicates that the weakness is intentionally hidden to limit the security level to 40 bit by design.

(tags: gprs protocols security crypto gea-1 telecoms matthew-green backdoors)

Apache Pulsar: Seamless Storage Evolution

Impressive performance figures from the distributed messaging/streaming platform using NVMe and DCPMM persistent memory devices: ‘Pulsar architecture can accommodate different types of hardware which allows users to balance performance and cost based on required throughput and latency. Pulsar has the capability to adapt to the next generation of storage devices to achieve better performance. We have also seen that persistent memory excels in the race to achieving higher write throughput by maintaining low latency. ‘

(tags: streaming distcomp distributed apache pulsar dcpmm nvme persistent-memory performance architecture storage)

Amazon S3 is quietly deprecating BitTorrent support

…apparently. (via Last Week in AWS)

(tags: bittorrent aws s3 deprecation features)

Photopea

‘Online Photo Editor’ — basically, a really decent clone of The Gimp, running fully in the browser.

(tags: editor photoshop images graphics the-gimp editing photos photopea)

Trino on Ice IV: Deep Dive Into Iceberg Internals

Good writeup of the innards of the Iceberg format for writable ORC data lakes and how Trino can query them

(tags: trino iceberg data big-data data-lakes formats s3 avro orc)

The Three DynamoDB Limits You Need to Know

there are a few limits you must understand to model properly in DynamoDB. If you’re not aware of them, you can run into a brick wall. But if you understand them and account for them, you remove the element of surprise once your app hits production. Those limits are: The item size limit; The page size limit for Query and Scan operations; and The partition throughput limits. Notice how these limits build on each other. The first is about an individual item, whereas the second is about a collection of items that are read together in a single request. Finally, the partition throughput limit is about the number and size of concurrent requests in a single DynamoDB partition.

(tags: dynamodb aws storage gotchas limits ops architecture)

Met Éireann’s IREPS weather forecasting system

The Irish Meteorological Service blog the innards of their current forecasting system, IREPS — lots of juicy technical detail! Apparently it is a HARMONIE-AROME based model configuration: ‘In 2018, Met Éireann developed its first ensemble-based NWP system, known as the Irish Regional Ensemble Prediction System (IREPS). Originally run twice per day, this system produced 11 forecasts (known as members) for weather conditions over the next 36 hours. On April 15th 2020, the IREPS system was upgraded to a 54-hour, 11-member ensemble which is run four times per day.’

(tags: harmonie met-eireann weather forecasting modelling ireps ireland)

The 17 Ways to Run Containers on AWS – Last Week in AWS

This is both (a) correct and (b) a nightmare. AWS need a coherent product plan where containers are involved…

(tags: containers aws ec2 eks k8s docker architecture)

nocodb

‘The Open Source Airtable alternative’ — looks nifty as a quick and easy way to hook up an SQL database to a web-based spreadsheet view

(tags: airtable database sql mysql nocodb spreadsheets ui web)

US Soldiers Expose Nuclear Weapons Secrets Via Flashcard Apps

For US soldiers tasked with the custody of nuclear weapons in Europe, the stakes are high. Security protocols are lengthy, detailed and need to be known by heart. To simplify this process, some service members have been using publicly visible flashcard learning apps — inadvertently revealing a multitude of sensitive security protocols about US nuclear weapons and the bases at which they are stored. […] the flashcards studied by soldiers tasked with guarding these devices reveal not just the bases, but even identify the exact shelters with “hot” vaults that likely contain nuclear weapons. They also detail intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have.

(tags: army dystopia nuclear nukes privacy flashcards apps security weapons)

What are Scope 3 emissions?

I was looking for a decent definition of this over the weekend, and couldn’t find it, so bookmarking for future reference. ‘Greenhouse gas emissions are categorised into three groups or ‘Scopes’ by the most widely-used international accounting tool, the Greenhouse Gas (GHG) Protocol. Scope 1 covers direct emissions from owned or controlled sources. Scope 2 covers indirect emissions from the generation of purchased electricity, steam, heating and cooling consumed by the reporting company. Scope 3 includes all other indirect emissions that occur in a company’s value chain.’

(tags: ghgs climate-change scopes ghgp emissions carbon sustainability)

Fly.io

Looks extremely nifty — a global CDN for your code: ‘Fly is a platform for applications that need to run globally. It runs your code close to users and scales compute in cities where your app is busiest. Write your code, package it into a Docker image, deploy it to Fly’s platform and let that do all the work to keep your app snappy.’ Decent pricing, too.

(tags: cdn serverless docker containers fly.io hosting internet ops platforms)

Tetris used to prevent PTSD

‘Our hypothesis was that after a trauma, patients would have fewer intrusive memories [from post-traumatic stress] if they got to play Tetris as part of a short behavioural intervention while waiting in the hospital Emergency Department,’ says Professor Holmes. ‘Since the game is visually demanding, we wanted to see if it could prevent the intrusive aspects of the traumatic memories from becoming established i.e. by disrupting a process known as memory consolidation.’ The study involved 71 motor vehicle accident victims, of whom half received the intervention (recalled the trauma briefly and then played Tetris) while waiting in the hospital emergency department, and half performed another task, all doing so within six hours of the accident. Results showed that the researchers’ hypothesis was right: those who had played Tetris had fewer intrusive memories of the trauma in total over the week immediately following the accident than the controls. The researchers also found that the intrusive memories diminished more quickly.

(tags: brain neurochemistry memory long-term-memory memory-consolidation ptsd trauma medicine gaming tetris)

Chicago PD automated policing program got this man shot twice

What the hell. This is incredibly dystopian shit.

They told McDaniel something he could hardly believe: an algorithm built by the Chicago Police Department predicted […] that McDaniel would be involved in a shooting. That he would be a “party to violence,” but it wasn’t clear what side of the barrel he might be on. He could be the shooter, he might get shot. They didn’t know. But the data said he was at risk either way. McDaniel was both a potential victim and a potential perpetrator, and the visitors on his porch treated him as such. A social worker told him that he could help him if he was interested in finding assistance to secure a job, for example, or mental health services. And police were there, too, with a warning: from here on out, the Chicago Police Department would be watching him. The algorithm indicated Robert McDaniel was more likely than 99.9 percent of Chicago’s population to either be shot or to have a shooting connected to him. That made him dangerous, and top brass at the Chicago PD knew it. So McDaniel had better be on his best behavior.

(tags: precrime predictive-policing policing chicago dystopia future ai heat-list)

The Unwritten Contract of Solid State Drives

We perform a detailed vertical analysis of application performance atop a range of modern file systems and SSD FTLs. We formalize the “unwritten contract” that clients of SSDs should follow to obtain high performance, and conduct our analysis to uncover application and file system designs that violate the contract. Our analysis, which utilizes a highly detailed SSD simulation underneath traces taken from real workloads and file systems, provides insight into how to better construct applications, file systems, and FTLs to realize robust and sustainable performance.

(tags: via:nelson optimization performance ssd disks storage coding architecture)

COVID-19 correlate of protection identified

Via Keith Dawson:

A large study out of Australia has added to the accumulating evidence that the level of neutralizing antibodies circulating in the blood is highly correlated with protection against symptomatic Covid-19. Ars Technica has a good summary of the research and what it means. It’s known that antibody levels decline with time. This work also gave hints about how long protection against disease might last after natural infection or vaccination — which bears on whether or when we might need a booster shot. The Ars reporter writes: ‘A vaccine with 95% efficacy after the second dose would still have an estimated 77% efficacy 250 days out. And that’s for protection against a symptomatic infection. The protection against severe COVID-19 is much stronger and would likely take far longer to decline… A starting efficacy of 70% would be down to 33% efficacy at 250 days.’ The model the researchers developed was able to predict, with good accuracy, the efficacy a vaccine should show in Phase III trials based on the antibody levels measured in Phase I and II.

(tags: vaccination virology vaccines covid-19 sars-cov-2 via:kdawson antibodies)

Using shared memory for low-latency, intra-node communication in AWS Batch | AWS Compute Blog

Crazy HPC-oriented feature in current AWS offerings: shared memory buffers over EFA:

HPC workloads use algorithms that require parallelization and a low latency communication between the different processes. The two main technologies used for the parallel communications are message-passing with distributed memory and shared memory. Message Passing Interface (MPI) is a message-passing standard used for the communication in a parallel distributed environment. Elastic Fabric Adapter (EFA) enables your MPI applications to use low-latency, inter-node communication. The shared memory paradigm allows multiple processors in the same system to communicate using a memory (RAM) portion that is shared between the processes. This method takes advantage of the high-speed memory bus.

(tags: shared-memory hpc mpi shmem ram coding efa aws ec2 low-latency)

Extreme HTTP Performance Tuning: 1.2M API req/s on a 4 vCPU EC2 Instance | talawah.io

This is very cool. Updating the old “C10K” problem space to C1.2M — the current state of Linux userspace networking — using libreactor and a whole load of up-to-date tweaks. Interesting to note that this scale is feasible to run in Docker (using –network=host, of course).

(tags: http servers c10k linux performance scalability ops tuning libreactor networking tcp)

Scaleway and Chia

Scaleway dealing with the storage-driven cryptocurrency:

This cryptocurrency is a few months old, and at Scaleway, we are already witnessing the impact of Chia on all our products, from Object Storage and instances, to dedicated servers. Speculative farmers are forcing their way in to make as much money as possible, as quickly as possible. [….] In order to service as many clients as possible, we have decided that from today: Chia plotting is forbidden on all SSD and NVMe powered instances, dedicated servers, RPN-SAN, BMaaS and Block Storage services. Chia plotting is extremely I/O intensive and destroys most SSDs in under a few weeks Important notice: Chia plotting engages client responsibility according to Section 9 of our contract. We will bill clients for any SSDs and NVMes destroyed due to Chia plotting activities.

(tags: chia cryptocurrency scaleway hosting ssds storage)

Alex Steffen on the discontinuity in our future

To believe that our choices are the restoration of continuity or the breakdown of society paradoxically is to not take the planetary [climate] crisis seriously enough — and that’s terrible, because the unexpected boon of seriousness is awakening to possibility, to the capacities we gain amidst disruption and acceleration. Seen through 20th century eyes, everything is about to get really weird, really fast. But discontinuity is not just danger. Discontinuity means change in our selves and our societies. [….] It is too late to avoid huge losses, enormous suffering. But it is absolutely not too late to limit our losses to those we’ve already set in motion, and to seize our opportunities to build a better human world — indeed, quite possibly a better world than the one we have now.

(tags: climate-change biodiversity crisis future alex-steffen green)

File Descriptor Limits

tl;dr: ‘Don’t use select() anymore in 2021.’ Select(2) on Linux has a limit of 1024 fds

(tags: linux programming select system-calls coding libc fds)

Bad Machinery: Managing Interrupts Under Load

‘Each day, try to do either projects or interrupts, not both. If you’re oncall, don’t try to do projects, and vice versa. People aren’t machines, context switches are really expensive, and usually assumed to be free in process planning. People who are constantly interrupted end up with delayed and sloppy project work, and vice versa (people who have a lot of project work are sloppy at interrupts unless time is carved out for them). Your team’s oncall and interrupt-handling should be structured around funneling interrupts at the people who are supposed to be interrupted. If that’s too much for those people, add more people until it isn’t. “Spreading the load” by assigning items across the entire team randomly is counter-productive.’

(tags: sre devops coding ops planning teams work on-call interrupts)

Was a flying killer robot used in Libya? Quite possibly – Bulletin of the Atomic Scientists

Great. Lethal machine learning is now in prod:

Last year in Libya, a Turkish-made autonomous weapon — the STM Kargu-2 drone — may have “hunted down and remotely engaged” retreating soldiers loyal to the Libyan General Khalifa Haftar, according to a recent report by the UN Panel of Experts on Libya. [….] the Kargu-2 signifies something perhaps even more globally significant: a new chapter in autonomous weapons, one in which they are used to fight and kill human beings based on artificial intelligence. The Kargu is a “loitering” drone that can use machine learning-based object classification to select and engage targets, with swarming capabilities in development to allow 20 drones to work together. The UN report calls the Kargu-2 a lethal autonomous weapon. Its maker, STM, touts the weapon’s “anti-personnel” capabilities.

(tags: machine-learning ai kargu-2 drones war grim-meathook-future stm un)

Mukama

‘Essentials for your daily round’ — a really lovely set of EDC products, and not _too_ crazy expensive….

(tags: edc keys wallets tools gadgets design)

The freenode IRC network is under new management

crikey. Freenode ops resign en masse and move to another service due to a dodgy-sounding “change of management” by some MtGox dude

(tags: irc freenode ops takeovers)

PiDP-11

A modern — working! — replica of the DEC PDP-11/70. Truly a thing of retrocomputing beauty

(tags: pdp-11 retrocomputing raspberry-pi emulation computing history electronics digital)

Boosting Dropbox upload speed—and making Windows’ TCP stack resilient to network reordering – Dropbox

Featuring an interesting dig into the current state of Windows system and network-level diagnostic tools:

netsh trace […] correlates events on the wire with events that happen on the TCP layer, timers, buffer management, socket layer, and even the Windows asyncio subsystem (IOCP).

(tags: windows tools cli networking dropbox iocp tcp ip internet kernel)

Tabula

‘Extract Tables from PDFs – If you’ve ever tried to do anything with data provided to you in PDFs, you know how painful it is — there’s no easy way to copy-and-paste rows of data out of PDF files. Tabula allows you to extract that data into a CSV or Microsoft Excel spreadsheet using a simple, easy-to-use interface. Tabula works on Mac, Windows and Linux.’

(tags: converter data pdf tools cli tabula tables csv extraction)

Facebook moderator: ‘Every day was a nightmare’ – BBC News

Wow, this is not OK — Facebook are massively mistreating these contract workers.

“Every day was a nightmare,” she said, adding that the support given was “insufficient.” Facebook says psychological help is available to all its moderators 24 hours a day, but Isabella claims its wellness coaches are not qualified psychiatrists. “I was seeing the wellness team but didn’t feel I got the support I needed. I can’t say I left work feeling relieved or knowing I could go home and have a good night’s sleep – that’s not possible,” she added. “It would follow me home. I could just be watching TV at home and think back to one of the horrible, really graphic tickets.”

(tags: facebook ptsd exploitation trauma moderators moderation covalen violence)

The epidemiological impact of the NHS COVID-19 App

Nature paper on the UK contact notification app’s impact on the COVID-19 pandemic:

Here we investigated the impact of the NHS COVID-19 app for England and Wales, from its launch on 24 September 2020 through to the end of December 2020. It was used regularly by approximately 16.5 million users (28% of the total population), and sent approximately 1.7 million exposure notifications: 4.4 per index case consenting to contact tracing. We estimated that the fraction of app-notified individuals subsequently showing symptoms and testing positive (the secondary attack rate, SAR) was 6.0%, comparable to the SAR for manually traced close contacts. We estimated the number of cases averted by the app using two complementary approaches. Modelling based on the notifications and SAR gave 284,000 (108,000-450,000), and statistical comparison of matched neighbouring local authorities gave 594,000 (317,000-914,000). Roughly one case was averted for each case consenting to notification of their contacts. We estimated that for every percentage point increase in app users, the number of cases can be reduced by 0.8% (modelling) or 2.3% (statistical analysis). These findings provide evidence for continued development and deployment of such apps in populations that are awaiting full protection from vaccines.

(tags: covid-19 contact-tracing apps pandemics npis)

Twitter thread on droplet transmission

An extremely long and detailed discussion from Jose-Luis Jimenez of how, exactly, the science of airborne transmission of disease via 5-micron infective droplets wound up wrong, and remained incorrect for much of modern medicine, culminating in the disastrous treatment of COVID-19

(tags: aerosols airborne medicine history covid-19 droplets infection transmission science)

Dr Rory Hearne: The Government does not want you to be able to afford to buy a home

This nails the issue with housing in Ireland:

The Government has been called on to do something to stop this. Even Fianna Fáil politicians have come out crying crocodile tears of outrage. But the truth is the investor purchase of housing in Ireland on a major scale is actually Government policy and has been for the last decade. The Government does not actually want you to be able to buy or rent an affordable home. They have created an unaffordable housing system that is focused on delivering housing as an investment asset, not a home.[…] This current crisis has been brewing for a long time. It goes back to the Celtic Tiger days of the late 1990s and early 2000s when the Fianna Fáil-PD Governments encouraged the shift from housing to be treated as a home, to people buying it up as an investment asset. They told people to speculate in the property market and gave tax breaks for landlords to buy a second, or third, home to rent out. These became the ‘buy-to-let’ investors. The banks lent out massively which added fuel to the fire of rising housing prices, and the inevitable crash happened in 2008 and 2009. As their response to the disaster they had created, Fianna Fáil turned to global ‘vulture’ funds to buy up the bad loans and failed housing projects. They set up the ‘bad bank’ NAMA, which went on, under the Fine Gael Government from 2011 to the current day, to sell off (at a discount) huge land banks and billions of euro worth of properties to vulture and real estate investment funds.

(tags: reits real-estate ireland politics housing homes rory-hearne)

mjg59 | Exploring my doorbell

Nice walkthrough of rooting and extending a bit of IOT hardware

(tags: linux exploits security iot gadgets embedded u-boot)

Interviews with Loyalist kids

It’s a depressing read, as ever. Ulster Unionism is a mess, is falling apart, and is vulnerable to being taken over by the paramilitaries:

“Unionism is losing power and control. It needs leaders who have the skill to say, look, we have cards to play and if we are sensible we can save this place. Instead, Arlene said if there was a united Ireland she’d leave. People are left feeling unappeased but it is not a definite thing. It is more a kind of grief or sense they have lost something intangible. It is about shattered dreams.”

(tags: ulster unionism loyalists northern-ireland politics brexit)

MegaBlock

“Nuke tweets in one click” —

Don’t like a bad tweet? Block the tweet, its author, and every single person who liked it—in one click.

(tags: twitter blocking killfile)

Tesla Car Hacked Remotely From Drone via Zero-Click Exploit

Here’s the best bit:

Tesla patched the vulnerabilities with an update pushed out in October 2020, and it has reportedly stopped using ConnMan. Intel was also informed since the company was the original developer of ConnMan, but the researchers said the chipmaker believed it was not its responsibility. The researchers learned that the ConnMan component is widely used in the automotive industry, which could mean that similar attacks can be launched against other vehicles as well. Weinmann and Schmotzle turned to Germany’s national CERT for help in informing potentially impacted vendors, but it’s currently unclear if other manufacturers have taken action in response to the researchers’ findings.

(tags: intel tesla connman security hacks exploits fuzzing cars)

Lateral flow test sensitivity

Solid paper in PLOS – ‘Validation testing to determine the sensitivity of lateral flow testing for asymptomatic SARS-CoV-2 detection in low prevalence settings: Testing frequency and public health messaging is key’:

Our data show that the Innova LFD can successfully detect SARS-CoV-2 infection in people with a viral titre above approximately 100 viral copies/ml. However, as determined at our site using the ThermoFisher COVID-19 TaqPath assay, it is incapable of detecting infection at comparable PCR Ct values of 30 and over. These levels of infection are indicative of very early or very late stages of infection, and as such, we would strongly recommend that LFD testing is used to screen people at very regular frequency and that a negative result should not be used to determine that someone is free from SARS-CoV-2 infection.

(tags: testing covid-19 sars-cov-2 lfa rapid-tests pcr papers)

Sidecar injection and transparent traffic hijacking process in Istio explained in detail · Jimmy Song

A solid explanation of Istio’s traffic-hijacking mode using iptables and its sidecar pattern

(tags: kubernetes iptables sidecars istio service-mesh networking k8s eks routing)

The lost art of ‘booleying’ in Ireland’s uplands

If you visit the west of Ireland or Achill, you can still see the traces of booleying today. Fascinating part of Irish rural history:

by the 1800s, it was mostly young people and teenage girls especially who had the job of looking after cows at these seasonal ‘boolies’. This gave rise to a vibrant but now largely forgotten cultural scene in Ireland’s uplands. Oral history collected in the 1930s and 1940s in Connemara, Mayo, Donegal, and the Galtee Mountains makes clear that booleying facilitated the transmission of a lot of important cultural knowledge. One man from Cloch Cheannaola in Donegal states that his mother had learned her songs from other dairymaids in the hills, while another account from Iorras Aintheach in Galway outlines how the girls not only sang but played musical instruments and danced as well. [….] The small degree of independence which young women gained as participants in booleying was sometimes missed later on in life. There is an unmistakeable sense of loss in songs like Na Gamhna Geala and Aililiú na Gamhna, in which married women reminisce about their time looking after cows and calves in the hills.

(tags: transhumance booleying history ireland rural achill galway donegal mayo connemara)

Cryptocurrency is an abject disaster

Hard not to sympathise with this take —

I’ve had to develop a special radar for reading product pages now: a mounting feeling of dread as a promising technology is introduced while I inevitably arrive at the buried lede: it’s more crypto bullshit. Cryptocurrency is the multi-level marketing of the tech world. “Hi! How’ve you been? Long time no see! Oh, I’ve been working on this cool distributed database file store archive thing. We’re doing an ICO next week.” Then I leave. Any technology which is not an (alleged) currency and which incorporates blockchain anyway would always work better without it. There are hundreds, perhaps thousands, of cryptocurrency scams and ponzi schemes trussed up to look like some kind of legitimate offering. Even if the project you’re working on is totally cool and solves all of these problems, there are 100 other projects pretending to be like yours which are ultimately concerned with transferring money from their users to their founders. Which one are investors more likely to invest in? Hint: it’s the one that’s more profitable. Those promises of “we’re different!” are always hollow anyway. Remember the DAO? They wanted to avoid social arbitration entirely for financial contracts, but when the chips are down and their money was walking out the door, they forked the blockchain.

(tags: blockchain bitcoin crypto cryptocurrency abuse capitalism bullshit tech)

Medieval Archaeology of Ireland – Google My Maps

An exhaustive copy of the official Sites and Monuments Record annotated on Google Maps (via ITS Slack)

(tags: via:its maps ireland history monuments castles archaeology)

Regular HIIT Exercise Enhances Health via Histamine | The Scientist Magazine®

The precise molecular mechanisms connecting regular activity to improved health have been unclear. A study published April 14 in Science Advances makes major gains in this understanding. Building off previous work on single bouts of exercise, researchers at Ghent University in Belgium found that when humans perform long-term training, histamine receptors are activated, improving a variety of cardiometabolic risk factors, from insulin sensitivity to aerobic capacity and blood vessel health. “It’s awesome, it’s a very cool paper,” says University of Oregon exercise physiologist John Halliwill, who was not involved in the study. “This is one of a few studies out there finally looking at these molecular transducers, and this is the only one out there on histamine that showed that it has this lasting impact on how we adapt to exercise. . . . It’s not just a signal associated with allergies and asthma, wound healing. It seems to have a hand in everything related to exercise, which is quite amazing.”

(tags: histamine health medicine exercise hiit training)

Estimating AWS EC2 Instances Power Consumption

attempting to estimate the carbon footprint of cloud computing at AWS, by estimating the power consumption of individual EC2 instances running a workload.

(tags: aws ec2 cloud-computing energy carbon footprint power estimation ops)

From WinZips to Cat GIFs, Jacob Ziv’s Algorithms Have Powered Decades of Compression – IEEE Spectrum

‘The lossless-compression pioneer received the 2021 IEEE Medal of Honor’ — well deserved

(tags: ziv compression lz77 lempel-ziv lz78 algorithms history computing ieee)

Genomics and epidemiology of P.1 SARS-CoV-2 lineage

The numbers are in, in this _Science_ paper —

Cases of SARS-CoV-2 infection in Manaus, Brazil, resurged in late 2020, despite previously high levels of infection. Genome sequencing of viruses sampled in Manaus between November 2020 and January 2021 revealed the emergence and circulation of a novel SARS-CoV-2 variant of concern. Lineage P.1, acquired 17 mutations, including a trio in the spike protein (K417T, E484K and N501Y) associated with increased binding to the human ACE2 receptor. Molecular clock analysis shows that P.1 emergence occurred around mid-November 2020 and was preceded by a period of faster molecular evolution. Using a two-category dynamical model that integrates genomic and mortality data, we estimate that P.1 may be 1.7–2.4-fold more transmissible, and that previous (non-P.1) infection provides 54–79% of the protection against infection with P.1 that it provides against non-P.1 lineages. Enhanced global genomic surveillance of variants of concern, which may exhibit increased transmissibility and/or immune evasion, is critical to accelerate pandemic responsiveness.

(tags: p1 sars-cov-2 covid-19 epidemiology transmission science papers)

Bert Hubert on the Huawei/5G backdoor controversy

Some context — European telcos no longer operate their equipment:

As an icebreaker, [telco operators] were asked if they thought the Chinese could eavesdrop through “backdoors” in Huawei equipment. Every single hand went up. One of the bankers then asked, for balance, if they thought the US could access communications through key Cisco equipment. “All the hands went straight back up without hesitation” [….] In a modern telecommunications service provider, new equipment is deployed, configured, maintained and often financed by the vendor. Just to let that sink in, Huawei (and their close partners) already run and directly operate the mobile telecommunication infrastructure for over 100 million European subscribers. The host service provider often has no detailed insight in what is going on, and would have a hard time figuring this out through their remaining staff. Rampant outsourcing has meant that most local expertise has also left the company, willingly or unwillingly.

(tags: telcos telecoms ops networking eu 5g china huawei nsa tapping)

Ten scientific reasons in support of airborne transmission of SARS-CoV-2 – The Lancet

“The evidence supporting airborne transmission is overwhelming, and evidence supporting large droplet transmission is almost non-existent” (Greenhalgh et al., Lancet, 2021) (via Daniel Lemire)

(tags: via:lemire aerosols airborne transmission covid-19 sars-cov-2)

Indice de réparabilité

France’s official “Repairability Index” site

(tags: repair repairability france shopping)

COVID-19 vaccine extended dose intervals for early vaccine rollout and population protection in Canada: NACI recommendations – Canada.ca

Very impressive level of detail here

(tags: canada vaccines covid-19 sars-cov-2 medicine)

I Thought My Job Was To Report On Tech In India. Instead, I’ve Watched Democracy Decline.

This is chilling:

I love tech. But watching it intersect with a Hindu nationalist government trying to crush dissent, choke a free press, and destroy a nation’s secular ethos doesn’t feel like something I bought a ticket to. Writing about technology from India now feels like having a front-row seat to the country’s rapid slide into authoritarianism. “It’s like watching a train wreck while you’re inside the train,” I Slacked my boss in November.

(tags: india technology whatsapp facebook twitter scary authoritarianism dystopia tech)

Green Atlantic at Moneypoint

This is the best news to happen in Ireland’s emissions situation for a while! The ESB plan to turn off the highly polluting coal power station at Moneypoint, switching it to be a hub for offshore wind energy, including energy storage using hydrogen. Moneypoint has massive connections to the Irish grid, and the amount of available wind power on the west coast is simply huge. Great stuff!

(tags: moneypoint ireland green energy emissions carbon future wind-energy hydrogen)

Parental control – DD-WRT Wiki

Using DD-WRT to turn off the internet for certain devices during night-time hours

(tags: dd-wrt networking parenting parental-controls kids internet home)

Fan-tastic misuse of Raspberry Pi’s GPIO

‘[River] wanted to use a Raspberry Pi to bring the fans into his home automation system, but the Raspberry Pi doesn’t have a 304.2 MHz radio. What it does have is user-programmable GPIO and the rpitx package, which converts a GPIO pin into a basic radio transmitter. Of course, the Pi’s GPIO pin’s aren’t long enough to efficiently transmit at 304.2 MHz, so [River] added a proper antenna, as well as a low-pass filter to clean up the transmitted signal. The rpitx package supports OOK out of the box, so [River] was quickly able get the Pi controlling his fan in no time’

(tags: home automation gpio raspberry-pi hacks hardware wireless)

The Gaslighting of Science – Insight

Zeynep Tufekci hits the nail on the head here — 3 particular factors were wilfully overlooked in Western countries’ early response to the COVID pandemic:

Put all three together: airborne transmission, clusters driving the epidemic, and presymptomatic transmission. Not only do we get a clear and consistent picture of many things that have happened since, we also get the mitigation strategy. Further, all three dimensions support each other: transmission from people not (yet) coughing or sneezing very much argues in favor of aerosol transmission, which explains how large clusters can be driving the epidemic and how transmission in a situation like that ship can occur. And the mitigation and other strategies become clear: pay attention to clusters and ventilation, universal masks, different policies for indoors and outdoors, etc. 

(tags: zeynep-tufekci coronavirus science covid-19 aerosols transmission clusters)

Tui plane in ‘serious incident’ due to software bug

Holy cow this could have been pretty serious:

A software mistake caused a Tui flight to take off heavier than expected as female passengers using the title “Miss” were classified as children, an investigation has found. The departure from Birmingham airport to Majorca with 187 passengers on board was described as a “serious incident” by the Air Accidents Investigation Branch (AAIB). An update to the airline’s reservation system while its planes were grounded due to the coronavirus pandemic led to 38 passengers on the flight being allocated a child’s “standard weight” of 35kg as opposed to the adult figure of 69kg. This caused the load sheet – produced for the captain to calculate what inputs are needed for take-off – to state that the Boeing 737 was more than 1,200kg lighter than it actually was.

(tags: flight aviation bugs risks software flying tui titles i18n)

critique of the Digital Green Certificate (DGC) proposal

Excellent thread on privacy and security of the proposed Digital Green Certificate for intra-EU safe travel during the COVID-19 pandemic, from Carmela Troncoso. tl;dr:

My conclusion is: this is an immature design of an extremely complex infrastructure with no guaranteed security. The proposed scheme is likely to go down the slippery slope of discrimination and surveillance. I’d like to end reminding my wild thought: Given that fraud is possible anyway, a simple paper-based solution with enough protection to deter cheating may be sufficient to get us through this summer, avoiding long-term consequences.

(tags: surveillance dgc vaccination eu carmela-troncoso travel)

GeyserMC

Allow Minecraft Bedrock Edition clients on mobile devices, Switch, PS4 and XBox to connect to your Java edition Minecraft server. Works particularly nicely as a plugin in a PaperMC server — will definitely give this a go and see how the kids get on….

(tags: kids minecraft interop bedrock papermc switch games)

Bufferbloat Test by Waveform

Handy link to test bufferbloat effects on your internet connection

(tags: bufferbloat buffering internet networking isps congestion)

Science Brief: SARS-CoV-2 and Surface (Fomite) Transmission for Indoor Community Environments | CDC

Official guidance from the CDC is toning down the “bleach everything!” messaging:

People can be infected with SARS-CoV-2 through contact with surfaces. However, based on available epidemiological data and studies of environmental transmission factors, surface transmission is not the main route by which SARS-CoV-2 spreads, and the risk is considered to be low. The principal mode by which people are infected with SARS-CoV-2 is through exposure to respiratory droplets carrying infectious virus. In most situations, cleaning surfaces using soap or detergent, and not disinfecting, is enough to reduce risk. Disinfection is recommended in indoor community settings where there has been a suspected or confirmed case of COVID-19 within the last 24 hours. The risk of fomite transmission can be reduced by wearing masks consistently and correctly, practicing hand hygiene, cleaning, and taking other measures to maintain healthy facilities.

(tags: covid19 infection pandemic washing fomites disinfection cleaning)

Defer disabling TLS 1.0/1.1 by default?

Colm MacCárthaigh:

The short version is this: we think about 1% of applications and traffic “out there” are still using TLS1.0/TLS1.1. Given where browsers are at, I think this percentage is an under-estimate of the usage on Java applications – I suspect it’s even higher there. When we dig in with customers “Why are you still using TLS1.0 or TLS1.1” the most common reasons are legacy appliances and applications. Think of hardware load balancers that were never updated, or can’t be, to support TLS1.2 or better. Compliance mandated traffic inspection devices that force TLS1.0 in certain industries are another reason. For these applications, the change will break them, and they’ll get a low-level exception. The users can re-enable TLS1.0 and TLS1.1, but they may suffer an outage because they likely weren’t expecting a breaking change low in the networking stack.

(tags: colmmacc java jdk tls ssl versioning backwards-compatibility internet)

10 Things I Hate About PostgreSQL | by Rick Branson

oh god this brings back painful memories —

On a particularly large deployment, I eventually had to layer in a second pgbouncer tier. One tier ran on the application servers and another tier on the database servers. Altogether it aggregated connections for around 1 million client processes. Tuning it was 40% dark art, 40% brute force, and 10% pure luck.

(tags: database postgresql coding postgres pgbouncer ops rick-branson)