Justin's Linklog Posts

It’s been a while since I wrote a long-form blog post here, but this post on the Swrve Engineering blog is worth a read; it describes how we use SSD caching on our EC2 instances to greatly improve EBS throughput.

• how King Cormac predicted Arguing On The Internet

  From The Wisdom of King Cormac:

  “O Cormac, grandson of Conn”, said Carbery, “What is the worst pleading and arguing?” “Not hard to tell”, said Cormac. “Contending against knowledge, contending without proofs, taking refuge in bad language, a stiff delivery, a muttering speech, hair-splitting, uncertain proofs, despising books, turning against custom, shifting one’s pleading, inciting the mob, blowing one’s own trumpet, shouting at the top of one’s voice.”

  (tags: internet arguing history ireland king-cormac hair-splitting shouting reddit)

• cAPTain

  a simple, lightweight HTTP server for storing and distributing custom Debian packages around your organisation. It is designed to make it as easy as possible to use Debian packages for code deployments and to ease other system administration tasks.

  (tags: debian apt sysadmin linux ops packaging)

• Linus Torvalds and others on Linux’s systemd

  ZDNet’s Steven J. Vaughan-Nichols on the systemd mess (via Kragen)

  (tags: via:kragen systemd linux ubuntu gnome init ops)

• UK police to investigate alleged Bahraini hacking of exiles’ computers

  Criminal complaints have been filed in the UK against Gamma “acting as an accessory to Bahrain’s illegal targeting of activists” using the FinFisher spyware

  (tags: finfisher spyware malware gamma bahrain law surveillance privacy germany hacking)

• Tech’s Meritocracy Problem — Medium

  Meritocracy is a myth. And our belief in it is holding back the tech industry from getting better.

  (tags: culture hiring diversity meritocracy tech software jobs work misogyny)

• GamerGate Death Threats – Business Insider

  “It’s completely insane. It’s insane that you even have to say out loud that sending death threats to people who disagree with your opinion of video games is wrong. Yet here we are: Apparently, it needs to be said.”

  (tags: death-threats gamergame gaming twitter feminism misogyny)

• #Gamergate Trolls Aren’t Ethics Crusaders; They’re a Hate Group

  #Gamergate, as they have treated myself and peers in our industry, is a hate group. This word, again, should not lend them any mystique or credence. Rather it should illuminate the fact that even the most nebulous and inconsistent ideas can proliferate wildly if strung onto the organizational framework of the hate group, which additionally gains a startling amount of power online. #Gamergate is a hate group, and they are all the more dismissible for it. And the longer we treat them otherwise, the longer I fear for our industry’s growth.

  (tags: harassment gamergate abuse twitter hate-groups gaming misogyny)

• A Thing About #GamerGate – John Walker’s Electronic House

  Great anti-GamerGate post from the editor of Rock, Paper, Shotgun

  (tags: gamergate rock-paper-shotgun rps games gaming politics misogyny sexism 4chan reddit)

• Eircode postcodes will cost lives, warn emergency workers

  A group representing frontline emergency staff has warned lives will be lost unless the Government reverses its decision on a new national postcode system due to be rolled out next spring. John Kidd, chairman of the Irish Fire and Emergency Services Association, said the “mainly random nature” of the Eircode system would mean errors by users would go unnoticed, as well as cause confusion and may be “catastrophic” in terms of sending services to the wrong location. [….] Neil McDonnell, general manager of the Freight Transport Association Ireland, said he understood Mr Kidd’s concerns. “Take, for example, two adjacent houses in Glasnevin, Dublin,” said Mr McDonnell. “One could be D11 ZXQ8, the other one D11 67TR. The four-character unique identifier is completely random, with no sequence or algorithm linking one house to the other.”

  (tags: eircode fail postcodes ireland geo location gps emergency)

• The Problem Isn’t Vancouver’s Astronomical Housing Costs— It’s the People Who Buy

  Two types of people own homes in Vancouver?—?wealthy foreigners who are looking for a place to park their money, and long-time Vancouver residents who have benefited from skyrocketing equity, through no actual effort of their own. There is a simple problem with these people being the primary homeowners in any city?—?they don’t actually create much value for the place they live in. A very large percentage of wealthy foreigners who “park” their money here don’t actually live in Vancouver. Take a drive around most expensive areas and you’ll realize the homes are empty. At most, they send their kids to live in Vancouver, learn english/go to school, and then return to their country (usually to Hong Kong). For some reason this is okay with people who live here. The amount of value added to a city from this sort of activity approaches zero. In fact, I’d argue that these people actually leech off of the system more than anything else.

  (tags: vancouver housing mortgages investment canada homeowners)

• Tonx’s Fuss Proof Cold Brew Coffee Guide

  via potentato

  (tags: cold-brew coffee food drinks recipes tonx)

• Yet another woman in gaming has been driven from her home by death threats

  Fuck gamergate

  (tags: games harassment feminism misogyny 4chan 8chan mra trolls gamergate)

• Game Devs on Gamergate (with images, tweets)

  Welp, that’s the end of my reading The Escapist. this is fucked up. ‘these people say that this is a hate movement, but let’s see what these white supremacists and serial harassers have to say’

  (tags: ethics gaming journalism the-escapist gamergate misogyny sexism)

• To “patch” software comes from a physical patch applied to paper tape

  hmason: TIL that the phrase software “patch” is from a physical patch applied to Mark 1 paper tape to modify the program.

  It’s amazing how a term like that can become so divorced from its original meaning so effectively. History!

  (tags: history computing software patch paper-tape patching bugs)

• How Videogames Like Minecraft Actually Help Kids Learn to Read | WIRED

  I analyzed several chunks of The Ultimate Player’s Guide using the Flesch-Kincaid Reading Ease scale, and they scored from grade 8 to grade 11. Yet in my neighborhood they’re being devoured by kids in the early phases of elementary school. Games, it seems, can motivate kids to read—and to read way above their level. This is what Constance Steinkuehler, a games researcher at the University of Wisconsin-Madison, discovered. She asked middle and high school students who were struggling readers (one 11th-grade student read at a 6th-grade level) to choose a game topic they were interested in, and then she picked texts from game sites for them to read—some as difficult as first-year-college language. The kids devoured them with no help and nearly perfect accuracy. How could they do this? “Because they’re really, really motivated,” Steinkuehler tells me. It wasn’t just that the students knew the domain well; there were plenty of unfamiliar words. But they persisted more because they cared about the task. “It’s situated knowledge. They see a piece of language, a turn of phrase, and they figure it out.”

  When my kids are playing Minecraft, there’s a constant stream of “how do you spell X?” as they craft nametags for their pets. It’s great!

  (tags: minecraft gaming kids education spelling school reading literacy)

• “Gold” 4-star review from the Irish Times

  Niall Heery belatedly follows up Small Engine Repair, his 2006 mumblecore critical hit, with a slightly less off-centre comedy that makes imaginative use of a smashing cast. The story skirts tragedy on its leisurely passage from mishap to misadventure, but Gold remains the sort of picture you want to hug indulgently to a welcoming bosom. It gives humanism a good name.

  Go Niall! it’s a great movie, go see it

  (tags: gold movies friends reviews irish-times indie)

• JCDecaux Developer API

  web service API for Dublin Bikes data (and other similar bikesharing services run by JCD):

  Two kinds of data are delivered by the platform: Static data provides stable information like station position, number of bike stands, payment terminal availability, etc. Dynamic data provides station state, number of available bikes, number of free bike stands, etc. Static data can be downloaded manually in file format or accessed through the API. Dynamic data are refreshed every minute and can be accessed only through the API.

  Ruby API: https://github.com/oisin/bikes

  (tags: jcdecaux bikesharing dublin dublin-bikes api web-services http json open-data)

• Best games I played in 2013

  my coworker JK’s favourite games of 2013: Gone Home, Last Of Us, Proteus, Papers Please etc. I really want to play these, since they’re all totally my bag too.

  (tags: games gaming todo want 2013)

• Why Amazon Has No Profits (And Why It Works)

  Amazon has perhaps 1% of the US retail market by value. Should it stop entering new categories and markets and instead take profit, and by extension leave those segments and markets for other companies? Or should it keep investing to sweep them into the platform? Jeff Bezos’s view is pretty clear: keep investing, because to take profit out of the business would be to waste the opportunity. He seems very happy to keep seizing new opportunities, creating new businesses, and using every last penny to do it.

  (tags: amazon business strategy capex spending stocks investing retail)

• Spark Breaks Previous Large-Scale Sort Record – Databricks

  Massive improvement over plain old Hadoop. This blog post goes into really solid techie reasons why, including:

  First and foremost, in Spark 1.1 we introduced a new shuffle implementation called sort-based shuffle (SPARK-2045). The previous Spark shuffle implementation was hash-based that required maintaining P (the number of reduce partitions) concurrent buffers in memory. In sort-based shuffle, at any given point only a single buffer is required. This has led to substantial memory overhead reduction during shuffle and can support workloads with hundreds of thousands of tasks in a single stage (our PB sort used 250,000 tasks).

  Also, use of Timsort, an external shuffle service to offload from the JVM, Netty, and EC2 SR-IOV.

  (tags: spark hadoop map-reduce batch parallel sr-iov benchmarks performance netty shuffle algorithms sort-based-shuffle timsort)

• UK psyops created N. Irish Satanic Panic during the Troubles – Boing Boing

  During the 1970s, when Northern Ireland was gripped by near-civil-war, British military intelligence staged the evidence of “black masses” in order to create a Satanism panic among the “superstitious” Irish to discredit the paramilitaries. The secret history of imaginary Irish Satanism is documented in Black Magic and Bogeymen: Fear, Rumour and Popular Belief in the North of Ireland 1972-74, a new book from Sheffield University’s Richard Jenkins, who interviewed Captain Colin Wallace, the former head of British Army “black operations” for Northern Ireland.

  (tags: northern-ireland 1970s the-troubles ireland uvf ira history black-magic satanism weird fear mi5)

• Netflix release new code to production before completing tests

  Interesting — I hadn’t heard of this being an official practise anywhere before (although we actually did it ourselves this week)…

  If a build has made it [past the ‘integration test’ phase], it is ready to be deployed to one or more internal environments for user-acceptance testing. Users could be UI developers implementing a new feature using the API, UI Testers performing end-to-end testing or automated UI regression tests. As far as possible, we strive to not have user-acceptance tests be a gating factor for our deployments. We do this by wrapping functionality in Feature Flags so that it is turned off in Production while testing is happening in other environments. 

  (tags: devops deployment feature-flags release testing integration-tests uat qa production ops gating netflix)

• FelixGV/tehuti

  Felix says: ‘Like I said, I’d like to move it to a more general / non-personal repo in the future, but haven’t had the time yet. Anyway, you can still browse the code there for now. It is not a big code base so not that hard to wrap one’s mind around it. It is Apache licensed and both Kafka and Voldemort are using it so I would say it is pretty self-contained (although Kafka has not moved to Tehuti proper, it is essentially the same code they’re using, minus a few small fixes missing that we added). Tehuti is a bit lower level than CodaHale (i.e.: you need to choose exactly which stats you want to measure and the boundaries of your histograms), but this is the type of stuff you would build a wrapper for and then re-use within your code base. For example: the Voldemort RequestCounter class.’

  (tags: asl2 apache open-source tehuti metrics percentiles quantiles statistics measurement latency kafka voldemort linkedin)

• Move Fast and Break Nothing

  Great presentation about Github dev culture and building software without breakage, but still with real progress.

  (tags: github programming communication process coding teams management dev-culture breakage)

• Unity, one gaming development platform to unite them all, up for sale

  gulp

  (tags: unity games mobile apps ui)

• Ind.ie Pulse

  Syncthing is becoming Ind.ie Pulse. Pulse replaces proprietary sync and cloud services with something open, trustworthy and decentralised. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party, and how it’s transmitted over the Internet.

  (tags: syncing storage cloud dropbox utilities gpl decentralization)

• Trouble at the Koolaid Point — Serious Pony

  This is a harrowing post from Kathy Sierra, full of valid observations:

  You’re probably more likely to win the lottery than to get any law enforcement agency in the United States to take action when you are harassed online, no matter how visciously and explicitly. Local agencies lack the resources, federal agencies won’t bother.

  That to the power of ten in Ireland, too, I’d suspect. Fuck this. Troll culture is way out of control….

  (tags: twitter harassment feminism weev abuse trolls 4chan kathy-sierra)

• Tehuti

  An embryonic metrics library for Java/Scala from Felix GV at LinkedIn, extracted from Kafka’s metric implementation and in the new Voldemort release. It fixes the major known problems with the Meter/Timer implementations in Coda-Hale/Dropwizard/Yammer Metrics. ‘Regarding Tehuti: it has been extracted from Kafka’s metric implementation. The code was originally written by Jay Kreps, and then maintained improved by some Kafka and Voldemort devs, so it definitely is not the work of just one person. It is in my repo at the moment but I’d like to put it in a more generally available (git and maven) repo in the future. I just haven’t had the time yet… As for comparing with CodaHale/Yammer, there were a few concerns with it, but the main one was that we didn’t like the exponentially decaying histogram implementation. While that implementation is very appealing in terms of (low) memory usage, it has several misleading characteristics (a lack of incoming data points makes old measurements linger longer than they should, and there’s also a fairly high possiblity of losing interesting outlier data points). This makes the exp decaying implementation robust in high throughput fairly constant workloads, but unreliable in sparse or spiky workloads. The Tehuti implementation provides semantics that we find easier to reason with and with a small code footprint (which we consider a plus in terms of maintainability). Of course, it is still a fairly young project, so it could be improved further.’ More background at the kafka-dev thread: http://mail-archives.apache.org/mod_mbox/kafka-dev/201402.mbox/%3C131A7649-ED57-45CB-B4D6-F34063267664@linkedin.com%3E

  (tags: kafka metrics dropwizard java scala jvm timers ewma statistics measurement latency sampling tehuti voldemort linkedin jay-kreps)

• “Quantiles on Streams” [paper, 2009]

  ‘Chiranjeeb Buragohain and Subhash Suri: “Quantiles on Streams” in Encyclopedia of Database Systems, Springer, pp 2235–2240, 2009. ISBN: 978-0-387-35544-3’, cited by Martin Kleppman in http://mail-archives.apache.org/mod_mbox/kafka-dev/201402.mbox/%3C131A7649-ED57-45CB-B4D6-F34063267664@linkedin.com%3E as a good, short literature survey re estimating percentiles with a small memory footprint.

  (tags: latency percentiles coding quantiles streams papers algorithms)

• Belkin Router Apocalypse

  Many Belkin routers attempt to determine if they’re connected to the internet by pinging ‘heartbeat.belkin.com’, in a classic amateur fail move. Good reason not to run Belkin firmware if that’s the level of code quality to expect

  (tags: belkin fail ping icmp funny internet dailywtf broken)

• Seven deadly sins of talking about “types”

  Good essay

  (tags: programming types rants coding languages fp)

• Shellshock

  An _extremely_ detailed resource about the bash bug

  (tags: bash hacking security shell exploits reference shellshock)

• The Womansplainer

  Brilliant. Nice use of an anime avatar, to boot…. ‘Consulting for men who have better things to do than educate themselves about feminism. Got a question for a feminist? I would be happy to educate you! Below are my rates.’

  (tags: feminism gamergate funny mansplaining misandry misogyny twitter lmgtfy)

• “Linux Containers And The Future Cloud” [slides]

  by Rami Rosen — extremely detailed presentation into the state of Linux containers, LXC, Docker, namespaces, cgroups, and checkpoint/restore in userspace (via lusis)

  (tags: lsx docker criu namespaces cgroups linux via:lusis ops containers rami-rosen presentations)

• Reddit’s crappy ultimatum to remote workers and offices

  Reddit forces all remote workers (about half the workforce, in SLC and NYC) to move to SF, provoking a shitstorm:

  In a tweet confirming the move, Reddit’s CEO justified his treatment of non-San Francisco workers with a push for Optimal Teamwork to drive the New And $50M Improved Reddit forward. I shit you not. That was the actual term! (I added the New & Improved fan fiction here). So let’s leave aside the debate over whether working remotely is as efficient as being in the same office all the time. Let’s just focus on the size of the middle finger given to the people who work at Reddit outside the Bay Area, given the choice of forced, express relocation or a pink slip. How optimal do you think these employees will feel about leadership and the rest of the team going forward? Do you think they’ll just show up at the new, apparently-not-even-in-San-Francisco-proper office with a smile from ear to ear, ready to begin in earnest on Optimal Teamwork, left-behind former colleagues be damned?

  (tags: telecommuting reddit working remote-working ceos optimal-teamwork teamwork relocation)

• Space Jacket

  ‘I designed this jacket as a tribute to the continuing legacy of American spaceflight. I wanted it to embody everything I loved about the space program, and to eventually serve as an actual flight jacket for present-day astronauts on missions to the ISS (International Space Station). There are other “replica” flight jackets made for space enthusiasts, but I decided to come up with something boldly different, yet also completely wearable and well-suited for space.’

  (tags: space clothing fashion geekery jackets)

• How did Twitter become the hate speech wing of the free speech party?

  Kevin Marks has a pretty good point here:

  Your tweet could win the fame lottery, and everyone on the Internet who thinks you are wrong could tell you about it. Or one of the “verified” could call you out to be the tribute for your community and fight in their Hunger Games. Say something about feminism, or race, or sea lions and you’d find yourself inundated by the same trite responses from multitudes. Complain about it, and they turn nasty, abusing you, calling in their friends to join in. Your phone becomes useless under the weight of notifications; you can’t see your friends support amongst the flood. The limited tools available – blocking, muting, going private – do not match well with these floods. Twitter’s abuse reporting form takes far longer than a tweet, and is explicitly ignored if friends try to help.

  (tags: harassment twitter 4chan abuse feminism hate-speech gamergate sea-lions filtering social-media kevin-marks)

• Mnesia and CAP

  A common “trick” is to claim: ‘We assume network partitions can’t happen. Therefore, our system is CA according to the CAP theorem.’ This is a nice little twist. By asserting network partitions cannot happen, you just made your system into one which is not distributed. Hence the CAP theorem doesn’t even apply to your case and anything can happen. Your system may be linearizable. Your system might have good availability. But the CAP theorem doesn’t apply. […] In fact, any well-behaved system will be “CA” as long as there are no partitions. This makes the statement of a system being “CA” very weak, because it doesn’t put honesty first. I tries to avoid the hard question, which is how the system operates under failure. By assuming no network partitions, you assume perfect information knowledge in a distributed system. This isn’t the physical reality.

  (tags: cap erlang mnesia databases storage distcomp reliability ca postgres partitions)

• Integrating Kafka and Spark Streaming: Code Examples and State of the Game

  Spark Streaming has been getting some attention lately as a real-time data processing tool, often mentioned alongside Apache Storm. […] I added an example Spark Streaming application to kafka-storm-starter that demonstrates how to read from Kafka and write to Kafka, using Avro as the data format and Twitter Bijection for handling the data serialization. In this post I will explain this Spark Streaming example in further detail and also shed some light on the current state of Kafka integration in Spark Streaming. All this with the disclaimer that this happens to be my first experiment with Spark Streaming.

  (tags: spark kafka realtime architecture queues avro bijection batch-processing)

• Mandos

  ‘a system for allowing servers with encrypted root file systems to reboot unattended and/or remotely.’ (via Tony Finch)

  (tags: via:fanf mandos encryption security server ops sysadmin linux)

• Zonify

  ‘a set of command line tools for managing Route53 DNS for an AWS infrastructure. It intelligently uses tags and other metadata to automatically create the associated DNS records.’

  (tags: zonify aws dns ec2 route53 ops)

• Mike Perham on Twitter: “Sweet, monit just sent a DMCA takedown notice to @github to remove Inspeqtor.”

  ‘The work, Inspeqtor which is hosted at GitHub, is far from a “clean-room” implementation. This is basically a rewrite of Monit in Go, even using the same configuration language that is used in Monit, verbatim. a. [private] himself admits that Inspeqtor is “heavily influenced“ by Monit https://github.com/mperham/inspeqtor/wiki/Other-Solutions. b. This tweet by [private] demonstrate intent. https://twitter.com/mperham/status/452160352940064768 “OSS nerds: redesign and build monit in Go. Sell it commercially. Make $$$$. I will be your first customer.”’ IANAL, but using the same config language does not demonstrate copyright infringement…

  (tags: copyright dmca tildeslash monit inspeqtor github ops oss agpl)

• YOU AND YOUR DAMNED GAMES, JON STONE — Why bother with #gamergate?

  So what is #gamergate? #gamergate is a mob with torches aloft, hunting for any combustible dwelling and calling it a monster’s lair. #gamergate is a rage train, and everyone with an axe to grind wants a ride. Its fuel is a sour mash of entitlement, insecurity, arrogance and alienation. #gamergate is a vindication quest for political intolerance. #gamergate is revenge for every imagined slight. #gamergate is Viz’s Meddlesome Ratbag.

  (tags: gamergate culture gaming 4chan mobs feminism)

• ‘In 1976 I discovered Ebola, now I fear an unimaginable tragedy’ | World news | The Observer

  An interview with the scientist who was part of the team which discovered the Ebola virus in 1976:

  Other samples from the nun, who had since died, arrived from Kinshasa. When we were just about able to begin examining the virus under an electron microscope, the World Health Organisation instructed us to send all of our samples to a high-security lab in England. But my boss at the time wanted to bring our work to conclusion no matter what. He grabbed a vial containing virus material to examine it, but his hand was shaking and he dropped it on a colleague’s foot. The vial shattered. My only thought was: “Oh, shit!” We immediately disinfected everything, and luckily our colleague was wearing thick leather shoes. Nothing happened to any of us.

  (tags: ebola epidemiology health africa labs history medicine)

• Ebola vaccine delayed by IP spat

  This is the downside of publicly-funded labs selling patent-licensing rights to private companies:

  Given the urgency, it’s inexplicable that one of the candidate vaccines, developed at the Public Health Agency of Canada (PHAC) in Winnipeg, has yet to go in the first volunteer’s arm, says virologist Heinz Feldmann, who helped develop the vaccine while at PHAC. “It’s a farce; these doses are lying around there while people are dying in Africa,” says Feldmann, who now works at the Rocky Mountain Laboratories of the U.S. National Institute of Allergy and Infectious Diseases (NIAID) in Hamilton, Montana. At the center of the controversy is NewLink Genetics, a small company in Ames, Iowa, that bought a license to the vaccine’s commercialization from the Canadian government in 2010, and is now suddenly caught up in what WHO calls “the most severe acute public health emergency seen in modern times.” Becker and others say the company has been dragging its feet the past 2 months because it is worried about losing control over the development of the vaccine.

  (tags: ip patents drugs ebola canada phac newlink-genetics health epidemics vaccines)

• sferik/t

  “A command-line power tool for Twitter.” It really is — much better timeline searchability than the “real” Twitter UI, for example

  (tags: twitter ruby github cli tools unix search)

• Ebola: While Big Pharma Slept

  We’ve had almost 40 years to develop, test and stockpile an Ebola vaccine. That has not happened because big pharma has been entirely focused on shareholder value and profits over safety and survival from a deadly virus. For the better part of Ebola’s 38 years ? big pharma has been asleep. The question ahead is what virus or superbug will wake them up?

  (tags: pharma ebola ip patents health drugs africa research)

• Ex-Apple managers reveal Cupertino’s killer workload

  a “firehose of emails that are just going out at 2:45 in the morning” and “if you forwarded something to one of your people at 1 o’clock in the morning and they didn’t reply promptly, you got a little annoyed at them.”

  Fuck. That.

  (tags: apple workplaces work time-life-balance downtime insane sick 1am management corporate-culture)

• Emergent

  “Snopes for Twitter”. great idea

  (tags: aggregator facebook twitter snopes urban-legends news rumours)

• More on Facebook’s “Cold Storage”

  FB are using a Blu-Ray robot library

  (tags: storage facebook offline blu-ray hardware)

• Uber Optics

  That the company’s consistent, nearly frozen posture of disingenuous smirking means that the most perceptible “Uber problem” is almost always how it frames things, rather than how it actually operates, whether it’s systematically sabotaging of competitors or using its quarter-billion-dollar war chest to relentlessly cut fares and driver pay to unsustainable levels in order to undercut existing transit systems, is remarkable in its way, though. If your company’s trying to conquer the world, in the end, being a dick might be the best PR strategy of all.

  (tags: uber dicks dystopia grim-meathook-future teachers california free-markets optics pr economy america)

• Validate SQL queries at compile-time in Rust

  The sql! macro will validate that its string literal argument parses as a valid Postgres query.

  Based on https://pganalyze.com/blog/parse-postgresql-queries-in-ruby.html , which links the PostgreSQL server code directly into a C extension. Mad stuff, Ted! (via Rob Clancy)

  (tags: macros postgres compile validation sql rust coding)

• The Mottly Brew – Dublin’s Only Home Brew Shop

  right down the road from my house! how convenient

  (tags: homebrewing brewing beer hobbies dublin)

• The Saga pattern

  ‘a distribution of long-living [distributed] transactions where steps may interleave, each with associated compensating transactions providing a compensation path across databases in the occurrence of a fault that may or may not compensate the entire chain back to the originator.’

  (tags: distributed messaging saga patterns architecture transactions distributed-transactions distcomp)

• $0.99 VPS hosting

  this is nuts. 99 cents per month for a super-cheap host — I’m sure there’s a use case for this (via Elliot)

  (tags: via:elliot cheap hosting ssd vps linux atlantic 1-dollar)

• “Why would anyone use an alias online?”

  Great infographic

  (tags: aliases online facebook internet cyberstalking safety real-names)

• Prototype

  Prototype is a brand new festival of play and interaction. This is your chance to experience the world from a new perspective with removable camera eyes, to jostle and joust to a Bach soundtrack whilst trying to disarm an opponent, to throw shapes as you figure out who got an invite to the silent disco, to duel with foam pool noodles, and play chase in the dark with flashlights. A unique festival that incites new types of social interaction, involving technology and the city, Prototype is a series of performances, workshops, talks, and games that spill across the city, alongside an adult playground in the heart of Temple Bar.

  Project Arts Centre, 17-18 October. looks nifty

  (tags: prototype festivals dublin technology make vr gaming)

• Confessions of a former internet troll – Vox

  I want to tell you about when violent campaigns against harmless bloggers weren’t any halfway decent troll’s idea of a good time — even the then-malicious would’ve found it too easy to be fun. When the punches went up, not down. Before the best players quit or went criminal or were changed by too long a time being angry. When there was cruelty, yes, and palpable strains of sexism and racism and every kind of phobia, sure, but when these things had the character of adolescents pushing the boundaries of cheap shock, disagreeable like that but not criminal. Not because that time was defensible — it wasn’t, not really — but because it was calmer and the rage wasn’t there yet. Because trolling still meant getting a rise for a laugh, not making helpless people fear for their lives because they’re threatening some Redditor’s self-proclaimed monopoly on reason. I want to tell you about it because I want to make sense of how it is now and why it changed.

  (tags: vox trolls blogging gamergate 4chan weev history teenagers)

• La Maison des Amis

  Paul Hickey’s gite near Toulouse, available for rent! ‘a beautifully converted barn on 5 acres, wonderfully located in the French countryside. 4 Bedrooms, sleeps 2-10, Large Pool, Tennis Court, Large Trampoline, Broadband Internet, 30 Mins Toulouse/Albi, 65 Mins Carcassonne, 90 Mins Rodez’

  (tags: ex-iona gites france holidays vacation-rentals vacation hotels)

• waxpancake on Ello

  The Ello founders are positioning it as an alternative to other social networks — they won’t sell your data or show you ads. “You are not the product.” If they were independently-funded and run as some sort of co-op, bootstrapped until profitable, maybe that’s plausible. Hard, but possible. But VCs don’t give money out of goodwill, and taking VC funding — even seed funding — creates outside pressures that shape the inevitable direction of a company.

  (tags: advertising money vc ello waxy funding series-a)

• Inviso: Visualizing Hadoop Performance

  With the increasing size and complexity of Hadoop deployments, being able to locate and understand performance is key to running an efficient platform.  Inviso provides a convenient view of the inner workings of jobs and platform.  By simply overlaying a new view on existing infrastructure, Inviso can operate inside any Hadoop environment with a small footprint and provide easy access and insight.  

  This sounds pretty useful.

  (tags: inviso netflix hadoop emr performance ops tools)

• The End of Linux

  ‘Linux is becoming the thing that we adopted Linux to get away from.’ Great post on the horrible complexity of systemd. It reminds me of nothing more than mid-90s AIX, which I had the displeasure of opsing for a while — the Linux distros have taken a very wrong turn here.

  (tags: linux unix complexity compatibility ops rant systemd bloat aix)

• Amazon’s CloudSearch is now powered by Solr

  good testimonial

  (tags: cloudsearch solr amazon search aws lucene)

• oss-sec: Re: CVE-2014-6271: remote code execution through bash

  this is truly heinous. Given that any CGI which invokes popen()/system() on a Linux system where /bin/sh is a link to bash is vulnerable, there will be a lot of vulnerable services out there (via Elliot)

  (tags: via:elliottucker cgi security bash sh exploits linux popen unix)

• Avoiding Chef-Suck with Auto Scaling Groups – forty9ten

  Some common problems which arise using Chef with ASGs in EC2, and how these guys avoided it — they stopped using Chef for service provisioning, and instead baked AMIs when a new version was released. ASGs using pre-baked AMIs definitely works well so this makes good sense IMO.

  (tags: infrastructure chef ops asg auto-scaling ec2 provisioning deployment)

• Introducing Groups.io

  Mark “ONEList” Fletcher’s back, and he’s reinventing the email group! awesome.

  email groups (the modern version of mailing lists) have stagnated over the past decade. Yahoo Groups and Google Groups both exude the dank air of benign neglect. Google Groups hasn’t been updated in years, and some of Yahoo’s recent changes have actually made Yahoo Groups worse! And yet, millions of people put up with this uncertainty and neglect, because email groups are still one of the best ways to communicate with groups of people. And I have a plan to make them even better. So today I’m launching Groups.io in beta, to bring email groups into the 21st Century. At launch, we have many features that those other services don’t have, including: Integration with other services, including: Github, Google Hangouts, Dropbox, Instagram, Facebook Pages, and the ability to import Feeds into your groups. Businesses and organizations can have their own private groups on their own subdomain. Better archive organization, using hashtags. Many more email delivery options. The ability to mute threads or hashtags. Fully searchable archives, including searching within attachments. One other feature that Groups.io has that Yahoo and Google don’t, is a business model that’s not based on showing ads to you. Public groups are completely free on Groups.io. Private groups and organizations are very reasonably priced.

  (tags: email groups communication discussion mailing-lists groups.io yahoo google google-groups yahoo-groups)

• The Open Source Software Engagement Award

  SFU announces award for students who demonstrate excellence in contributing to an Open Source project

  (tags: sfu awards students open-source oss universities funding)

• DublinDashboard

  ‘provides citizens, public sector workers and companies with real-time information, time-series indicator data, and interactive maps about all aspects of the city. It enables users to gain detailed, up to date intelligence about the city that aids everyday decision making and fosters evidence-informed analysis.’

  (tags: dublin dashboards maps geodata time-series open-data ireland)

• mcrouter: A memcached protocol router for scaling memcached deployments

  New from Facebook engineering:

  Last year, at the Data@Scale event and at the USENIX Networked Systems Design and Implementation conference , we spoke about turning caches into distributed systems using software we developed called mcrouter (pronounced “mick-router”). Mcrouter is a memcached protocol router that is used at Facebook to handle all traffic to, from, and between thousands of cache servers across dozens of clusters distributed in our data centers around the world. It is proven at massive scale — at peak, mcrouter handles close to 5 billion requests per second. Mcrouter was also proven to work as a standalone binary in an Amazon Web Services setup when Instagram used it last year before fully transitioning to Facebook’s infrastructure. Today, we are excited to announce that we are releasing mcrouter’s code under an open-source BSD license. We believe it will help many sites scale more easily by leveraging Facebook’s knowledge about large-scale systems in an easy-to-understand and easy-to-deploy package.

  This is pretty crazy — basically turns a memcached cluster into a much more usable clustered-storage system, with features like shadowing production traffic, cold cache warmup, online reconfiguration, automatic failover, prefix-based routing, replicated pools, etc. Lots of good features.

  (tags: facebook scaling cache proxy memcache open-source clustering distcomp storage)

• DIRECT MARKETING – A GENERAL GUIDE FOR DATA CONTROLLERS

  In particular:

  Where you have obtained contact details in the context of the sale of a product or service, you may only use these details for direct marketing by electronic mail if the following conditions are met: the product or service you are marketing is of a kind similar to that which you sold to the customer at the time you obtained their contact details At the time you collected the details, you gave the customer the opportunity to object, in an easy manner and without charge, to their use for marketing purposes Each time you send a marketing message, you give the customer the right to object to receipt of further messages The sale of the product or service occurred not more than twelve months prior to the sending of the electronic marketing communication or, where applicable, the contact details were used for the sending of an electronic marketing communication in that twelve month period.

  (tags: email spam regulations ireland law dpc marketing direct-marketing)

• A Linear-Time, One-Pass Majority Vote Algorithm

  This algorithm, which Bob Boyer and I invented in 1980, decides which element of a sequence is in the majority, provided there is such an element.

  (tags: algorithms one-pass o(1) coding majority top-k sorting)

• tinystat – GoDoc

  tinystat is used to compare two or more sets of measurements (e.g., runs of a multiple runs of benchmarks of two possible implementations) and determine if they are statistically different, using Student’s t-test. It’s inspired largely by FreeBSD’s ministat (written by Poul-Henning Kamp).

  (tags: t-test student statistics go coda-hale tinystat stats tools command-line unix)

• Internet Trolls Are Narcissists, Psychopaths, and Sadists | Psychology Today

  The relationship between this Dark Tetrad [of narcissism, Machiavellianism, psychopathy, and sadism] and trolling is so significant, that the authors write the following in their paper: “… the associations between sadism and GAIT (Global Assessment of Internet Trolling) scores were so strong that it might be said that online trolls are prototypical everyday sadists.” [emphasis added] Trolls truly enjoy making you feel bad. To quote the authors once more (because this is a truly quotable article): “Both trolls and sadists feel sadistic glee at the distress of others. Sadists just want to have fun … and the Internet is their playground!”

  Bloody hell.

  (tags: trolls sadism narcissism psychopaths online trolling psychology papers)

• Cassandra Summit Recap: Diagnosing Problems in Production

  Great runbook for C* ops

  (tags: cassandra ops storage)

• pcstat

  get page cache statistics for files.

  A common question when tuning databases and other IO-intensive applications is, “is Linux caching my data or not?” pcstat gets that information for you using the mincore(2) syscall. I wrote this is so that Apache Cassandra users can see if ssTables are being cached.

  (tags: linux page-cache caching go performance cassandra ops mincore fincore)

• 75% of domestic violence victims in US shelters were spied on by their abusers using spyware

  via Mikko

• Alex Payne — Thoughts On Five Years of Emerging Languages

  One could read the success of Go as an indictment of contemporary PLT, but I prefer to see it as a reminder of just how much language tooling matters. Perhaps even more critical, Go’s lean syntax, selective semantics, and cautiously-chosen feature set demonstrate the importance of a strong editorial voice in a language’s design and evolution. Having co-authored a book on Scala, it’s been painful to see systems programmers in my community express frustration with the ambitious hybrid language. I’ve watched them abandon ship and swim back to the familiar shores of Java, or alternately into the uncharted waters of Clojure, Go, and Rust. A pity, but not entirely surprising if we’re being honest with ourselves. Unlike Go, Scala has struggled with tooling from its inception. More than that, Scala has had a growing editorial problem. Every shop I know that’s been successful with Scala has limited itself to some subset of the language. Meanwhile, in pursuit of enterprise developers, its surface area has expanded in seemingly every direction. The folks behind Scala have, thankfully, taken notice: upcoming releases are promised to focus on simplicity, clarity, and better tooling.

  (tags: scala go coding languages)

• Texas Judge References ‘The Big Lebowski’

  “The First Amendment of the U.S. Constitution is similarly suspicious of prior restraints,” wrote Justice Lehrmann in the decision highlighting a cornerstone that has “been reaffirmed time and again by the Supreme Court, this Court, Texas courts of appeals, legal treatises, and even popular culture.” That last reference to popular culture contained an interesting footnote citing none other than Walter Sobchak, a character in [‘The Big Lebowski’].

  (tags: lebowski movies coen-brothers prior-restraint law supreme-court walter-sobchak funny)

• on using JSON as a config file format

  Ben Hughes on twitter: “JSON is fine for config files, if you don’t want to comment your config file. Which is a way of saying, it isn’t fine for config files.”

  (tags: ben-hughes funny json file-formats config-files configuration software coding)

• Understanding weak isolation is a serious problem

  Peter Bailis complaining about the horrors of modern transactional databases and their unserializability, which noone seems to be paying attention to: ‘As you’re probably aware, there’s an ongoing and often lively debate between transactional adherents and more recent “NoSQL” upstarts about related issues of usability, data corruption, and performance. But, in contrast, many of these transactional inherents and the research community as a whole have effectively ignored weak isolation — even in a single server setting and despite the fact that literally millions of businesses today depend on weak isolation and that many of these isolation levels have been around for almost three decades.’ ‘Despite the ubiquity of weak isolation, I haven’t found a database architect, researcher, or user who’s been able to offer an explanation of when, and, probably more importantly, why isolation models such as Read Committed are sufficient for correct execution. It’s reasonably well known that these weak isolation models represent “ACID in practice,” but I don’t think we have any real understanding of how so many applications are seemingly (!?) okay running under them. (If you haven’t seen these models before, they’re a little weird. For example, Read Committed isolation generally prevents users from reading uncommitted or non-final writes but allows a number of bad things to happen, like lost updates during concurrent read-modify-write operations. Why is this apparently okay for many applications?)’

  (tags: acid consistency databases peter-bailis transactional corruption serializability isolation reliability)

• “Left-Right: A Concurrency Control Technique with Wait-Free Population Oblivious Reads” [pdf]

  ‘In this paper, we describe a generic concurrency control technique with Blocking write operations and Wait-Free Population Oblivious read operations, which we named the Left-Right technique. It is of particular interest for real-time applications with dedicated Reader threads, due to its wait-free property that gives strong latency guarantees and, in addition, there is no need for automatic Garbage Collection. The Left-Right pattern can be applied to any data structure, allowing concurrent access to it similarly to a Reader-Writer lock, but in a non-blocking manner for reads. We present several variations of the Left-Right technique, with different versioning mechanisms and state machines. In addition, we constructed an optimistic approach that can reduce synchronization for reads.’ See also http://concurrencyfreaks.blogspot.ie/2013/12/left-right-concurrency-control.html for java implementation code.

  (tags: left-right concurrency multithreading wait-free blocking realtime gc latency reader-writer locking synchronization java)

• Russell91/sshrc

  ‘bring your .bashrc, .vimrc, etc. with you when you ssh’. A really nice implementation of this idea (much nicer than my own version!)

  (tags: hacks productivity ssh remote shell sh bash via:johnke home-directory unix)

• Troubleshooting Production JVMs with jcmd

  remotely trigger GCs, finalization, heap dumps etc. Handy

  (tags: jvm jcmd debugging ops java gc heap troubleshooting)

• UK’s ICO spam regulator even more toothless now

  We appealed this decision, but on June 2014 the Upper Tribunal agreed with the First-tier Tribunal, cancelling our monetary penalty notice against Niebel and McNeish, and largely rendering our power to issue fines for breaches of PECR involving spam texts redundant.

  This is pretty terrible. The UK appears to have the weakest anti-spam regime in Europe due to the lack of powers given to ICO.

  (tags: ico anti-spam uk law regulation spam sms)

• Axel

  A nice curl/wget replacement which supports multi-TCP-connection downloads of HTTP/FTP resources. packaged for most Linux variants and OSX via brew

  (tags: axel curl wget via:johnke downloading tcp http ftp ubuntu debian unix linux)

• The State of ZFS on Linux

  Linux users familiar with other filesystems or ZFS users from other platforms will often ask whether ZFS on Linux (ZoL) is “stable”. The short answer is yes, depending on your definition of stable. The term stable itself is somewhat ambiguous.

  Oh dear. that’s not a good start. Good reference page, though

  (tags: zfs linux filesystems ops solaris)

• Screen time: Steve Jobs was a low tech parent

  “This is rule No. 1: There are no screens in the bedroom. Period. Ever.”

  (tags: screen-time kids children tv mobile technology life rules parenting)

• CausalImpact: A new open-source package for estimating causal effects in time series

  How can we measure the number of additional clicks or sales that an AdWords campaign generated? How can we estimate the impact of a new feature on app downloads? How do we compare the effectiveness of publicity across countries? In principle, all of these questions can be answered through causal inference. In practice, estimating a causal effect accurately is hard, especially when a randomised experiment is not available. One approach we’ve been developing at Google is based on Bayesian structural time-series models. We use these models to construct a synthetic control — what would have happened to our outcome metric in the absence of the intervention. This approach makes it possible to estimate the causal effect that can be attributed to the intervention, as well as its evolution over time. We’ve been testing and applying structural time-series models for some time at Google. For example, we’ve used them to better understand the effectiveness of advertising campaigns and work out their return on investment. We’ve also applied the models to settings where a randomised experiment was available, to check how similar our effect estimates would have been without an experimental control. Today, we’re excited to announce the release of CausalImpact, an open-source R package that makes causal analyses simple and fast. With its release, all of our advertisers and users will be able to use the same powerful methods for estimating causal effects that we’ve been using ourselves. Our main motivation behind creating the package has been to find a better way of measuring the impact of ad campaigns on outcomes. However, the CausalImpact package could be used for many other applications involving causal inference. Examples include problems found in economics, epidemiology, or the political and social sciences.

  (tags: causal-inference r google time-series models bayes adwords advertising statistics estimation metrics)

• Top 10 Historic Sites in Ireland and Northern Ireland — National Geographic

  Shamefully, I haven’t visited most of these!

  (tags: history neolithic ireland northern-ireland national-geographic tourism places)

• Software patents are crumbling, thanks to the Supreme Court

  Now a series of decisions from lower courts is starting to bring the ruling’s practical consequences into focus. And the results have been ugly for fans of software patents. By my count there have been 11 court rulings on the patentability of software since the Supreme Court’s decision — including six that were decided this month.  Every single one of them has led to the patent being invalidated. This doesn’t necessarily mean that all software patents are in danger — these are mostly patents that are particularly vulnerable to challenge under the new Alice precedent. But it does mean that the pendulum of patent law is now clearly swinging in an anti-patent direction. Every time a patent gets invalidated, it strengthens the bargaining position of every defendant facing a lawsuit from a patent troll.

  (tags: patents law alice swpats software supreme-court patent-trolls)

• Riding with the Stars: Passenger Privacy in the NYC Taxicab Dataset

  A practical demo of “differential privacy” — allowing public data dumps to happen without leaking privacy, using Laplace noise addition

  (tags: differential-privacy privacy leaks public-data open-data data nyc taxis laplace noise randomness)

• Platform Game

  I’m ambivalent about Microsoft acquiring Mojang. Will they Embrace and Extend Minecraft as they’ve done with other categories? Let’s hope not. On the other hand, some adult supervision and a Plugin API would be welcome. Mojang have the financial resources but lack the will and focus needed to publish and support a Plugin API. Perhaps Mojang themselves don’t realise just how important their little game has become.

  (tags: minecraft platforms games plugins mojang microsoft)

• Open Invention Network Symposium on Open Source Software and Patents in Context

  Dublin, 24th September 2014, hosted by Enterprise Ireland. Hosted by former Ubuntu counsel (via gcarr)

  (tags: via:gcarr ubuntu law legal open-source floss oss oin inventions patents swpat software ireland ei events)

• Chris Baus: TCP_CORK: More than you ever wanted to know

  Even with buffered streams the application must be able to instruct the OS to forward all pending data when the stream has been flushed for optimal performance. The application does not know where packet boundaries reside, hence buffer flushes might not align on packet boundaries. TCP_CORK can pack data more effectively, because it has direct access to the TCP/IP layer. [..] If you do use an application buffering and streaming mechanism (as does Apache), I highly recommend applying the TCP_NODELAY socket option which disables Nagle’s algorithm. All calls to write() will then result in immediate transfer of data.

  (tags: networking tcp via:nmaurer performance ip tcp_cork linux syscalls writev tcp_nodelay nagle packets)

• Okayu

  relatively-new Japanese place in the North Strand — delivers, too. Comes recommended by JK. Must try it out soon!

  (tags: takeaways delivery food restaurants japanese north-strand dublin)

• A gut microbe that stops food allergies

  Actual scientific research showing that antibiotic use may be implicated in allergies: ‘Nagler’s team first confirmed that mice given antibiotics early in life were far more susceptible to peanut sensitization, a model of human peanut allergy. Then, they introduced a solution containing Clostridia, a common class of bacteria that’s naturally found in the mammalian gut, into the rodents’ mouths and stomachs. The animals’ food allergen sensitization disappeared, the team reports online today in the Proceedings of the National Academy of Sciences. When the scientists instead introduced another common kind of healthy bacteria, called Bacteroides, into similarly allergy-prone mice, they didn’t see the same effect. Studying the rodents more carefully, the researchers determined that Clostridia were having a surprising effect on the mouse gut: Acting through certain immune cells, the bacteria helped keep peanut proteins that can cause allergic reactions out of the bloodstream. “The bacteria are maintaining the integrity of the [intestinal] barrier,” Nagler says.’

  (tags: allergies health food peanuts science research clostridium bacteria gut intestines immune-system mice papers pnas)

• #5045 (epoll_reactor::update_timeout() uses incorrect interrupter if TIMERFD is not available) – Boost C++ Libraries

  ah, memories. This is the bug that caused me to have to run a fleet-wide upgrade across the EC2 substrate. Thanks, boost::asio!

  (tags: bugs network-monitoring boost boost-asio memories history)

• Apple: Untrustable

  Today, Apple announced their “Most Personal Device Ever”. They also announced Apple Pay (the only mentions of “security” and “privacy” in today’s event), and are rolling out health tracking and home automation in iOS 8. Given their feckless track record [with cloud-service security], would you really trust Apple with (even more of) your digital life?

  (tags: icloud apple fail security hacks privacy)

• Not Safe For Not Working On

  Excellent post from Dan Kaminsky on concrete actions that cloud service providers like Apple and Google need to start taking.

  *It’s time to ban Password1*: […] Defenders are using simple rules like “doesn’t have an uppercase letter” and “not enough punctuation” to block passwords while attackers are just straight up analyzing password dumps and figuring out the most likely passwords to attempt in any scenario.  Attackers are just way ahead.  That has to change.  Defenders have password dumps too now.  It’s time we start outright blocking passwords common enough that they can be online brute forced, and it’s time we admit we know what they are. […] *People use communication technologies for sexy times. Deal with it*: Just like browsers have porn mode for the personal consumption of private imagery, cell phones have applications that are significantly less likely to lead to anyone else but your special friends seeing your special bits. I personally advise Wickr, an instant messaging firm that develops secure software for iPhone and Android. What’s important about Wickr here isn’t just the deep crypto they’ve implemented, though it’s useful too. What’s important in this context is that with this code there’s just a lot fewer places to steal your data from. Photos and other content sent in Wickr don’t get backed up to your desktop, don’t get saved in any cloud, and by default get removed from your friend’s phone after an amount of time you control. Wickr is of course not the only company supporting what’s called “ephemeral messaging”; SnapChat also dramatically reduces the exposure of your private imagery. […]

  via Leonard.

  (tags: icloud apple privacy security via:lhl snapchat wickr dan-kaminsky cloud-services backup)

• Inside Apple’s Live Event Stream Failure, And Why It Happened: It Wasn’t A Capacity Issue

  The bottom line with this event is that the encoding, translation, JavaScript code, the video player, the call to S3 single storage location and the millisecond refreshes all didn’t work properly together and was the root cause of Apple’s failed attempt to make the live stream work without any problems. So while it would be easy to say it was a CDN capacity issue, which was my initial thought considering how many events are taking place today and this week, it does not appear that a lack of capacity played any part in the event not working properly. Apple simply didn’t provision and plan for the event properly.

  (tags: cdn streaming apple fail scaling s3 akamai caching)

• BLDGBLOG: Procedural Brutalism

  a few GIFs of procedurally generated architecture by a game developer named Cedric, built using Unity. Cedric describes himself as an “indie game dev focused on social AI, emergent narrative and procedural worlds.” Imagine whole game worlds powered by real-time computation at the building level, constantly and parametrically fizzing with architectural forms, barely predictable new Woolworth Buildings and Barbicans sprouting on-demand from the ground whenever needed.

  (tags: brutalism architecture games graphics design procedural generation gifs animation)

• Comcast Wi-Fi serving self-promotional ads via JavaScript injection | Ars Technica

  Comcast is adding data into the broadband packet stream. In 2007, it was packets serving up disconnection commands. Today, Comcast is inserting JavaScript that is serving up advertisements, according to [Robb] Topolski, who reviewed Singel’s data. “It’s the duty of the service provider to pull packets without treating them or modifying them or injecting stuff or forging packets. None of that should be in the province of the service provider,” he said. “Imagine every Web page with a Comcast bug in the lower righthand corner. It’s the antithesis of what a service provider is supposed to do. We want Internet access, not another version of cable TV.”

  The company appears to be called Front Porch: http://arstechnica.com/tech-policy/2014/09/meet-the-tech-company-performing-ad-injections-for-big-cable/

  (tags: comcast ads injection security javascript http network-neutrality isps)

• “Perspectives On The CAP Theorem” [pdf]

  “We cannot achieve [CAP theorem] consistency and availability in a partition-prone network.”

  (tags: papers cap distcomp cap-theorem consistency availability partitions network reliability)

• Aerospike’s CA boast gets a thumbs-down from @aphyr

  Specifically, @aerospikedb cannot offer cursor stability, repeatable read, snapshot isolation, or any flavor of serializability. @nasav @aerospikedb At *best* you can offer Read Committed, which is not, I assert, what most people would expect from an “ACID” database.

  (tags: aphyr aerospike availability consistency acid transactions distcomp databases storage)

• How Twitter Uses Redis to Scale

  ‘105TB RAM, 39MM QPS, 10,000+ instances.’ Notes from a talk given by Yao Yu of Twitter’s Cache team, where she’s worked for 4 years. Lots of interesting insights into large-scale Redis caching usage — as in, large enough to max out the cluster hosts’ network bandwidth.

  (tags: twitter redis caching memcached yao-yu scaling)

• CLion – Brand New IDE for C and C++ Developers

  JetBrains (makers of the excellent Intelli/J) have come out with a C/C++ refactoring IDE which looks utterly fantastic. If I wind up hacking on C/C++ again in future, I’ll be using this one

  (tags: c c++ refactoring ide intelli-j clion jetbrains editors coding)

• Mail-in-a-Box

  ‘turns a fresh cloud computer into a working mail server. You get contact synchronization, spam filtering, and so on. On your phone, you can use apps like K-9 Mail and CardDAV-Sync free beta to sync your email and contacts between your phone and your box.’ (via Tony Finch)

  (tags: via:fanf mail diy hosting webmail ops)

• Irish Water Data Protection Notice: A review…

  Tried and came up wanting. Particularly notable for its illegal “Marketing” section, which attempts to evade opt-in-required anti-spam law with a “consent landgrab” on SMS and email

  (tags: irish-water law dpc data-protection privacy spam opt-in si336 sms email ireland)

• SI336 – current Irish anti-spam law

  “European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011”. Spam is covered under 13.1, “Unsolicited communications”, on page 16 of this PDF

  (tags: spam anti-spam law ireland eu ec sms email si336 privacy regulation)

• How do I keep my children safe online? What the security experts tell their kids | Technology | theguardian.com

  Lots of good advice for parents here

  (tags: kids online social-media internet web facebook privacy security)

• ‘The very first release of Gmail simply used spamassassin on the backend’

  Excellent. Confirming what I’d heard from a few other sources, too ;) This is a well-written history of the anti-spam war so far, from Mike Hearn, writing with the Google/Gmail point of view:

  Brief note about my background, to establish credentials: I worked at Google for about 7.5 years. For about 4.5 of those I worked on the Gmail abuse team, which is very tightly linked with the spam team (they use the same software, share the same on-call rotations etc).

  Reading this kind of stuff is awesome for me, since it’s a nice picture of a fun problem to work on — the Gmail team took the right ideas about how to fight spam, and scaled them up to the 10s-of-millions DAU mark. Nicely done. The second half is some interesting musings on end-to-end encrypted communications and how it would deal with spam. Worth a read…

  (tags: gmail google spam anti-spam filtering spamassassin history)

• The FBI Finally Says How It ‘Legally’ Pinpointed Silk Road’s Server

  The answer, according to a new filing by the case’s prosecution, is far more mundane: The FBI claims to have found the server’s location without the NSA’s help, simply by fiddling with the Silk Road’s login page until it leaked its true location.

  (tags: fbi nsa silk-road tor opsec dread-pirate-roberts wired)

• The Ramifications of Alice: A Conversation with Mark Lemley – IPWatchdog.com

  I think you need to review what is actually happening at the USPTO in terms of rejections and how the Federal Circuit is applying Alice to find software patent claims patent ineligible. We are not crying wolf. It is really, factually, truthfully happening.

  On the face of it, this sounds like great news ;)

  (tags: swpat patents alice uspto ip reform software)

• Why A Dead Alkaline Battery Bounces

  Nice bit of science

  (tags: batteries video chemistry science bouncing)

• Visualizing Garbage Collection Algorithms

  Great dataviz with animated GIFs

  (tags: algorithms gc memory visualization garbage-collection dataviz refcounting mark-and-sweep)

• Standard Markdown

  John Gruber’s canonical description of Markdown’s syntax does not specify the syntax unambiguously. In the absence of a spec, early implementers consulted the original Markdown.pl code to resolve these ambiguities. But Markdown.pl was quite buggy, and gave manifestly bad results in many cases, so it was not a satisfactory replacement for a spec. Because there is no unambiguous spec, implementations have diverged considerably. As a result, users are often surprised to find that a document that renders one way on one system (say, a GitHub wiki) renders differently on another (say, converting to docbook using Pandoc). To make matters worse, because nothing in Markdown counts as a “syntax error,” the divergence often isn’t discovered right away. There’s no standard test suite for Markdown; the unofficial MDTest is the closest thing we have. The only way to resolve Markdown ambiguities and inconsistencies is Babelmark, which compares the output of 20+ implementations of Markdown against each other to see if a consensus emerges. We propose a standard, unambiguous syntax specification for Markdown, along with a suite of comprehensive tests to validate Markdown implementations against this specification. We believe this is necessary, even essential, for the future of Markdown.

  (tags: writing markdown specs standards text formats html)

• Postcodes at last but random numbers don’t address efficiency

  Karlin Lillington assembles a fine collection of quotes from various sources panning the new Eircode system:

  Critics say the opportunity has been missed to use Ireland’s clean-slate status to produce a technologically innovative postcode system that would be at the cutting edge globally; similar to the competitive leap that was provided when the State switched to a digital phone network in the 1980s, well ahead of most of the world. Instead, say organisations such as the Freight Transport Association of Ireland (FTAI), the proposed seven-digit format of scrambled letters and numbers is almost useless for a business sector that should most benefit from a proper postcode system: transport and delivery companies, from international giants like FedEx and UPS down to local courier, delivery and service supplier firms. Because each postcode will reveal the exact address of a home or business, privacy advocates are concerned that online use of postcodes could link many types of internet activity, including potentially sensitive online searches, to a specific household or business.

  (tags: eircode government fail ireland postcodes location ftai random)

• Two Factor Auth List

  List of websites and whether or not they support 2FA. Also see the list of 2FA providers and the platforms they support.

  (tags: 2fa mfa authentication security web-services web)

• Using spot instances

  Excellent post on all of the ins and outs of EC2 spot instance usage

  (tags: ec2 aws spot-instances pricing cloud auto-scaling ops)

• Nik Cubrilovic – Notes on the Celebrity Data Theft

  tl;dr: a lot of people are spending a lot of time stealing nudie pics from celebrities. See also http://www.zdziarski.com/blog/?p=3783 for more details on the probable approaches used. Grim.

  (tags: apple privacy security celebrities pics hacking iphone ipad ios exploits brute-force passwords 2fa mfa find-my-iphone icloud backups)

• How To Remove a Stripped Screw Without an Extractor

  one for future reference. Hate when this happens

  (tags: repair diy stripped-screws screws rubber-bands)

• Nix: The Purely Functional Package Manager

  ‘a powerful package manager for Linux and other Unix systems that makes package management reliable and reproducible. It provides atomic upgrades and rollbacks, side-by-side installation of multiple versions of a package, multi-user package management and easy setup of build environments. ‘ Basically, this is a third-party open source reimplementation of Amazon’s (excellent) internal packaging system, using symlinks to versioned package directories to ensure atomicity and the ability to roll back. This is definitely the *right* way to build packages — I know what tool I’ll be pushing for, next time this question comes up. See also nixos.org for a Linux distro built on Nix.

  (tags: ops linux devops unix packaging distros nix nixos atomic upgrades rollback versioning)

• Facebook’s drop-in replacement for std::vector

  Fixes some low-hanging fruit, performance-wise. ‘Simply replacing std::vector with folly::fbvector (after having included the folly/FBVector.h header file) will improve the performance of your C++ code using vectors with common coding patterns. The improvements are always non-negative, almost always measurable, frequently significant, sometimes dramatic, and occasionally spectacular.’ (via Tony Finch)

  (tags: c++ facebook performance algorithms vectors via:fanf optimization)

• Applying cardiac alarm management techniques to your on-call

  An ops-focused take on a recent story about alarm fatigue, and how a Boston hospital dealt with it. When I was in Amazon, many of the teams in our division had a target to reduce false positive pages, with a definite monetary value attached to it, since many teams had “time off in lieu” payments for out-of-hours pages to the on-call staff. As a result, reducing false-positive pages was reasonably high priority and we dealt with this problem very proactively, with a well-developed sense of how to do so. It’s interesting to see how the outside world is only just starting to look into its amelioration. (Another benefit of a TOIL policy ;)

  (tags: ops monitoring sysadmin alerts alarms nagios alarm-fatigue false-positives pages)

• “Invertible Bloom Lookup Tables” [paper]

  ‘We present a version of the Bloom filter data structure that supports not only the insertion, deletion, and lookup of key-value pairs, but also allows a complete listing of the pairs it contains with high probability, as long the number of key- value pairs is below a designed threshold. Our structure allows the number of key-value pairs to greatly exceed this threshold during normal operation. Exceeding the threshold simply temporarily prevents content listing and reduces the probability of a successful lookup. If entries are later deleted to return the structure below the threshold, everything again functions appropriately. We also show that simple variations of our structure are robust to certain standard errors, such as the deletion of a key without a corresponding insertion or the insertion of two distinct values for a key. The properties of our structure make it suitable for several applications, including database and networking applications that we highlight.’

  (tags: iblt bloom-filters data-structures performance algorithms coding papers probabilistic)

• Some UX Dark Patterns now illegal in the EU

  The EU’s new consumer rights law bans certain dark patterns related to e-commerce across Europe. The “sneak into basket” pattern is now illegal. Full stop, end of story. You cannot create a situation where additional items and services are added by default. […] Hidden costs are now illegal, whether that’s an undeclared subscription, extra shipping charges, or extra items. [….] Forced continuity, when imposed on the user as a form of bait-and-switch, has been banned. Just the other day a web designer mentioned to me that he had only just discovered he had been charged for four years of annual membership dues in a “theme club”, having bought what he thought was a one-off theme. Since he lives in Europe, he may be able to claim all of this money back. All he needs to do is prove that the website did not inform him that the purchase included a membership with recurring payments.

  (tags: design europe law ecommerce ux dark-patterns scams ryanair selling online consumer consumer-rights bait-and-switch)

• Girl Not Against Fluoride

  The CDC (Centre for Disease Control) lists water fluoridation as one of the ten great public health achievements of the 20th Century. Today, Dublin City Council will vote on whether to remove fluoride from our water supply, and when they do, it will not be because the CDC or the WHO have changed their mind about fluoridation, or because new and compelling information makes it the only choice. It will be because people who believe in angel healing, homeopathy, and chemtrails, have somehow gained the ability to influence public policy.

  (tags: dcc dublin law flouride science zenbuffy homeopathy woo health teeth)

• Revisiting How We Put Together Linux Systems

  Building a running OS out of layered btrfs filesystems. This sounds awesome.

  Instantiating a new system or OS container (which is exactly the same in this scheme) just consists of creating a new appropriately named root sub-volume. Completely naturally you can share one vendor OS copy in one specific version with a multitude of container instances. Everything is double-buffered (or actually, n-fold-buffered), because usr, runtime, framework, app sub-volumes can exist in multiple versions. Of course, by default the execution logic should always pick the newest release of each sub-volume, but it is up to the user keep multiple versions around, and possibly execute older versions, if he desires to do so. In fact, like on ChromeOS this could even be handled automatically: if a system fails to boot with a newer snapshot, the boot loader can automatically revert back to an older version of the OS.

  (via Tony Finch)

  (tags: via:fanf linux docker btrfs filesystems unionfs copy-on-write os hacking unix)

• cloudflare/lua-aho-corasick

  A nice Lua/C++ implementation of Aho-Corasick for fast string matching against multiple patterns (via JGC). This uses an interesting technique to get better performance by compacting the data structure into a single buffer, to avoid following pointers all over RAM and busting the cache.

  (tags: optimization speed performance aho-corasick tries string-matching strings algorithms lua c++ via:jgc)

• On-Demand Jenkins Slaves With Amazon EC2

  This is very likely where we’ll be going for our acceptance tests in Swrve

  (tags: testing jenkins ec2 spot-instances scalability auto-scaling ops build)

• Google’s new end-to-end key distribution proposal

  ‘For End-To-End, our current approach to key distribution, is to use a model similar to Certificate Transparency, and use the email messages themselves as a gossip protocol, which allow the users themselves to keep the centralized authorities honest. This approach allows users to not have to know about keys, but at the same time, be able to make sure that the servers involved aren’t doing anything malicious behind the users’ back.’

  (tags: end-to-end encryption google security email crypto key-distribution)

• The Broadcasting Association of Ireland and the NUJ agree: the internet must be regulated so that it can be ‘brought into line’

  ‘The Irish Times podcast ends with both the NUJ’s Seamus Dooley and Prof Kenny agreeing that somebody must regulate the internet so that it can be brought into line.’

  (tags: regulation ireland law dangerous nuj bai journalism censorship)

• Apache Kafka 0.8 basic training

  This is a pretty voluminous and authoritative presentation about getting started with Kafka; wish this was around when we started using it for 0.7. (We use our own homegrown realtime system nowadays, due to better partitioning, monitoring and operability.)

  (tags: storm kafka presentations documentation ops)

• Wiki Loves Monuments

  Wiki Loves Monuments is an international photo contest, organised by Wikimedia […]. This year, the Wikimedia Ireland Community are running the competition for the very first time in Ireland. The contest is inspired by the successful 2010 pilot in the Netherlands which resulted in 12,500 freely licensed images uploaded to Wikimedia Commons. It has grown substantially since its inception; in 2013 369,589 photographs were submitted by 11,943 participants from over 50 countries. Cultural heritage is an important part of the knowledge that Wikipedia collects and disseminates. An image is worth a thousand words, in any language and local enthusiasts can (re)discover the cultural, historical, or scientific significance of their neighbourhood. The Irish contest, focussing on Ireland’s national monuments, runs from August 23 – September 30. Follow our step-by-step guide to find out how you can take part.

  (tags: wikipedia wikimedia images monuments history ireland contests creative-commons licensing)

• “CryptoPhone” claims to detect IMSI catchers in operation

  To show what the CryptoPhone can do that less expensive competitors cannot, he points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone.  Interceptors look to a typical phone like an ordinary tower.  Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device. “Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says.  “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip.  We even found one at South Point Casino in Las Vegas.”

  (tags: imsi-catchers security cryptophone phones mobile 3g 4g eavesdropping surveillance)

• The poisoned NUL byte, 2014 edition

  A successful exploit of Fedora glibc via a single NUL overflow (via Tony Finch)

  (tags: via:fanf buffer-overflows security nul byte exploits google project-zero)