Justin's Linklog Posts

RTE star Sharon Ni Bheolain stalked for six months – Independent.ie

as @Fergal says: ‘[this] case shows (a) the internet isn’t anonymous, (b) we [ie. Ireland -jm] have laws to deal with threats and harassment’

(tags: law ireland harassment internet twitter email abuse cyberstalking)

ImperialViolet – Apple’s SSL/TLS bug

as we all know by now, a misplaced “goto fail” caused a critical, huge security flaw in versions of IOS and OSX SSL, since late 2012. Lessons: 1. unit test the failure cases, particularly for critical security code! 2. use braces. 3. dead-code analysis would have caught this. I’m not buying the “goto considered harmful” line, though, since any kind of control flow structure would have had the same problem.

(tags: coding apple osx ios crypto ssl security goto-fail goto fail unit-testing coding-standards)

Comcast’s deal with Netflix makes network neutrality obsolete

in a world where Netflix and Yahoo connect directly to residential ISPs, every Internet company will have its own separate pipe. And policing whether different pipes are equally good is a much harder problem than requiring that all of the traffic in a single pipe be treated the same. If it wanted to ensure a level playing field, the FCC would be forced to become intimately involved in interconnection disputes, overseeing who Verizon interconnects with, how fast the connections are and how much they can charge to do it.

(tags: verizon comcast internet peering networking netflix network-neutrality)

Data visualization: breaking down The Economist’s classic chart style

nice piece of classic graph design

(tags: economist graphs dataviz charts design ui)

Netflix packets being dropped every day because Verizon wants more money | Ars Technica

With Cogent and Verizon fighting, [peering capacity] upgrades are happening at a glacial pace, according to Schaeffer. “Once a port hits about 85 percent throughput, you’re going to begin to start to drop packets,” he said. “Clearly when a port is at 120 or 130 percent [as the Cogent/Verizon ones are] the packet loss is material.” The congestion isn’t only happening at peak times, he said. “These ports are so over-congested that they’re running in this packet dropping state 22, 24 hours a day. Maybe at four in the morning on Tuesday or something there might be a little bit of headroom,” he said.

(tags: packet-loss networking internet cogent netflix verizon peering)

Hospital records of all NHS patients sold to insurers – Telegraph

The 274-page report describes the NHS Hospital Episode Statistics as a “valuable data source in developing pricing assumptions for ‘critical illness’ cover.” It says that by combining hospital data with socio-economic profiles, experts were able to better calculate the likelihood of conditions, with “amazingly” clear forecasts possible for certain diseases, in particular lung cancer. Phil Booth, from privacy campaign group medConfidential, said: “The language in the document is extraordinary; this isn’t about patients, this is about exploiting a market. Of course any commercial organisation will focus on making a profit – the question is why is the NHS prepared to hand this data over?”

(tags: nhs privacy data insurance uk politics data-protection)

Desert Breath

‘A Monumental Land Art Installation in the Sahara Desert’, by the D.A.S.T. Arteam in 1997. More correctly, near the Red Sea resort of El Gouna — so possible to visit!

(tags: el-gouna sahara deserts land-art art via:colossal desert-breath spirals)

Harvard Research Computing Resources Misused for ‘Dogecoin’ Mining Operation

A member of the Harvard community was stripped of his or her access to the University’s research computing facilities last week after setting up a “dogecoin” mining operation using a Harvard research network, according to an internal email circulated by Faculty of Arts and Sciences Research Computing officials.

(tags: harvard dogecoin bitcoin mining misuse abuse supercomputers)

GIFFFFR

turn Youtube videos into animated GIFs (via Waxy)

(tags: via:waxy gifs youtube video animated-gifs images web)

‘Scaling to Millions of Simultaneous Connections’ [pdf]

Presentation by Rick Reed of WhatsApp on the large-scale Erlang cluster backing the WhatsApp API, delivered at Erlang Factory SF, March 30 2012. lots of juicy innards here

(tags: erlang scaling scalability performance whatsapp freebsd presentations)

Traffic Graph – Google Transparency Report

this is cool. Google are exposing an aggregated ‘all services’ hit count time-series graph, broken down by country, as part of their Transparency Report pages

(tags: transparency filtering web google http graphs monitoring syria)

Huge Redis rant

I want to emphasize that if you use redis as intended (as a slightly-persistent, not-HA cache), it’s great. Unfortunately, more and more shops seem to be thinking that Redis is a full-service database and, as someone who’s had to spend an inordinate amount of time maintaining such a setup, it’s not. If you’re writing software and you’re thinking “hey, it would be easy to just put a SET key value in this code and be done,” please reconsider. There are lots of great products out there that are better for the overwhelming majority of use cases.

(tags: redis storage architecture memory caching ha databases)

Projectors on The Wirecutter

I’m going to need this pretty soon — lots of white spots showing up with the current BenQ :(

(tags: projectors video home hardware reviews)

Belkin managed to put their firmware update private key in the distribution

‘The firmware updates are encrypted using GPG, which is intended to prevent this issue. Unfortunately, Belkin misuses the GPG asymmetric encryption functionality, forcing it to distribute the firmware-signing key within the WeMo firmware image. Most likely, Belkin intended to use the symmetric encryption with a signature and a shared public key ring. Attackers could leverage the current implementation to easily sign firmware images.’ Using GPG to sign your firmware updates: yay. Accidentally leaving the private key in the distribution: sad trombone.

(tags: fail wemo belkin firmware embedded-systems security updates distribution gpg crypto public-key pki home-automation ioactive)

Video Processing at Dropbox

On-the-fly video transcoding during live streaming. They’ve done a great job of this!

At the beginning of the development of this feature, we entertained the idea to simply pre-transcode all the videos in Dropbox to all possible target devices. Soon enough we realized that this simple approach would be too expensive at our scale, so we decided to build a system that allows us to trigger a transcoding process only upon user request and cache the results for subsequent fetches. This on-demand approach: adapts to heterogeneous devices and network conditions, is relatively cheap (everything is relative at our scale), guarantees low latency startup time.

(tags: ffmpeg dropbox streaming video cdn ec2 hls http mp4 nginx haproxy aws h264)

GPLv2 being tested in US court

The case is still ongoing, so one to watch.

Plaintiff wrote an XML parser and made it available as open source software under the GPLv2. Defendant acquired from another vendor software that included the code, and allegedly distributed that software to parties outside the organization. According to plaintiff, defendant did not comply with the conditions of the GPL, so plaintiff sued for copyright infringement. Defendants moved to dismiss for failure to state a claim. The court denied the motion.

(tags: gpl open-source licensing software law legal via:fplogue)

Latest Snowden leak: GCHQ spying on Wikileaks users

“How could targeting an entire website’s user base be necessary or proportionate?” says Gus Hosein, executive director of the London-based human rights group Privacy International. “These are innocent people who are turned into suspects based on their reading habits. Surely becoming a target of a state’s intelligence and security apparatus should require more than a mere click on a link.” The agency’s covert targeting of WikiLeaks, Hosein adds, call into question the entire legal rationale underpinning the state’s system of surveillance. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies,” he says. “But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law.”

(tags: gchq wikileaks snowden privacy spying surveillance politics)

“Hackers” unsubscribed a former Mayor from concerned citizen’s emails

“The dog ate my homework, er, I mean, hackers hacked my account.”

Former Mayor of Kildare, Cllr. Michael Nolan, has denied a claim he asked a local campaigner to stop e-mailing him. Cllr. Michael Nolan from Newbridge said his site was hacked and wrong e-mails were sent out to a number of people, including Leixlip based campaigner, John Weigel. Mr. Weigel has been campaigning, along with others, about the danger of electromagnetic radiation to humans and the proximity of communications masts to homes and, in particular schools. He regularly updates local politicians on news items relating to the issue. Recently, he said that he had received an e-mail from Cllr. Nolan asking to be removed from Mr. Weigel’s e-mail list. The Leader asked Cllr. Nolan why he had done this. But the Fine Gael councillors said that “his e-mail account was hacked and on one particular day a number of mails a were sent from my account pertaining to be from me.”

(tags: dog-ate-my-homework hackers funny kildare newbridge fine-gael michael-nolan email politics ireland excuses)

Making Remote Work Work

very good, workable tips on how to remote-work effectively (both in the comments of this thread and the original article)

(tags: tips productivity collaboration hn via:lhl remote-working telecommuting work)

Disgraced Scientist Granted U.S. Patent for Work Found to be Fraudulent – NYTimes.com

Korean researcher Hwang Woo-suk electrified the science world 10 years ago with his claim that he had created the world’s first cloned human embryos and had extracted stem cells from them. But the work was later found to be fraudulent, and Dr. Hwang was fired from his university and convicted of crimes. Despite all that, Dr. Hwang has just been awarded an American patent covering the disputed work, leaving some scientists dumbfounded and providing fodder to critics who say the Patent Office is too lax. “Shocked, that’s all I can say,” said Shoukhrat Mitalipov, a professor at Oregon Health and Science University who appears to have actually accomplished what Dr. Hwang claims to have done. “I thought somebody was kidding, but I guess they were not.” Jeanne F. Loring, a stem cell scientist at the Scripps Research Institute in San Diego, said her first reaction was “You can’t patent something that doesn’t exist.” But, she said, she later realized that “you can.”

(tags: patents absurd hwang-woo-suk cloning stem-cells science biology uspto)

Blockade

‘Testing applications under slow or flaky network conditions can be difficult and time consuming. Blockade aims to make that easier. A config file defines a number of docker containers and a command line tool makes introducing controlled network problems simple.’ Open-source release from Dell’s Cloud Manager team (ex-Enstratius), inspired by aphyr’s Jepsen. Simulates packet loss using “tc netem”, so no ability to e.g. drop packets on certain flows or certain ports. Still, looks very usable — great stuff.

(tags: testing docker networking distributed distcomp enstratius jepsen network outages partitions cap via:lusis)

FlightAware MiseryMap

what US airports are causing the most misery? Looks like that old favourite, storms in ORD, right now…. (via Theo Schlossnagle)

(tags: via:postwait misery air-travel travel flying ord weather maps)

About Ultima Ratio Regum

This sounds amazing. I hope it makes it to some kind of “semi-finished”.

A semi-roguelike game inspired by Jorge Borges, Umberto Eco, Neal Stephenson, Shadow of the Colossus, Europa Universalis and Civilization. Although currently in its early stages, URR aims to explore several philosophical and sociological issues that both arose during the sixteenth and seventeenth century (when the game is approximately set), and in the present day, whilst almost being a deep, complex and highly challenging roguelike. To do this the game seeks to generate realistic world histories, though ones containing a few unusual happenings and anomalous experiences. The traditional roguelike staple of combat will be rare and deadly – whilst these mechanics will be modeled in detail, exploration, trade and diplomacy factors will have just as much effort put into them.

(tags: games ultima-ratio-regum roguelikes borges umberto-eco worlds ascii-art)

Beirtear na IMSIs: Ireland’s GSOC surveillance inquiry reveals use of mobile phone interception systems | Privacy International

It is interesting to note that the fake UK network was the only one detected by Verrimus. However, given that IMSI Catchers operate multiple fake towers simultaneously, it is highly likely that one or more Irish networks were also being intercepted. Very often a misconfiguration, such as an incorrect country code, is the only evidence available of an IMSI Catcher being deployed when forensic tools are not being used to look for one.

(tags: privacy imsi-catchers surveillance bugging spying gsocgate gsoc ireland mobile-phones)

TCP incast vs Riak

An extremely congested local network segment causes the “TCP incast” throughput collapse problem — packet loss occurs, and TCP throughput collapses as a side effect. So far, this is pretty unsurprising, and anyone designing a service needs to keep bandwidth requirements in mind. However it gets worse with Riak. Due to a bug, this becomes a serious issue for all clients: the Erlang network distribution port buffers fill up in turn, and the Riak KV vnode process (in its entirety) will be descheduled and ‘cannot answer any more queries until the A-to-B network link becomes uncongested.’ This is where EC2’s fully-uncontended-1:1-network compute cluster instances come in handy, btw. ;)

(tags: incast tcp networking bandwidth riak architecture erlang buffering queueing)

Irish Law Society takes a stand for “brand owners IP rights”

The Law Society will attend a meeting of the Oireachtas Health Committee today to outline its strong opposition to the Government proposals to introduce legislation that will require tobacco products to use plain packaging. The society’s director general Ken Murphy will be its principal representative at the meeting today to discuss its submission on the legislation, and to discuss its concerns that a plain packaging regime will undermine registered trade mark, and design, systems and will amount to an “expropriation of brand owners intellectual property rights’. Speaking ahead of the meeting, Mr Murphy told The Irish Times the views contained in it represent those of the Law Society as a whole, and its 10,000 members, and have been endorsed by the society as a whole, rather than the committee. Mr Murphy also said the purpose of the Law Society submission was not to protect the tobacco industry, rather the wider effect and impact such a law would have on intellectual property rights, trade marks, in other areas. “There is a real concern also that plain packaging in the tobacco industry is just the beginning of a trend that will severely undermine intellectual property owners’ rights in other sectors such as alcohol, soft drinks and fast foods.”

(tags: law-society gubu law ireland ip packaging branding trademarks cigarettes health tobacco)

British American Tobacco – Plain packaging of tobacco products

Compare and contrast with the Law Society’s comments:

We believe we are entitled to use our packs to distinguish our products from those of our competitors. Our brands are our intellectual property which we have created and invested in. Plain packaging would deny us the right to use brands. But also, a brand is also an important tool for consumers. As the British Brands Group has stated  , plain packaging legislation “ignores the crucial role that branding plays in providing consumers with high quality, consistent products they can trust”. The restriction of valuable corporate brands by any government would risk placing it in breach of legal obligations relating to intellectual property rights and, in most cases, international trade.

(tags: law-society branding ip ireland tobacco cigarettes law trademarks)

Why dispute resolution is hard

Good stuff (as usual) from Ross Anderson and Stephen Murdoch. ‘Today we release a paper on security protocols and evidence which analyses why dispute resolution mechanisms in electronic systems often don’t work very well. On this blog we’ve noted many many problems with EMV (Chip and PIN), as well as other systems from curfew tags to digital tachographs. Time and again we find that electronic systems are truly awful for courts to deal with. Why? The main reason, we observed, is that their dispute resolution aspects were never properly designed, built and tested. The firms that delivered the main production systems assumed, or hoped, that because some audit data were available, lawyers would be able to use them somehow. As you’d expect, all sorts of things go wrong. We derive some principles, and show how these are also violated by new systems ranging from phone banking through overlay payments to Bitcoin. We also propose some enhancements to the EMV protocol which would make it easier to resolve disputes over Chip and PIN transactions.’

(tags: finance security ross-anderson emv bitcoin chip-and-pin banking architecture verification vvat logging)

CJEU in #Svensson says that in general it is OK to hyperlink to protected works without permission

IPKat says ‘this morning the Court of Justice of the European Union issued its keenly awaited decision in Case C-466/12 Svensson […]: The owner of a website may, without the authorisation of the copyright holders, redirect internet users, via hyperlinks, to protected works available on a freely accessible basis on another site. This is so even if the internet users who click on the link have the impression that the work is appearing on the site that contains the link.’ This is potentially big news. Not so much for the torrent-site scenario, but for the NNI/NLI linking-to-newspaper-stories scenario.

(tags: ip svensson cjeu eu law pirate-bay internet web links http copyright linking hyperlinks)

Migrating from MongoDB to Cassandra

Interesting side-effect of using LUKS for full-disk encryption: ‘For every disk read, we were pulling in 3MB of data (RA is sectors, SSZ is sector size, 6144*512=3145728 bytes) into cache. Oops. Not only were we doing tons of extra work, but we were trashing our page cache too. The default for the device-mapper used by LUKS under Ubuntu 12.04LTS is incredibly sub-optimal for database usage, especially our usage of Cassandra (more small random reads vs. large rows). We turned this down to 128 sectors — 64KB.’

(tags: cassandra luks raid linux tuning ops blockdev disks sdd)

SpamAssassin 3.4.0 released

Good to see the guys cracking on without me ;) ‘2014-02-11: SpamAssassin 3.4.0 has been released adding native support for IPv6, improved DNS Blocklist technology and support for massively-scalable Bayesian filtering using the Redis backend.’

(tags: antispam open-source spamassassin apache)

193_Cellxion_Brochure_UGX Series 330

The Cellxion UGX Series 330 is a ‘transportable Dual GSM/Triple UMTS Firewall and Analysis Tool’ — ie. an IMSI catcher in a briefcase, capable of catching IMSI/IMEIs in 3G. It even supports configurable signal strength. Made in the UK

(tags: cellxion imsi-catchers imei surveillance gsocgate gsm 3g mobile-phones security spying)

Trousseau

‘an interesting approach to a common problem, that of securely passing secrets around an infrastructure. It uses GPG signed files under the hood and nicely integrates with both version control systems and S3.’ I like this as an approach to securely distributing secrets across a stack of services during deployment. Check in the file of keys, gpg keygen on the server, and add it to the keyfile’s ACL during deployment. To simplify, shared or pre-generated GPG keys could also be used. (via the Devops Weekly newsletter)

(tags: gpg encryption crypto secrets key-distribution pki devops deployment)

java – Why not use Double or Float to represent currency?

A good canonical URL for this piece of coding guidance.

For example, suppose you have $1.03 and you spend 42c. How much money do you have left? System.out.println(1.03 – .42); => prints out 0.6100000000000001.

(tags: coding tips floating-point float java money currency bugs)

“I’m Sorry for what I said when I was Hungry” tee-shirt

I can relate to this

(tags: tee-shirts apparel etsy hangry)

“IMSI Catcher” used in London

‘One case involved Julian Assange’s current home at the Ecuadorian Embassy in London, where visitors were surprised to receive welcome messages from a Ugandan telephone company. It turned out the messages were coming from a foreign base station device installed on the roof, masquerading as a cell tower for surveillance purposes. Appelbaum suspects the GCHQ simply forgot to reformat the device from an earlier Ugandan operation.’

(tags: surveillance nsa privacy imsi-catchers gchq london uganda mobile-phones julian-assange ecuador embassies)

The Spyware That Enables Mobile-Phone Snooping – Bloomberg

More background on IMSI catchers — looking likely to have been the “government-level technology” used to snoop on the Garda Ombudsman’s offices, particularly given the ‘detection of an unexpected UK 3G network near the GSOC offices’:

The technology involved is called cellular interception. The active variety of this, the “IMSI catcher,” is a portable device that masquerades as a mobile phone tower. Any phone within range (a mile for a low-grade IMSI catcher; as much as 100 miles for a passive interception device with a very large antenna, such as those used in India) automatically checks to see if the device is a tower operated by its carrier, and the false “tower” indicates that it is. It then logs the phone’s International Mobile Subscriber Identity number — and begins listening in on its calls, texts and data communications. No assistance from any wireless carrier is needed; the phone has been tricked. […] “network extender” devices — personal mobile-phone towers — sold by the carriers themselves, often called femtocells, can be turned into IMSI catchers.

(tags: via:tjmcintyre imsi-catchers surveillance privacy gsocgate mobile-phones spying imsi)

Git is not scalable with too many refs/*

Mailing list thread from 2011; git starts to keel over if you tag too much

(tags: git tags coding version-control bugs scaling refs)

Survey results of EU teens using the internet

A lot of unsupervised use:

Just under half of children said they access the internet from their own bedroom on a daily basis with 22pc saying they do so several times a day.

(tags: surveys eu ireland politics filtering internet social-media facebook children teens cyber-bullying)

Girls and Software

a pretty thought-provoking article from Linux Journal on women in computing, and how we’re doing it all wrong

(tags: feminism community programming coding women computing software society work linux-journal children teaching)

Why Mt. Gox is full of shit

leading Bitcoin exchange “Magic The Gatherine Online Exchange” turns out to suffer from crappy code, surprise:

why does Mt. Gox experience this issue? They run a custom Bitcoin daemon, with a custom implementation of the Bitcoin protocol. Their implementation, against all advice, does rely on the transaction ID, which makes this attack possible. They have actually been warned about it months ago by gmaxwell, and have apparently decided to ignore this warning. In other words, this is not a vulnerability in the Bitcoin protocol, but an implementation error in Mt. Gox’ custom Bitcoin software.

(tags: mtgox security bitcoin standards omgwtfbbq via:hn bitomat)

Death by Metadata

The side-effects of algorithmic false-positives get worse and worse.

What’s more, he adds, the NSA often locates drone targets by analyzing the activity of a SIM card, rather than the actual content of the calls. Based on his experience, he has come to believe that the drone program amounts to little more than death by unreliable metadata. “People get hung up that there’s a targeted list of people,” he says. “It’s really like we’re targeting a cell phone. We’re not going after people – we’re going after their phones, in the hopes that the person on the other end of that missile is the bad guy.”

(tags: false-positives glenn-greenwald drones nsa death-by-metadata us-politics terrorism sim-cards phones mobile-phones)

IBM’s creepy AI cyberstalking plans

‘let’s say that you tweet that you’ve gotten a job offer to move to San Francisco. Using IBM’s linguistic analysis technologies, your bank would analyze your Twitter feed and not only tailor services it could offer you ahead of the move–for example, helping you move your account to another branch, or offering you a loan for a new house — but also judge your psychological profile based upon the tone of your messages about the move, giving advice to your bank’s representatives about the best way to contact you.’

(tags: datamining ai ibm stupid-ideas creepy stalking twitter via:adamshostack)

“A reason to hang him”: how mass surveillance, secret courts, confirmation bias and the FBI can ruin your life – Boing Boing

This is bananas. Confirmation bias running amok.

Brandon Mayfield was a US Army veteran and an attorney in Portland, OR. After the 2004 Madrid train bombing, his fingerprint was partially matched to one belonging to one of the suspected bombers, but the match was a poor one. But by this point, the FBI was already convinced they had their man, so they rationalized away the non-matching elements of the print, and set in motion a train of events that led to Mayfield being jailed without charge; his home and office burgled by the FBI; his client-attorney privilege violated; his life upended.

(tags: confirmation-bias bias law brandon-mayfield terrorism fingerprints false-positives fbi scary)

A patent on ‘Birth of a Child By Centrifugal Force’

On November 9 1965, the Blonskys were granted US Patent 3,216,423, for an Apparatus for Facilitating the Birth of a Child by Centrifugal Force. The drawings, as well as the text, are a revelation. The Patent Office has them online at http://tinyurl.com/jd4ra and I urge you – if you have any shred of curiosity in your body – to look them up. For conceiving what appears to be the greatest labour-saving device ever invented, George and Charlotte Blonsky won the 1999 Ig Nobel Prize in the field of Managed Health Care.

(tags: via:christ crazy patents 1960s centrifuge birth medicine ignobels)

A Linguist Explains the Grammar of Doge. Wow.

In this sense, doge really is the next generation of LOLcat, in terms of a pet-based snapshot of a certain era in internet language. We’ve kept the idea that animals speak like an exaggerated version of an internet-savvy human, but as our definitions of what it means to be a human on the internet have changed, so too have the voices that we give our animals. Wow.

(tags: via:nelson language linguist doge memes internet english)

Big, Small, Hot or Cold – Your Data Needs a Robust Pipeline

‘(Examples [of big-data B-I crunching pipelines] from Stripe, Tapad, Etsy & Square)’

(tags: stripe tapad etsy square big-data analytics kafka impala hadoop hdfs parquet thrift)

Realtime water level data across Ireland

Some very nice Dygraph-based time-series graphs in here, along with open CSV data. Good job!

(tags: open-data water-levels time-series data rivers ireland csv)

The Gardai haven’t requested info on any Twitter accounts in the past 6 months

This seems to imply they haven’t been investigating any allegations of cyber-bullying/harassment from “anonymous” Twitter handles, despite having the legal standing to do so. Enforcement is needed, not new laws

(tags: cyber-bullying twitter social-media enforcement gardai policing harassment online society law government)

QuakeNet IRC Network- Article – PRESS RELEASE: IRC NETWORKS UNDER SYSTEMATIC ATTACK FROM GOVERNMENTS

QuakeNet are not happy about GCHQ’s DDoS attacks against them.

Yesterday we learned … that GCHQ, the British intelligence agency, are performing persistent social and technological attacks against IRC networks. These attacks are performed without informing the networks and are targeted at users associated with politically motivated movements such as “Anonymous”. While QuakeNet does not condone or endorse and actively forbids any illegal activity on its servers we encourage discussion on all topics including political and social commentary. It is apparent now that engaging in such topics with an opinion contrary to that of the intelligence agencies is sufficient to make people a target for monitoring, coercion and denial of access to communications platforms. The … documents depict GCHQ operatives engaging in social engineering of IRC users to entrap themselves by encouraging the target to leak details about their location as well as wholesale attacks on the IRC servers hosting the network. These attacks bring down the IRC network entirely affecting every user on the network as well as the company hosting the server. The collateral damage and numbers of innocent people and companies affected by these forms of attack can be huge and it is highly illegal in many jurisdictions including the UK under the Computer Misuse Act.

(tags: quakenet ddos security gchq irc anonymous)

PID controller

Good to know; this generic anti-flap damping algorithm has a name.

A proportional-integral-derivative controller (PID controller) is a generic control loop feedback mechanism (controller) widely used in industrial control systems. A PID controller calculates an “error” value as the difference between a measured process variable and a desired setpoint. The controller attempts to minimize the error by adjusting the process control outputs.

(tags: control damping flapping pid-controller industrial error algorithms)

German IT Industry Looks for Boom from Snowden Revelations – SPIEGEL ONLINE

This is a great idea — Neelie Kroes suggesting that there be a certification mark for EU companies who have top-of-the-line data protection practices.

(tags: data-protection privacy certification marks eu neelie-kroes)

GCHQ slide claiming that they DDoS’d anonymous’ IRC servers

Mikko Hypponen: “This makes British Government the only Western government known to have launched DDoS attacks.”

(tags: ddos history security gchq dos anonymous irc hacking)

RTE internal memo to unhappy staff re Pantigate

‘I want to reassure you that RTÉ explored every option available to it, including right of reply. Legal advice was sought and all avenues were explored, including an offer to make a donation to a neutral charity.’ And they folded. Notable lack of testicular fortitude by our national broadcaster.

(tags: fail rte leaks memos pantigate panti-bliss homophobia libel defamation ireland)

A looming breakthrough in indistinguishability obfuscation

‘The team’s obfuscator works by transforming a computer program into what Sahai calls a “multilinear jigsaw puzzle.” Each piece of the program gets obfuscated by mixing in random elements that are carefully chosen so that if you run the garbled program in the intended way, the randomness cancels out and the pieces fit together to compute the correct output. But if you try to do anything else with the program, the randomness makes each individual puzzle piece look meaningless. This obfuscation scheme is unbreakable, the team showed, provided that a certain newfangled problem about lattices is as hard to solve as the team thinks it is. Time will tell if this assumption is warranted, but the scheme has already resisted several attempts to crack it, and Sahai, Barak and Garg, together with Yael Tauman Kalai of Microsoft Research New England and Omer Paneth of Boston University, have proved that the most natural types of attacks on the system are guaranteed to fail. And the hard lattice problem, though new, is closely related to a family of hard problems that have stood up to testing and are used in practical encryption schemes.’ (via Tony Finch)

(tags: obfuscation cryptography via:fanf security hard-lattice-problem crypto science)

Little’s Law, Scalability and Fault Tolerance: The OS is your bottleneck. What you can do?

good blog post on Little’s Law, plugging quasar, pulsar, and comsat, 3 new open-source libs offering Erlang-like lightweight threads on the JVM

(tags: jvm java quasar pulsar comsat littles-law scalability async erlang)

Target Hackers Broke in Via HVAC Company

Avivah Litan, a fraud analyst with Gartner Inc., said that although the current PCI standard does not require organizations to maintain separate networks for payment and non-payment operations (page 7), it does require merchants to incorporate two-factor authentication for remote network access originating from outside the network by personnel and all third parties.

(tags: via:joe-feise hvac contractors fraud malware 2fa security networking payment pci)

Yahoo! moving EMEA operations to Dublin

Like many companies, the structure of Yahoo’s business is driven by the needs of the business. There are a number of factors which influence decisions about the locations in which the business operates. To encourage more collaboration and innovation, we’re increasing our headcount in Dublin, thus continuing to bring more Yahoos together in fewer locations. Dublin is already the European home to many of the world’s leading global technology brands and has been a home for Yahoo for over a decade already.

(tags: via:conoro yahoo emea dublin ireland jobs tech)

appear.in

zero-install, one-click video chat, using WebRTC. nifty

(tags: conference webrtc chat collaboration video google-chrome conferencing)

Opinion: How can we get over ‘Pantigate’?

The fact that RTÉ had agreed to pay damages (€80,000 in total, according to reports yesterday) to the ‘injured parties’, only came to light in an email from the [far-right Catholic lobby group Iona Institute] to its members last Tuesday. Given the ramifications of the decision to make any kind of payment – regardless of the amount – both for the TV licence payer and those who voice contrarian opinions, the lack of coverage in print media as soon as the Iona email came to light marked a low point for print journalism in Ireland. Aside from a lead story on the damages printed in this paper last Wednesday and ongoing debate online, the media has been glacially slow with commentary and even reportage of the affair. The debacle has untold ramifications for public life in this country. That many liberal commentators may now baulk at the opportunity to speak and write openly and honestly about homophobia is the most obvious issue here. Most worrying of all, however, is the question that with a referendum on the introduction of gay marriage on the horizon, how can we expect the national broadcaster to facilitate even-handed debate on the subject when they’ve already found themselves cowed before reaching the first hurdle?

(tags: homophobia politics ireland libel dissent lobbying defamation law gay-marriage iona-institute journalism newspapers)

Home · linkedin/rest.li Wiki

Rest.li is a REST+JSON framework for building robust, scalable service architectures using dynamic discovery and simple asynchronous APIs. Rest.li fills a niche for building RESTful service architectures at scale, offering a developer workflow for defining data and REST APIs that promotes uniform interfaces, consistent data modeling, type-safety, and compatibility checked API evolution.

(tags: voldemort d2 rest.li linkedin json rest http api frameworks java)

Hardened SSL Ciphers Using ELB and HAProxy

ELBs support the PROXY protocol

(tags: elb security proxying ssl tls https haproxy perfect-forward-secrecy aws ec2)

“A data scientist is a …”

“A data scientist is a statistician who lives in San Francisco” – slide from Monkigras this year. lols

(tags: data-scientist statistics statistician funny jokes san-francisco tech monkigras)

The Million Dollar Deal – YouTube

My mate Luke’s doc on the World Series of Poker — now online in full. it’s great.

A documentary about the World Series Of Poker in Las Vegas. Featuring Andrew Black, Donnacha O’Dea, Mike Magee, “Mad” Martyn Wilson, Mark Napolitano, Amarillo Slim, Scotty Nguyen, Dave “Devilfish” Ulliott & Matt Damon. Narrated by John Hurt. Directed by John Butler, Produced by Luke McManus

(tags: documentaries film poker world-series-of-poker mike-magee andrew-black donnacha-odea matt-damon)

How to invoke section 4 of the Data Protection Acts in Ireland

One wierd trick to get your personal data (in any format) from any random organisation, for only EUR6.35 and up to 40 days wait! Good to know.

Hospitals and doctors’ offices in Ireland will give a person their medical records if they ask for them. Mostly. Eventually. When they get to it. And, sometimes, if you pay them over €100 (for a large file). But, like so much else in the legal world, there is a set of magic words you can incant to place a 40 day deadline on the delivery of your papers and limit the cost to €6.35 — you invoke the Data Protection Acts data access request procedure.

(tags: data-protection privacy data-retention dpa-section-4 data ireland medical law dpa)

Save 10% on rymdkapsel on Steam

rymdkapsel is a game where you take command of a space station and its minions. You will have to plan your expansion and manage your resources to explore the galaxy.

(tags: steam games recommended space gaming)

Yammer Engineering – Resiliency at Yammer

Not content with adding Hystrix (circuit breakers, threadpooling, request time limiting, metrics, etc.) to their entire SOA stack, they’ve made it incredibly configurable by hooking in a web-based configuration UI, allowing dynamic on-the-fly reconfiguration by their ops guys of the circuit breakers and threadpools in production. Mad stuff

(tags: hystrix circuit-breakers resiliency yammer ops threadpools soa dynamic-configuration archaius netflix)

A network of ‘homes’, where children’s happiness was relentlessly destroyed

Stories of this sort will tumble out to the inquiry over the next 18 months, making it plain that the network of “homes” where children’s happiness had relentlessly, deliberately, systematically been destroyed, this archipelago of Catholic evil, had covered the entire island. These things should be kept in mind when next we hear it said that the social ills of today can be explained by reference to loss of faith in the traditional institutions of moral authority. This is the reverse of the truth and an insult to the victims of an unforgiveable sin.

(tags: horror care-homes politics catholicism religion ireland derry church abuse children)

Ukrainian police use cellphones to track protestors, court order shows

Protesters for weeks had suspected that the government was using location data from cellphones near the demonstration to pinpoint people for political profiling, and they received alarming confirmation when a court formally ordered a telephone company to hand over such data. […] Three cellphone companies — Kyivstar, MTS and Life — denied that they had provided the location data to the government or had sent the text messages. Kyivstar suggested that it was instead the work of a “pirate” cellphone tower set up in the area. In a ruling made public on Wednesday, a city court ordered Kyivstar to disclose to the police which cellphones were turned on during an antigovernment protest outside the courthouse on Jan. 10.

(tags: tech location-tracking tracking privacy ukraine cellphones mobile-phones civil-liberties)

Apache Curator

Netflix open-source library to make using ZooKeeper from Java less of a PITA. I really wish I’d used this now, having reimplemented some key parts of it after failures in prod ;)

(tags: zookeeper netflix apache curator java libraries open-source)

10 Things We Forgot to Monitor

a list of not-so-common outage causes which are easy to overlook; swap rate, NTP drift, SSL expiration, fork rate, etc.

(tags: nagios metrics ops monitoring systems ntp bitly)

Irish Company Locates Office in Ireland

Hot on the heels of Dropbox, AirBnB, Twitter, Facebook and many others, Irish online ticket sales company Tito are amongst the latest in a long series of companies choosing to locate their offices in Ireland. “It just seemed to make sense,” said founder Paul Campbell, talking about the decision making process that led him to set up shop in the capital, Dublin. “Dublin is great. There’s something really familiar about it that I can’t quite put my finger on.”

(tags: ireland jokes funny tito hq tech-companies dublin via:oisin)

Sugru Magnet Kit

Sugru + neodymium magnets = WANT

(tags: sugru diy tools magnets want toget bike hacks fixing)

Capabilities of Movements and Affordances of Digital Media: Paradoxes of Empowerment | DMLcentral

Paradoxically, it’s possible that the widespread use of digital tools facilitates capabilities in some domains, such as organization, logistics, and publicity, while simultaneously engendering hindrances to [political] movement impacts on other domains, including those related to policy and electoral spheres.

(tags: society politics activism tech internet gezi-park tahrir-square euromaidan occupy)

Hero Culture

Good description of the “hero coder” organisational antipattern.

Now imagine that most of the team is involved in fire-fighting. New recruits see the older recruits getting praised for their brave work in the line-of-fire and they want that kind of praise and reward too. Before long everyone is focused on putting out fires and it is no ones interest to step back and take on the risks that long-term DevOps-focused goals entail.

(tags: coding ops admin hero-coder hero-culture firefighting organisations teams culture)

Open-Sourcing Ssync: An Out-of-the-Box Distributed Rsync

a script to perform divide-and-conquer recursive rsync over SSH

(tags: recursion scripts rsync ssync ssh divide-and-conquer)

Improving compaction in Cassandra with cardinality estimation

nice use of HyperLogLog

(tags: hyperloglog hll algorithms cassandra bloom-filters sstables cardinality)

Extending graphite’s mileage

Ad company InMobi are using graphite heavily (albeit not as heavily as $work are), ran into the usual scaling issues, and chose to fix it in code by switching from a filesystem full of whisper files to a LevelDB per carbon-cache:

The carbon server is now able to run without breaking a sweat even when 500K metrics per minute is being pumped into it. This has been in production since late August 2013 in every datacenter that we operate from.

(tags: graphite scalability metrics leveldb storage inmobi whisper carbon open-source)

BBC News – Pair jailed over abusive tweets to feminist campaigner

When a producer from BBC Two’s Newsnight programme tracked Nimmo down after he had sent the abuse, the former call centre worker told him: “The police will do nothing, it’s only Twitter.”

(tags: bbc bullying social-media twitter society uk trolls trolling abuse feminism cyberbullying)

If You Used This Secure Webmail Site, the FBI Has Your Inbox

TorMail was a Tor-based webmail system, and apparently its drives have been imaged and seized by the FBI. More info on the Freedom Hosting seizure:

The connection, if any, between the FBI obtaining Freedom Hosting’s data and apparently launching the malware campaign through TorMail and the other sites isn’t spelled out in the new document. The bureau could have had the cooperation of the French hosting company that Marques leased his servers from. Or it might have set up its own Tor hidden services using the private keys obtained from the seizure, which would allow it to adopt the same .onion addresses used by the original sites. The French company also hasn’t been identified. But France’s largest hosting company, OVH, announced on July 29, in the middle of the FBI’s then-secret Freedom Hosting seizure, that it would no longer allow Tor software on its servers. A spokesman for the company says he can’t comment on specific cases, and declined to say whether Freedom Hosting was a customer. “Wherever the data center is located, we conduct our activities in conformity with applicable laws, and as a hosting company, we obey search warrants or disclosure orders,” OVH spokesman Benjamin Bongoat told WIRED. “This is all we can say as we usually don’t make any comments on hot topics.”

(tags: fbi freedom-hosting hosting tor tormail seizures ovh colo servers)

Sky parental controls break many JQuery-using websites

An 11 hour outage caused by a false positive in Sky’s anti-phishing filter; all sites using the code.jquery.com CDN for JQuery would have seen errors.

Sky still appears to be blocking code.jquery.com and all files served via the site, and more worryingly is that if you try to report the incorrect category, once signing in on the Sky website you an error page. We suspect the site was blocked due to being linked to by a properly malicious website, i.e. code.jquery.com and some javascript files were being used on a dodgy website and every domain mentioned was subsequently added to a block list.

(tags: via:fanf sky filtering internet uk anti-phishing phish jquery javascript http web fps false-positives)

Coders performing code reviews of scientific projects: pilot study

‘PLOS and Mozilla conducted a month-long pilot study in which professional developers performed code reviews on software associated with papers published in PLOS Computational Biology. While the developers felt the reviews were limited by (a) lack of familiarity with the domain and (b) lack of two-way contact with authors, the scientists appreciated the reviews, and both sides were enthusiastic about repeating the experiment. ‘ Actually sounds like it was more successful than this summary implies.

(tags: plos mozilla code-reviews coding science computational-biology biology studies)

Caught with our Pantis down

The views expressed by [the Iona Institute] – especially in relation to gay people – are very much at odds with the liberal secular society that Ireland has become. Indeed, Rory O’Neill suggested that the only time he experiences homophobia is online or at the hands of Iona and Waters. When they’re done with that, they can ask why Iona is given so much room in the media. In any other country in the world, an organisation as litigious as Iona would never be asked to participate in anything.

(tags: homophobia ireland john-waters iona-institute politics catholicism religion libel defamation rte the-irish-times)

Scotch Whiskey flavour wheels

mine’s a Smoky/Spicy/Medicinal, thanks

(tags: scotch whiskey whisky alcohol dataviz flavour)

Cassandra: tuning the JVM for read heavy workloads

The cluster we tuned is hosted on AWS and is comprised of 6 hi1.4xlarge EC2 instances, with 2 1TB SSDs raided together in a raid 0 configuration. The cluster’s dataset is growing steadily. At the time of this writing, our dataset is 341GB, up from less than 200GB a few months ago, and is growing by 2-3GB per day. The workload on this cluster is very read heavy, with quorum reads making up 99% of all operations.

(tags: java performance jvm scaling gc tuning cassandra ops)

Terms of Reference for the DCENR Internet Content Advisory Group

this is definitely one to send a consultation document response to

(tags: internet policing cyberbullying bullying antisocial free-speech governance children blocking filtering consultations dcenr)

Stupid Simple Things SF Techies Could Do To Stop Being Hated – Anil Dash

I’ve seen a lot of hand-wringing from techies in San Francisco and Silicon Valley saying “Why are we so hated?” now that there’s been a more vocal contingent of people being critical of their lack of civic responsibility. Is it true that corruption and NIMBYism have kept affordable housing from being built? Sure. Is it true that members of the tech industry do contribute tax dollars to the city? Absolutely. But does that mean techies have done enough? Nope.

(tags: anil-dash politics society san-francisco gentrification helping tech community housing)

Sux

Some basic succinct data structures. […] The main highlights are: a novel, broadword-based implementation of rank/select queries for up to 264 bits that is highly competitive with known 32-bit implementations on 64-bit architectures (additional space required is 25% for ranking and 12.5%-37.5% for selection); several Java structures using the Elias–Fano representation of monotone sequences for storing pointers, variable-length bit arrays, etc. Java code implementing minimal perfect hashing using around 2.68 bits per element (also using some broadword ideas); a few Java implementations of monotone minimal perfect hashing. Sux is free software distributed under the GNU Lesser General Public License.

(tags: sux succinct data-structures bits compression space coding)

Why sugar helped remove Victoria Line concrete flood

Sugar blocks concrete from setting. This I did not know

(tags: concrete london tube flooding sugar chemistry factoids)

Ukrainian government targeting protesters using threatening SMS messages

The government’s opponents said three recent actions had been intended to incite the more radical protesters and sow doubt in the minds of moderates: the passing of laws last week circumscribing the right of public assembly, the blocking of a protest march past the Parliament building on Sunday, and the sending of cellphone messages on Tuesday to people standing in the vicinity of the fighting that said, “Dear subscriber, you are registered as a participant in a mass disturbance.” [….] The phrasing of the message, about participating in a “mass disturbance,” echoed language in a new law making it a crime to participate in a protest deemed violent. The law took effect on Tuesday. And protesters were concerned that the government seemed to be using cutting-edge technology from the advertising industry to pinpoint people for political profiling. Three cellphone companies in Ukraine — Kyivstar, MTS and Life — denied that they had provided the location data to the government or had sent the text messages, the newspaper Ukrainskaya Pravda reported. Kyivstar suggested that it was instead the work of a “pirate” cellphone tower set up in the area.

(tags: targeting mobile-phones sms text-messaging via:tjmcintyre geotargeting protest ukraine privacy surveillance tech 1984)

UK porn filter blocks game update that contained ‘sex’ in URL

Staggeringly inept. The UK national porn filter blocks based on a regexp match of the URL against /.*sex.*/i — the good old “Scunthorpe problem”. Better, it returns a 404 response. This is also a good demonstration of how web filtering has unintended side effects, breaking third-party software updates with its false positives.

The update to online strategy game League of Legends was disrupted by the internet filter because the software attempted to access files that accidentally include the word “sex” in the middle of their file names. The block resulted in the update failing with “file not found” errors, which are usually created by missing files or broken updates on the part of the developers.

(tags: uk porn filtering guardian regular-expressions false-positives scunthorpe http web league-of-legends sex)

Register article on Amazon’s attitude to open source

This article is frequently on target; this secrecy (both around open source and publishing papers) was one of the reasons I left Amazon.

Of the sources with whom we spoke, many indicated that Amazon’s lack of participation was a key reason for why people left the company – or never joined at all. This is why Amazon’s strategy of maintaining secrecy may derail the e-retailer’s future if it struggles to hire the best talent. […] “In many cases in the big companies and all the small startups, your Github profile is your resume,” explained another former Amazonian. “When I look at developers that’s what I’m looking for, [but] they go to Amazon and that resume stops … It absolutely affects the quality of their hires.” “You had no portfolio you could share with the world,” said another insider on life after working at Amazon. “The argument this was necessary to attract talent and to retain talent completely fell on deaf ears.”

(tags: amazon recruitment secrecy open-source hiring work research conferences)

Chinese Internet Traffic Redirected to Small Wyoming House

‘That address — which is home to some 2,000 companies on paper — was the subject of a lengthy 2011 Reuters investigation that found that among the entities registered to the address were a shell company controlled by a jailed former Ukraine prime minister; the owner of a company charged with helping online poker operators evade an Internet gambling ban; and one entity that was banned from government contracts after selling counterfeit truck parts to the Pentagon.’

(tags: china internet great-firewall dns wyoming attacks security not-the-onion)

James Friend | PCE.js – Classic Mac OS in the Browser

This is a demo of PCE’s classic Macintosh emulation, running System 7.0.1 with MacPaint, MacDraw, and Kid Pix. If you want to try out more apps and games see this demo.

(tags: javascript browser emulation mac macos macpaint macdraw claris kid-pix history desktop pce)

likwid

‘Lightweight performance tools’.

Likwid stands for ‘Like I knew what I am doing’. This project contributes easy to use command line tools for Linux to support programmers in developing high performance multi-threaded programs. It contains the following tools: likwid-topology: Show the thread and cache topology likwid-perfctr: Measure hardware performance counters on Intel and AMD processors likwid-features: Show and Toggle hardware prefetch control bits on Intel Core 2 processors likwid-pin: Pin your threaded application without touching your code (supports pthreads, Intel OpenMP and gcc OpenMP) likwid-bench: Benchmarking framework allowing rapid prototyping of threaded assembly kernels likwid-mpirun: Script enabling simple and flexible pinning of MPI and MPI/threaded hybrid applications likwid-perfscope: Frontend for likwid-perfctr timeline mode. Allows live plotting of performance metrics. likwid-powermeter: Tool for accessing RAPL counters and query Turbo mode steps on Intel processor. likwid-memsweeper: Tool to cleanup ccNUMA memory domains.

(tags: via:kellabyte linux performance testing perf likwid threading multithreading multicore mpi numa)

Backblaze Blog » What Hard Drive Should I Buy?

Because Backblaze has a history of openness, many readers expected more details in my previous posts. They asked what drive models work best and which last the longest. Given our experience with over 25,000 drives, they asked which ones are good enough that we would buy them again. In this post, I’ll answer those questions.

(tags: backblaze backup hardware hdds storage disks ops via:fanf)

Safe cross-thread publication of a non-final variable in the JVM

Scary, but potentially useful in future, so worth bookmarking. By carefully orchestrating memory accesses using volatile and non-volatile fields, one can ensure that a non-volatile, non-synchronized field’s value is safely visible to all threads after that point due to JMM barrier semantics.

What you are looking to do is enforce a barrier between your initializing stores and your publishing store, without that publishing store being made to a volatile field. This can be done by using volatile access to other fields in the publication path, without using those variables in the later access paths to the published object.

(tags: volatile atomic java jvm gil-tene synchronization performance threading jmm memory-barriers)

Irish quango allegedly buys fake twitter followers

The Consumers Association of Ireland had a sudden jump from 300 to 3000 Twitter followers, mostly from Latin and South America — with more followers in Brazil than Ireland. They are now blaming “hacking”: http://www.independent.ie/irish-news/consumers-body-denies-buying-3000-twitter-fans-29931196.html

(tags: consumers quangos ireland politics twitter funny fake-followers latin-america south-america brazil social-media tech)

Big Red Kitchen on buying Irish honey

1. There is NO SUCH THING as “Organic Irish Honey” (due to EU directives making it impossible to certify); 2. In the absence of Organic the best thing you can look for is “Raw Irish honey” (which is of Irish origin, and not heated to very high temperatures, so it retains its antibacterial properties); 3. Blended honeys, or honeys which say EEC/Non EEC are NOT Irish, however they may be packed in Ireland; 4. Look for the NIHBS “Produced by Native Irish Honey Bees” or similar, for confirmation that the honey you are buying is indeed of Irish origin.

(tags: irish ireland honey buy-irish big-red-kitchen food organic-food)

More than 50% of Irish companies have “suffered a data breach” in 2013

The research, conducted among hundreds of Irish companies’ IT managers by the Irish Computer Society, reveals that 51 per cent of Irish firms have suffered a data breach over the last year, a jump on 43 per cent recorded in 2012.

(tags: hacking security ireland ics data-breaches)

Irish Internet Providers Roll Out KickassTorrents Blockade

The lucrative whack-a-mole business continues — mostly in response to High Court actions, although Eircom are just helping out. I bet a google for “kickass proxy” doesn’t return anything useful at all, of course….

(tags: kat kickasstorrents bittorrent piracy copyright high-court ireland eircom filtering blocking)

Internet Censors Came For TorrentFreak & Now I’m Really Mad

TF are not happy about Sky blocking their blog.

There can be little doubt that little by little, piece by piece, big corporations and governments are taking chunks out of the free Internet. Today they pretend that the control is in the hands of the people, but along the way they are prepared to mislead and misdirect, even when their errors are pointed out to them. I’m calling on Sky, Symantec, McAfee and other ISPs about to employ filtering to categorize this site correctly as a news site or blog and to please start listening to people’s legitimate complaints about other innocent sites. It serves nobody’s interests to wrongfully block legitimate information.

(tags: censorship isps uk sky torrentfreak piracy copyright filtering blocking symantec filesharing)

Harry – A Tool for Measuring String Similarity

a small tool for comparing strings and measuring their similarity. The tool supports several common distance and kernel functions for strings as well as some exotic similarity measures. The focus of Harry lies on implicit similarity measures, that is, comparison functions that do not give rise to an explicit vector space. Examples of such similarity measures are the Levenshtein distance and the Jaro-Winkler distance. For comparison Harry loads a set of strings from input, computes the specified similarity measure and writes a matrix of similarity values to output. The similarity measure can be computed based on the granularity of characters as well as words contained in the strings. The configuration of this process, such as the input format, the similarity measure and the output format, are specified in a configuration file and can be additionally refined using command-line options. Harry is implemented using OpenMP, such that the computation time for a set of strings scales linear with the number of available CPU cores. Moreover, efficient implementations of several similarity measures, effective caching of similarity values and low-overhead locking further speedup the computation.

(tags: via:kragen strings similarity levenshtein-distance algorithms openmp jaro-winkler edit-distance cli commandline hamming-distance compression)

deploy_to_runit

A nice node.js app to perform continuous deployment from a GitHub repo via its webhook support, from Matt Sergeant

(tags: github node.js runit deployment git continuous-deployment devops ops)

Tacos al Pastor

yummy-looking recipe from Lily at amexicancook.ie

(tags: tacos mexican-food food recipes meat tacos-al-pastor)

Succinct Data Structures: Cramming 80,000 words into a Javascript file

a succinctly-encoded trie — slow to encode, super-compact, but fast to look up

(tags: succinct-encoding tries coding performance compression data-structures algorithms)

Transport Minister planning to make hi-vis jackets mandatory for cyclists

The minister also spoke of a number of new transport initiatives, such  as mandatory use of high visibility jackets by cyclists.

(tags: cycling safety law ireland leo-varadkar)

The Malware That Duped Target Has Been Found

a Windows ‘RAM scraper’ trojan known as Trojan.POSRAM, which was used to attack the Windows-based point-of-sales systems which the POS terminals are connected to. part of an operation called Kaptoxa. ‘The code is based on a previous malicious tool known as BlackPOS that is believed to have been developed in 2013 in Russia, though the new variant was highly customized to prevent antivirus programs from detecting it’ … ‘The tool monitors memory address spaces used by specific programs, such as payment application programs like pos.exe and PosW32.exe that process the data embossed in the magnetic strip of credit and debit cards data. The tool grabs the data from memory.’ … ‘The siphoned data is stored on the system, and then every seven hours the malware checks the local time on the compromised system to see if it’s between the hours of 10 a.m. and 5 p.m. If so, it attempts to send the data over a temporary NetBIOS share to an internal host inside the compromised network so the attackers can then extract the data over an FTP … connection.’ http://www.pcworld.com/article/2088920/target-credit-card-data-was-sent-to-server-in-russia.html says the data was then transmitted to another US-based server, and from there relayed to Russia, and notes: ‘At the time of its discovery, Trojan.POSRAM “had a zero percent antivirus detection rate, which means that fully updated antivirus engines on fully patched computers could not identify the software as malicious,” iSight said.’ Massive AV fail.

(tags: kaptoxa trojans ram-scrapers trojan.posram posram point-of-sale security hacks target credit-cards pin ftp netbios smb)

Full iSight report on the Kaptoxa attack on Target

‘POS malware is becoming increasingly available to cyber criminals’ … ‘there is growing demand for [this kind of malware]’. Watch your credit cards…

(tags: debit-cards credit-cards security card-present attacks kaptoxa ram-scrapers trojans point-of-sale pos malware target)

The Target hack and PCI-DSS

Both Heartland Payment Systems and Hannaford Bros. were in fact certified PCI-compliant while the hackers were in their system. In August 2006, Wal-Mart was also certified PCI-compliant while unknown attackers were lurking on its network. […] “This PCI standard just ain’t working,” says Litan, the Gartner analyst. “I wouldn’t say it’s completely pointless. Because you can’t say security is a bad thing. But they’re trying to patch a really weak [and] insecure payment system [with it].”

(tags: ram-scrapers trojans pins pci-dss compliance security gartner walmart target)

ISPAI responds to TD Patrick O’Donovan’s bizarre comments regarding “open source browsers”

ISPAI is rather dismayed and somewhat confused by the recent press release issued by Deputy Patrick O’Donovan (FG). He appears to be asking the Oireachtas Communications Committee (of which he is a member) to investigate: “the matter of tougher controls on the use of open source internet browsers and payment systems”  which he claims “allow users to remain anonymous for illegal trade of drugs weapons and pornography.” Deputy O’Donovan would do well to ask the advice of industry experts on these matters given that legislating to curtail the use of such legitimate software or services, which may be misused by some, is neither practical nor logical. Whether or not a browser is open source bears no relevance to its ability to be the subject of anonymous use. Indeed, Deputy O’Donovan must surely be confusing and conflating different technical concepts? In tracing illegal activities, Law Enforcement Agencies and co-operating parties will use IP addresses – users’ choice of browser has little relevance to an investigation of criminal activity. Equally, it may be that the Deputy is uncomfortable with the concept of electronic payment systems but these underpin the digital economy which is bringing enormous benefit to Ireland. Yes, these may be misused by criminals but so are cash and traditional banking services. Restricting the growth of innovative financial services is not the solution to tackling cyber criminals who might be operating what he describes as “online supermarkets for illegal goods.” Tackling international cybercrime requires more specialist Law Enforcement resources at national level and improved international police cooperation supported by revision of EU legislation relating to obtaining server log evidence existing in other jurisdictions.

(tags: ispai open-source patrick-o-donovan fine-gael press-releases tor darknet crime)

Dr. Bunsen / Time Warp

I use it to modify Time Machine’s backup behavior using weighted reservoir sampling. I built Time Warp to preserve important backup snapshots and prevent Time Machine from deleting them.

(tags: backup python time-machine decay exponential-decay weighting algorithms snapshots ops)

Nominet now filtering .uk domain registrations for ‘sex-crime content’

Amazing. Massive nanny-stateism of the ‘something must be done’ variety, with a 100% false-alarm hit rate, and it’s now policy.

‘Nominet have made a decision, based on a report by Lord Macdonald QC, that recommends that they check any domain registration that signals sex crime content or is in itself a sex crime. This is screening of domains within 48 hours of registration, and de-registration. The report says that such domains should be reported to the police.’ [….] ‘The report itself states […] that in 2013 Nominet checked domains for key words used by the IWF, and as a result reported tens of thousands of domains to IWF for checking, all of which were false positives. Not one was, in fact, related to child sex abuse.’

(tags: filtering nominet false-positives nanny-state uk sex-crimes false-alarms domains iwf)

Tuning advice for HTTPS for nginx and HAProxy

from Ilya Grigorik. nginx version here: http://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte/

(tags: https http performance nginx haproxy speed)

Branchless hex-to-decimal conversion hack

via @simonebordet, on the mechanical-sympathy list: ((c & 0x1F) + ((c >> 6) * 0x19) – 0x10)

(tags: hacks one-liners coding performance optimization hex conversion numbers ascii)

A sampling profiler for your daily browsing – Google Groups

via Ilya Grigorik: Chrome Canary now has a built-in, always-on, zero-overhead code profiler. I want this in my server-side JVMs!

(tags: chrome tracing debugging performance profiling google sampling-profiler javascript blink v8)

How to Store Coffee Beans

from tonx. Good advice

(tags: coffee storage freezing beans food tonx)

Docracy

‘The web’s only open collection of legal contracts and the best way to negotiate and sign documents online’. (via Kowalshki)

(tags: via:kowalshki business documents legal law contracts)

How an emulator-fueled robot reprogrammed Super Mario World on the fly

Suffice it to say that the first minute-and-a-half or so of this [speedrun] is merely an effort to spawn a specific set of sprites into the game’s Object Attribute Memory (OAM) buffer in a specific order. The TAS runner then uses a stun glitch to spawn an unused sprite into the game, which in turn causes the system to treat the sprites in that OAM buffer as raw executable code. In this case, that code has been arranged to jump to the memory location for controller data, in essence letting the user insert whatever executable program he or she wants into memory by converting the binary data for precisely ordered button presses into assembly code (interestingly, this data is entered more quickly by simulating the inputs of eight controllers plugged in through simulated multitaps on each controller port).

(tags: games hacking omgwtfbbq hacks buffer-overrun super-mario snes security)

Nassim Taleb: retire Standard Deviation

Use the mean absolute deviation […] it corresponds to “real life” much better than the first—and to reality. In fact, whenever people make decisions after being supplied with the standard deviation number, they act as if it were the expected mean deviation.’ Graydon Hoare in turn recommends the median absolute deviation. I prefer percentiles, anyway ;)

(tags: statistics standard-deviation stddev maths nassim-taleb deviation volatility rmse distributions)

Mathematical Purity in Distributed Systems: CRDTs Without Fear

Via Tony Finch. Funnily enough, the example describes Swrve: mobile game analytics, backed by a CRDT-based eventually consistent data store ;)

(tags: storage crdts semilattice idempotency commutativity data-structures distcomp eventual-consistency)

How to Name a Baby

some good data (and graphs) on baby names (via Ruth)

(tags: via:ruth babies naming graphs dataviz data usa names)

Operation War Diary

Crowdsourcing transcription of some WWI artifacts: ‘The story of the British Army on the Western Front during the First World War is waiting to be discovered in 1.5 million pages of unit war diaries. We need your help to reveal the stories of those who fought in the global conflict that shaped the world we live in today.’ (via Luke)

(tags: via:luke war history war-diaries wwi uk britain)

Map of Steamship Routes of the World, 1914

massive image. very cool (via burritojustice)

(tags: maps desktop images steamships shipping history 1914 travel world)

Google Fonts recently switched to using Zopfli

Google Fonts recently switched to using new Zopfli compression algorithm:  the fonts are ~6% smaller on average, and in some cases up to 15% smaller! […] What’s Zopfli? It’s an algorithm that was developed by the compression team at Google that delivers ~3~8% bytesize improvement when compared to gzip with maximum compression. This byte savings comes at a cost of much higher encoding cost, but the good news is, fonts are static files and decompression speed is exactly the same. Google Fonts pays the compression cost once and every clients gets the benefit of smaller download. If you’re curious to learn more about Zopfli: http://bit.ly/Y8DEL4

(tags: zopfli compression gzip fonts google speed optimization)

“Understanding the Robustness of SSDs under Power Fault”, FAST ’13 [paper]

Horrific. SSDs (including “enterprise-class storage”) storing sync’d writes in volatile RAM while claiming they were synced; one device losing 72.6GB, 30% of its data, after 8 injected power faults; and all SSDs tested displayed serious errors including random bit errors, metadata corruption, serialization errors and shorn writes. Don’t trust lone unreplicated, unbacked-up SSDs!

(tags: pdf papers ssd storage reliability safety hardware ops usenix serialization shorn-writes bit-errors corruption fsync)

Irish politician calls for ban on “open source browsers”

‘Fine Gael TD for Limerick, Patrick O’Donovan has called for tougher controls on the use of open source internet browsers and payment systems which allow users to remain anonymous in the illegal trade of drugs, weapons and pornography.’ Amazing. Yes, this is real.

(tags: open-source clueless omgwtfbbq fine-gael ireland fail funny tor inept)

Little-known Apollo 10 incident

‘Apollo 10 had a little known incident in flight as evidenced by this transcript.’ http://pic.twitter.com/NCZy7OdxDU

(tags: poo turds space spaceflight funny history apollo-10 apollo accidents)

Finite State Entropy coding

As can be guessed, the higher the compression ratio, the more efficient FSE becomes compared to Huffman, since Huffman can’t break the “1 bit per symbol” limit. FSE speed is also very stable, under all probabilities. I’m quite please with the result, especially considering that, since the invention of arithmetic coding in the 70’s, nothing really new has been brought to this field. This is still beta stuff, so please consider this first release for testing purposes mostly.

(tags: compression algorithms via:kragen fse finite-state-entropy-coding huffman arithmetic-coding)

DropBox outage post-mortem

A bug in a scheduled OS upgrade script caused live production DB servers to be upgraded while live. Fixes include fixing that script by verifying non-liveness on the host itself, and a faster parallel MySQL binary-log recovery command.

(tags: dropbox outage postmortems upgrades mysql)

Creative Commons event in Dublin this Friday

‘Maximising Digital Creativity, Sharing and Innovation’, Event organised by Creative Commons Ireland and Faculty of Law, University College Cork, Lecture Theatre, National Gallery of Ireland, Clare Street entrance, Dublin 2, Friday 17 January 2014, 9.45 a.m. to 1 p.m. (via Darius Whelan)

(tags: creative-commons ireland dublin events talks law copyright)

Growing up unvaccinated: A healthy lifestyle couldn’t prevent many childhood illnesses.

I understand, to a point, where the anti-vaccine parents are coming from. Back in the ’90s, when I was a concerned, 19-year-old mother, frightened by the world I was bringing my child into, I was studying homeopathy, herbalism, and aromatherapy; I believed in angels, witchcraft, clairvoyants, crop circles, aliens at Nazca, giant ginger mariners spreading their knowledge to the Aztecs, the Incas, and the Egyptians, and that I was somehow personally blessed by the Holy Spirit with healing abilities. I was having my aura read at a hefty price and filtering the fluoride out of my water. I was choosing to have past life regressions instead of taking antidepressants. I was taking my daily advice from tarot cards. I grew all my own veg and made my own herbal remedies. I was so freaking crunchy that I literally crumbled. It was only when I took control of those paranoid thoughts and fears about the world around me and became an objective critical thinker that I got well. It was when I stopped taking sugar pills for everything and started seeing medical professionals that I began to thrive physically and mentally.

(tags: health medicine science vaccination disease slate)

Life on Mars: Irish man signs up for colony mission

Last week, a private space exploration company called Mars One announced that it has shortlisted 1,058 people from 200,000 applicants who wanted to travel to Mars. Roche is the only Irishman on the list. The catch? If he goes, he can never come back.

(tags: science-gallery dublin ireland mars-one mars one-way-trips exploration future space science joseph-roche)

UK NHS will soon require GPs pass confidential medical data to third parties

Specifically, unanonymised, confidential, patient-identifying data, for purposes of “admin, healthcare planning, and research”, to be held indefinitely, via the HSCIC. Opt-outs may be requested, however

(tags: opt-out privacy medical data healthcare nhs uk data-privacy data-protection)

Fuck Yeah Internet Fridge

‘why the fuck does my fridge need Twitter?’

(tags: twitter funny tech home fridges internet web appliances consume)

Visualisation of the Raft distributed consensus protocol

Very pretty

(tags: consensus raft visualization distributed distcomp algorithms)

Directv DCA2SR0 01 Deca II Connected Home Adapter

a John-Looney-recommended MoCA adapter, allowing legacy coax home wiring to be used to transmit ethernet

(tags: ethernet coax legacy wiring home-networking moca directv)

Bruce Schneier and Matt Blaze on TAO’s Methods

An important point:

As scarily impressive as [NSA’s TAO] implant catalog is, it’s targeted. We can argue about how it should be targeted — who counts as a “bad guy” and who doesn’t — but it’s much better than the NSA’s collecting cell phone location data on everyone on the planet. The more we can deny the NSA the ability to do broad wholesale surveillance on everyone, and force them to do targeted surveillance in individuals and organizations, the safer we all are.

(tags: nsa tao security matt-blaze bruce-schneier surveillance tempest)

How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer

An excellent description of how the Dual_EC_DRBG backdoor works

(tags: surveillance tech dual_ec_drbg nsa rsa security backdoors via:jgc elliptic-curves)

Who Made That Nigerian Scam? – NYTimes.com

The history behind the 419 advance-fee fraud scam.

According to Robert Whitaker, a historian at the University of Texas, an earlier version of the con, known as the Spanish Swindle or the Spanish Prisoner trick, plagued Britain throughout the 19th century.

(tags: nigerian-scam 419 aff scams spam fraud history)

True facts about Ocean Radiation and the Fukushima Disaster

solid science

(tags: fukushima japan radiation risk ocean disasters sieverts contamination sea fish science)

Packet Flight: Facebook News Feed @8X

good dataviz of a HTTP page load: ‘this is a visualization of a Facebook News Feed load from the perspective of the client, over a 3G wireless connection. Different packet types have different shapes and colors.’ (via John Harrington)

(tags: via:johnharrington visualization facebook dataviz networking tcp 3g)

URGENT: Input needed on EU copyright consultation – Boing Boing

The EC is looking for feedback — but not much, and pretty sharpish.

Go to www.copywrongs.eu and answer the questions which are important to you. You do not have to answer all the questions, only the ones that matter to you. […] The deadline is 5 February 2014. Until then, we should provide the European Commission with as many responses as possible!

(tags: ec eu copyright law europe boing-boing reform)

Peter Norvig writes a program to play regex golf with arbitrary lists

In response to XKCD 1313. This is excellent. It’s reminiscent of my SpamAssassin SOUGHT-ruleset regexp-discovery algorithm, described in http://taint.org/2007/03/05/134447a.html , albeit without the BLAST step intended to maximise pattern length and minimise false positives

(tags: python regex xkcd blast rule-discovery spamassassin rules regexps regular-expressions algorithms peter-norvig)