10 Things You Should Know About AWS
Some decent tips in here, mainly EC2-focussed
Tracing Brazil’s Guy Fawkes Masks
really fascinating, from Ethan Zuckerman:
The photo of workers making Guy Fawkes masks is something of a Rorschach test. If you’re primed to see the exploitative nature of global capitalism when you see people making a plastic mask, it’s there in the image. if you’re looking for the global spread of a protest movement, it’s there too, with a Brazilian factory making a local knock-off of a global icon to cash in on a national protest. Because the internet is a copying machine, it’s very bad at context. It’s easier to encounter the image of masks being manufactured devoid of accompanying details than it is to find the story behind the images. And given our tendency to ignore information in languages we don’t read, it’s easy to see how the masks come detached from their accompanying story. For me, the image is more powerful with context behind it. It’s possible to reflect on the irony of a Hollywood prop becoming an activist trope, the tensions between mass-production and anonymity and the individuality of one’s identity and grievance, the tensions between local and global, Warner Bros and Condal, intellectual property and piracy, all in the same image.
(tags: anonymous globalization manufacturing piracy knock-offs brazil ethan-zuckerman global local hollywood capitalism)
ReCreate Ireland – Creativity through Reuse
Great idea.
For creative groups, we aim to offer easy access to a rich and varied selection of textures, colours and shapes. Members are also be able to participate in creativity workshops facilitated by fully trained professional artists either in-house or on your own premises. We intend to be the first choice of teachers, early childhood educators and arts animators in the community. For businesses, ReCreate reduces the costs of moving on end-of-line materials. We are a professional, credible and reliable partner organisation and our aim is to divert approximately 115 metric tonnes of clean materials from landfill annually. All collections are free of charge.
(tags: recreate diy make-and-do recycling landfill art play scrap)
3D-Print Your Own 20-Million-Year-Old Fossils
When I get my hands on a 3-D printer, this will be high up my list of things to fabricate: a replica of a 20-million year old hominid skull.
With over 40 digitized fossils in their collection, you can explore 3D renders of fossils representing prehistoric animals, human ancestors, and even ancient tools. Captured using Autodesk software, an SLR camera, and often the original specimen (rather than a cast replica), these renderings bring us closer than most will ever get to holding ancient artifacts. And if you’ve got an additive manufacturing device at your disposal, you can even download Sketchfab plans to generate your own.
(tags: 3d-printing fossils africa history hominids replication fabrication sketchfab)
-
‘A Tiny Seasonal Department Store’, featuring the amazing cakes of Wildflour Bakery among others, at 5 Dame Lane, D2.
The tiny department store will be a wonderful seasonal gathering of Makers & Brothers favourite local and international brands. The Others in this project are a carefully considered bunch of partners from the worlds of flowers, food, fashion, beauty, homeware, gifts and more. Makers & Brothers & Others, the tiny department store, promises to be a unique, exciting and engaging retail environment. A place to explore, a seasonal store alive with wonder and served by experts. Kindly hosted by the Fumbally Exchange.
(tags: dublin shopping food cakes wildflour-bakery makers-and-brothers xmas)
Justin's Linklog Posts
Modernising (Irish) Copyright Katseries #2: linking & marshalling as exceptions
Good commentary on the recent CRC report’s recommendations. See also http://ipkitten.blogspot.ie/2013/10/modernising-irish-copyright-katseries-1.html
“The Top 6 Reasons This Infographic Is Just Wrong Enough To Sound Convincing”
+1 to all of this, but especially #5 (polar area diagrams).
(tags: diagrams infographics infoviz visualisation data fail statistics)
Presto: Interacting with petabytes of data at Facebook
Presto has become a major interactive system for the company’s data warehouse. It is deployed in multiple geographical regions and we have successfully scaled a single cluster to 1,000 nodes. The system is actively used by over a thousand employees,who run more than 30,000 queries processing one petabyte daily. Presto is 10x better than Hive/MapReduce in terms of CPU efficiency and latency for most queries at Facebook. It currently supports a large subset of ANSI SQL, including joins, left/right outer joins, subqueries,and most of the common aggregate and scalar functions, including approximate distinct counts (using HyperLogLog) and approximate percentiles (based on quantile digest). The main restrictions at this stage are a size limitation on the join tables and cardinality of unique keys/groups. The system also lacks the ability to write output data back to tables (currently query results are streamed to the client).
(tags: facebook hadoop hdfs open-source java sql hive map-reduce querying olap)
Herbal supplements are often ‘rice and weeds’
DNA tests show that many pills labeled as healing herbs are little more than powdered rice and weeds. […] Among their findings were bottles of echinacea supplements, used by millions of Americans to prevent and treat colds, that contained ground up bitter weed, Parthenium hysterophorus, an invasive plant found in India and Australia that has been linked to rashes, nausea and flatulence.
(tags: herbal-remedies scams quality medicine dna testing fillers allergies st-johns-wort echinacea)
Scryer: Netflix’s Predictive Auto Scaling Engine
Scryer is a new system that allows us to provision the right number of AWS instances needed to handle the traffic of our customers. But Scryer is different from Amazon Auto Scaling (AAS), which reacts to real-time metrics and adjusts instance counts accordingly. Rather, Scryer predicts what the needs will be prior to the time of need and provisions the instances based on those predictions.
(tags: scaling infrastructure aws ec2 netflix scryer auto-scaling aas metrics prediction spikes)
Your Assignment for Today: Chew Gum
We have known about [the dental health benefits of xylitol in chewing gum] for a surprisingly long time. In the 1980s, a high-quality, randomized trial in Finland found that children who chewed xylitol-sweetened gum had as much as 60 percent fewer cavities compared with children who didn’t. A 1989-93 randomized study of children around age 10 in Belize showed an even greater benefit; chewing xylitol-sweetened gum decreased the risk of cavities by up to 70 percent, and a follow-up study showed that the benefit lasted for up to five years.
(tags: xylitol via:eoin health dentist teeth chewing-gum snacks medicine)
Mike Hearn – Google+ – The packet capture shown in these new NSA slides shows…
The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login.
This kind of confirms my theory that the majority of interesting traffic for the NSA/GCHQ MUSCULAR sniffing system would have been inter-DC replication. Was, since it sounds like that stuff’s all changing now to use end-to-end crypto…(tags: google crypto security muscular nsa gchq mike-hearn replication sniffing spying surveillance)
-
‘This article will use NettoSphere, a framework build on top of the popular Netty Framework and Atmosphere with support of WebSockets, Server Side Events and Long-Polling. NettoSphere allows [async JVM framework] Atmosphere’s applications to run on top of the Netty Framework.’
(tags: atmosphere netty async java scala websockets sse long-polling http demos games)
Pushing to 100,000 API clients simultaneously
This looks really nice — it’s quite similar to something I was hacking on a while back. Only problem is that it’s AGPL-licensed… ‘Pushpin makes it easy to create HTTP long-polling and streaming services using any web stack as the backend. It’s compatible with any framework, whether Django, Rails, ASP, or even PHP. Pushpin works as a reverse proxy, sitting in front of your server application and managing all of the open client connections.’
(tags: pushpin opensource agpl http long-polling reverse-proxy architecture callbacks)
European ruling raises questions over liability and online comment
‘A recent ruling by the European Court of Human Rights (ECHR) has called into question […] the liability of media organisations for online comment.’ Delfi, a news website in Estonia, found liable for a user’s comments by the ECHR
(tags: echr comments news web law regulation estonia delfi liability slander defamation)
Why Every Company Needs A DevOps Team Now – Feld Thoughts
Bookmarking particularly for the 3 “favourite DevOps patterns”:
“Make sure we have environments available early in the Development process”; enforce a policy that the code and environment are tested together, even at the earliest stages of the project; “Wake up developers up at 2 a.m. when they break things”; and “Create reusable deployment procedures”.
(tags: devops work ops deployment testing pager-duty)
There is NO spare capacity for Dublin’s water supply
The problem in a nutshell is that for an uncomfortable amount of the year the demand outstrips what the system can comfortably supply. In the graph below you’ll see the red line (demand for water) matches and regularly exceeds the blue line (what’s produced).
(tags: drought water dublin mismanagement capacity dcc dublin-council graphs)
-
Circa 1800, the Cocktail was a “hair of the dog” morning drink that tamed spirits with water, sugar and bitters (patent medicine). The late 19th Century expanded the use of the word “cocktail” to encompass just about any mixed drink. Since then, the Old Fashioned—literally, the old-fashioned way of making a cocktail—has been our contemporary expression of the original drink. During the 20th Century, various bad ideas encrusted the Old Fashioned. Here we will strip off those barnacles to expose the amazingly simple and sublime drink beneath.
thanks to Ben for this one…(tags: recipe alcohol drinks cocktails old-fashioned bourbon bitters)
-
“We assess that Miranda is knowingly carrying material […] the disclosure or threat of disclosure is designed to influence a government, and is made for the purpose of promoting a political or ideological cause. This therefore falls within the definition of terrorism.”
(tags: security david-miranda journalism censorship terrorism the-guardian)
A Brief Tour of FLP Impossibility
One of the most important results in distributed systems theory was published in April 1985 by Fischer, Lynch and Patterson. Their short paper ‘Impossibility of Distributed Consensus with One Faulty Process’, which eventually won the Dijkstra award given to the most influential papers in distributed computing, definitively placed an upper bound on what it is possible to achieve with distributed processes in an asynchronous environment. This particular result, known as the ‘FLP result’, settled a dispute that had been ongoing in distributed systems for the previous five to ten years. The problem of consensus – that is, getting a distributed network of processors to agree on a common value – was known to be solvable in a synchronous setting, where processes could proceed in simultaneous steps. In particular, the synchronous solution was resilient to faults, where processors crash and take no further part in the computation. Informally, synchronous models allow failures to be detected by waiting one entire step length for a reply from a processor, and presuming that it has crashed if no reply is received. This kind of failure detection is impossible in an asynchronous setting, where there are no bounds on the amount of time a processor might take to complete its work and then respond with a message. Therefore it’s not possible to say whether a processor has crashed or is simply taking a long time to respond. The FLP result shows that in an asynchronous setting, where only one processor might crash, there is no distributed algorithm that solves the consensus problem.
(tags: distributed-systems flp consensus-algorithms algorithms distcomp papers proofs)
Find a separating hyperplane with this One Weird Kernel Trick
Terrible internet ad-spam recast as machine-learning spam
’37-year-old patriot discovers “weird” trick to end slavery to the Bayesian monopoly. Discover the underground trick she used to slash her empirical risk by 75% in less than 30 days… before they shut her down. Click here to watch the shocking video! Get the Shocking Free Report!’
(tags: funny via:hmason machine-learning spam wtf svms bayesian)
It’s time for Silicon Valley to ask: Is it worth it?
These companies and their technologies are built on data, and the data is us. If we are to have any faith in the Internet, we have to trust them to protect it. That’s a relationship dynamic that will become only more intertwined as the Internet finds its way into more aspects of our daily existences, from phones that talk to us to cars that drive themselves. The US’s surveillance programs threaten to destroy that trust permanently. America’s tech companies must stand up to this pervasive and corrosive surveillance system. They must ask that difficult question: “Is it worth it?”
(tags: silicon-valley tech nsa gchq spying surveillance internet privacy data-protection)
-
‘a service discovery and orchestration tool that is decentralized, highly available, and fault tolerant. Serf runs on every major platform: Linux, Mac OS X, and Windows. It is extremely lightweight: it uses 5 to 10 MB of resident memory and primarily communicates using infrequent UDP messages [and an] efficient gossip protocol.’
(tags: clustering service-discovery ops linux gossip broadcast clusters)
“Effective Computation of Biased Quantiles over Data Streams” [paper]
Skew is prevalent in many data sources such as IP traffic streams.To continually summarize the distribution of such data, a high-biased set of quantiles (e.g., 50th, 90th and 99th percentiles) with finer error guarantees at higher ranks (e.g., errors of 5, 1 and 0.1 percent, respectively) is more useful than uniformly distributed quantiles (e.g., 25th, 50th and 75th percentiles) with uniform error guarantees. In this paper, we address the following two prob-lems. First, can we compute quantiles with finer error guarantees for the higher ranks of the data distribution effectively, using less space and computation time than computing all quantiles uniformly at the finest error? Second, if specific quantiles and their error bounds are requested a priori, can the necessary space usage and computation time be reduced? We answer both questions in the affirmative by formalizing them as the “high-biased” quantiles and the “targeted” quantiles problems, respectively, and presenting algorithms with provable guarantees, that perform significantly better than previously known solutions for these problems. We implemented our algorithms in the Gigascope data stream management system, and evaluated alternate approaches for maintaining the relevant summary structures.Our experimental results on real and synthetic IP data streams complement our theoretical analyses, and highlight the importance of lightweight, non-blocking implementations when maintaining summary structures over high-speed data streams.
Implemented as a timer-histogram storage system in http://armon.github.io/statsite/ .
(tags: statistics quantiles percentiles stream-processing skew papers histograms latency algorithms)
-
A C reimplementation of Etsy’s statsd, with some interesting memory optimizations.
Statsite is designed to be both highly performant, and very flexible. To achieve this, it implements the stats collection and aggregation in pure C, using libev to be extremely fast. This allows it to handle hundreds of connections, and millions of metrics. After each flush interval expires, statsite performs a fork/exec to start a new stream handler invoking a specified application. Statsite then streams the aggregated metrics over stdin to the application, which is free to handle the metrics as it sees fit. This allows statsite to aggregate metrics and then ship metrics to any number of sinks (Graphite, SQL databases, etc). There is an included Python script that ships metrics to graphite.
(tags: statsd graphite statsite performance statistics service-metrics metrics ops)
34 Irish pubs listed in Michelin good food guide
if Linnane’s and Cronin’s are anything to go by, these will be worth a visit
-
A fax machine called my #twilio voice number, this is how @twilio transcribed it…. http://pic.twitter.com/RYh19Pg2pG
This is amazing. Machine talking to machine, with hilarious results(tags: twilio transcription machine audio fax hey-hey-hey you-know-its-hey funny)
-
Founded by Silent Circle and Lavabit. this is promising….
To bring the world our unique end-to-end encrypted protocol and architecture that is the ‘next-generation’ of private and secure email. As founding partners of The Dark Mail Alliance, both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and jointly work to proliferate the worlds first end-to-end encrypted ‘Email 3.0’ throughout the world’s email providers. Our goal is to open source the protocol and architecture and help others implement this new technology to address privacy concerns against surveillance and back door threats of any kind.
(tags: privacy surveillance email smtp silent-circle lavabit dark-mail open-source standards crypto)
Ponies by Kij Johnson | Tor.com
A rather dark short story about little girls, peer pressure, and childhood. no fun for this dad of 3 girls :( (via Tatu Saloranta)
(tags: via:cowtowncoder writing fiction sf childhood peer-pressure tor ponies)
-
A Histogram that supports recording and analyzing sampled data value counts across a configurable integer value range with configurable value precision within the range. Value precision is expressed as the number of significant digits in the value recording, and provides control over value quantization behavior across the value range and the subsequent value resolution at any given level.
(tags: hdr histogram data-structures coding gil-tene sampling measuring)
Counterfactual Thinking, Rules, and The Knight Capital Accident
John Allspaw with an interesting post on the Knight Capital disaster
(tags: john-allspaw ops safety post-mortems engineering procedures)
Toyota’s killer firmware: Bad design and its consequences
This is exactly what you do NOT want to read about embedded systems controlling acceleration in your car:
The Camry electronic throttle control system code was found to have 11,000 global variables. Barr described the code as “spaghetti.” Using the Cyclomatic Complexity metric, 67 functions were rated untestable (meaning they scored more than 50). The throttle angle function scored more than 100 (unmaintainable). Toyota loosely followed the widely adopted MISRA-C coding rules but Barr’s group found 80,000 rule violations. Toyota’s own internal standards make use of only 11 MISRA-C rules, and five of those were violated in the actual code. MISRA-C:1998, in effect when the code was originally written, has 93 required and 34 advisory rules. Toyota nailed six of them. Barr also discovered inadequate and untracked peer code reviews and the absence of any bug-tracking system at Toyota.
On top of this, there was no error-correcting RAM in use; stack-killing recursive code; a quoted 94% stack usage; risks of unintentional RTOS task shutdown; buffer overflows; unsafe casting; race conditions; unchecked error code return values; and a trivial watchdog timer check. Crappy, unsafe coding.(tags: firmware horror embedded-systems toyota camry safety acceleration misra-c coding code-verification spaghetti-code cyclomatic-complexity realtime rtos c code-reviews bug-tracking quality)
-
The sounds were not, however, caused by ghosts but by a group of three or four men at least to some degree professionally trained, the FBI now believes, in tunneling: a close-knit and highly disciplined team, perhaps from the construction industry, perhaps even a disgruntled public works crew who decided to put their knowledge of the city’s underside to more lucrative work. After all, Rehder explained, their route into the bank was as much brute-force excavation as it was a retracing of the region’s buried waterways, accessing the neighborhood by way of the city’s complicated storm-sewer network, itself built along old creek beds that no longer appear on city maps. As LAPD lieutenant Doug Collisson, one of the men present on the day of the tunnel’s discovery, explained to the Los Angeles Times back in 1987, the crew behind the burglary “would have had to require some knowledge of soil composition and technical engineering. … The way the shaft itself was constructed, it was obviously well-researched and extremely sophisticated.” Rehder actually goes further, remarking that when Detective Dennis Pagenkopp “showed crime scene photos of the core bit holes” produced by the burglars’ boring upward into the vault “to guys who were in the concrete-coring business, they whistled with professional admiration.”
(tags: cities crime architecture digging tunnels subterranean la lapd banks via:bldgblog sewers)
Link without fear – Copyright in Ireland in a Digital Age
The Copyright Review Committee report has been published. Headline recommendations:
Ensure the right of free speech is a central element of the new copyright regime, including in the areas of parody and satire; Legalise legitimate forms of copying by introducing an explicit and broadly defined “Fair Use” policy. Ensure the extent of copyright ownership is balanced against the public good; Design a system which is clear to all parties, including end users; Design an enforcement mechanism which is easy to understand, transparent and accessible to all parties; Target penalties at those who infringe on copyright rather than on third parties such as intermediaries; Future-proof the new regime by basing it on applicable principles rather than rules relevant to today’s technology only; Make it easy for end-users to identify and engage with owners of copyright material.
Here’s hoping Sean Sherlock now does what he said he’d do, and acts on these recommendations.(tags: copyright law ireland reports fair-use free-speech satire parody copying copyfight ownership ip drm linking)
Storm at spider.io – London Storm Meetup 2013-06-18
Not just a Storm success story. Interesting slides indicating where a startup *stopped* using Storm as realtime wasn’t useful to their customers
(tags: storm realtime hadoop cascading python cep spider.io anti-spam events architecture distcomp low-latency slides rabbitmq)
-
I like the impromptu docking station hack
Bruce Schneier On The Feudal Internet And How To Fight It
This is very well-put.
In its early days, there was a lot of talk about the “natural laws of the Internet” and how it would empower the masses, upend traditional power blocks, and spread freedom throughout the world. The international nature of the Internet made a mockery of national laws. Anonymity was easy. Censorship was impossible. Police were clueless about cybercrime. And bigger changes were inevitable. Digital cash would undermine national sovereignty. Citizen journalism would undermine the media, corporate PR, and political parties. Easy copying would destroy the traditional movie and music industries. Web marketing would allow even the smallest companies to compete against corporate giants. It really would be a new world order. Unfortunately, as we know, that’s not how it worked out. Instead, we have seen the rise of the feudal Internet: Feudal security consolidates power in the hands of the few. These companies [like Google, Apple, Microsoft, Facebook etc.] act in their own self-interest. They use their relationship with us to increase their profits, sometimes at our expense. They act arbitrarily. They make mistakes. They’re deliberately changing social norms. Medieval feudalism gave the lords vast powers over the landless peasants; we’re seeing the same thing on the Internet.
(tags: bruce-schneier politics internet feudal-internet google apple microsoft facebook government)
Russia: Hidden chips ‘launch malware attacks from irons’
Cyber criminals are planting chips in electric irons and kettles to launch spam [jm: actually, malware] attacks, reports in Russia suggest. State-owned channel Rossiya 24 even showed footage of a technician opening up an iron included in a batch of Chinese imports to find a “spy chip” with what he called “a little microphone”. Its correspondent said the hidden devices were mostly being used to spread viruses, by connecting to any computer within a 200m (656ft) radius which were using unprotected Wi-Fi networks. Other products found to have rogue components reportedly included mobile phones and car dashboard cameras.
(tags: wifi viruses spam malware security russia china toasters kettles appliances)
Asteroid “mining” with Linux and FOSS
Planetary Resources is a company with a sky-high (some might claim “pie in the sky”) goal: to find and mine asteroids for useful minerals and other compounds. It is also a company that uses Linux and lots of free software. So two of the engineers from Planetary Resources, Ray Ramadorai and Marc Allen, gave a presentation at LinuxCon North America to describe how and why the company uses FOSS—along with a bit about what it is trying to do overall.
(tags: lwn mining planets asteroids space linux foss open-source)
Mac OS 10.9 – Infinity times your spam
a pretty stupid Mail.app IMAP bug hoses Fastmail:
Yes you read that right. It’s copying all the email from the Junk Folder back into the Junk Folder again!. This is legal IMAP, so our server proceeds to create a new copy of each message in the folder. It then expunges the old copies of the messages, but it’s happening so often that the current UID on that folder is up to over 3 million. It was just over 2 million a few days ago when I first emailed the user to alert them to the situation, so it’s grown by another million since. The only way I can think this escaped QA was that they used a server which (like gmail) automatically suppresses duplicates for all their testing, because this is a massively bad problem.
Google: Our Robot Cars Are Better Drivers Than Puny Humans | MIT Technology Review
One of those analyses showed that when a human was behind the wheel, Google’s cars accelerated and braked significantly more sharply than they did when piloting themselves. Another showed that the cars’ software was much better at maintaining a safe distance from the vehicle ahead than the human drivers were. “We’re spending less time in near-collision states,” said Urmson. “Our car is driving more smoothly and more safely than our trained professional drivers.”
(tags: google cars driving safety roads humans robots automation)
-
interesting new data structure, pending addition in Java 8. Basically an array of arrays which presents the API of a single List.
An ordered collection of elements. Elements can be added, but not removed. Goes through a building phase, during which elements can be added, and a traversal phase, during which elements can be traversed in order but no further modifications are possible.
(tags: spinedbuffer data-structures algorithms java jdk jvm java-8 arrays lists)
New political ideals ravaged by … politics
Direct Democracy Ireland, the party linked to Freemen-on-the-land and the Christian Solidarity Party, is having a bit of a bumpy ride with party governance it sounds like
-
Ho ho.
Michael Hayden, former NSA and CIA boss, who famously argued that the only people complaining about NSA surveillance were internet shut-ins who couldn’t get laid, apparently never learned that when you’re in a public place, someone might overhear your phone calls. Entrepreneur and former MoveOn.org director Tom Matzzie just so happened to be on the Acela express train from DC to NY when he (1) spotted Hayden sitting behind him and (2) started overhearing a series of “off the record” phone calls with press about the story of the week: the revelations of the NSA spying on foreign leaders. Matzzie did what any self-respecting American would do: live-tweet the calls.
(tags: nsa michael-hayden twitter tom-matzzie funny irony trains interviewing public surveillance)
-
A tool to manage inter-container dependencies so that continuous delivery with Jenkins and Docker is feasible. Looks very helpful
(tags: docker provisioning vms containers dockerize jenkins continuous-delivery continuous-integration)
Is Google building a hulking floating data center in SF Bay?
Looks pretty persuasive, especially considering they hold a patent on the design
(tags: google data-centers bay-area ships containers shipping sea wave-power treasure-island)
Roma, Racism And Tabloid Policing: Interview With Gary Younge : rabble
[This case] shows the link between the popular and the state. This is tabloid journalism followed by tabloid policing. It’s also completely ignorant. I wrote my article on the Roma after covering the community for a week. I thought, “that’s interesting – there’s a range of phenotypes, ways of looking, that include Roma.” I mentioned two blonde kids by chance. I mentioned that Roma are more likely to speak the language of the country they’re in than Romani, more likely to have the religion of the country they’re in. But they have the basic aspect that is true for all identities – they know each other and other people know them. It’s not like I’m an expert on the Roma. I was covering them for a week and after the second day I knew Roma children had blonde hair and blue eyes. These people who took that kid away knew nothing. And on that basis they abducted a child.
(tags: roma racism ireland gary-younge tabloid journalist children hse gardai)
Experian Sold Consumer Data to ID Theft Service
This is what happens when you don’t have strong controls on data protection/data privacy — the US experience.
While [posing as a US-based private investigator] may have gotten the [Vietnam-based gang operating the massive identity fraud site Superget.info] past Experian and/or CourtVentures’ screening process, according to Martin there were other signs that should have alerted Experian to potential fraud associated with the account. For example, Martin said the Secret Service told him that the alleged proprietor of Superget.info had paid Experian for his monthly data access charges using wire transfers sent from Singapore. “The issue in my mind was the fact that this went on for almost a year after Experian did their due diligence and purchased” Court Ventures, Martin said. “Why didn’t they question cash wires coming in every month? Experian portrays themselves as the data-breach experts, and they sell identity theft protection services. How this could go on without them detecting it I don’t know. Our agreement with them was that our information was to be used for fraud prevention and ID verification, and was only to be sold to licensed and credentialed U.S. businesses, not to someone overseas.”
via Simon McGarr(tags: via:tupp_ed privacy security crime data-protection data-privacy experian data-breaches courtventures superget scams fraud identity identity-theft)
European Parliament passes a vote calling for the EU/US SWIFT agreement to be suspended
“the European Parliament has today sent a clear message that enough is enough. The revelations about NSA interception of SWIFT data make a mockery of the EU’s agreement with the US, through which the bank data of European citizens is delivered to the US anti-terror system (TFTP). What is the purpose of an agreement like this, which was concluded in good faith, if the US authorities are going to circumvent its provisions? “The EU cannot continue to remain silent in the face of these ongoing revelations: it gives the impression we are little more than a lap dog of the US. If we are to have a healthy relationship with the US, based on mutual respect and benefit, EU governments must not be afraid of defending core EU values when they are infringed. EU leaders must finally take a clear and unambiguous stance on the NSA violations at this week’s summit.”
(tags: swift banking data eu us nsa interception surveillance snooping diplomacy)
Response to “Optimizing Linux Memory Management…”
A follow up to the LinkedIn VM-tuning blog post at http://engineering.linkedin.com/performance/optimizing-linux-memory-management-low-latency-high-throughput-databases —
Do not read in to this article too much, especially for trying to understand how the Linux VM or the kernel works. The authors misread the “global spinlock on the zone” source code and the interpretation in the article is dead wrong.
Making Storm fly with Netty | Yahoo Engineering
Y! engineer doubles the speed of Storm’s messaging layer by replacing the zeromq implementation with Netty
(tags: netty async zeromq storm messaging tcp benchmarks yahoo clusters)
-
Service discovery a la Airbnb — Nerve and Synapse: two external daemons that run on each node, Nerve to manage registration in Zookeeper, and Synapse to generate a haproxy configuration file from that, running on each host, allowing connections to all other hosts.
(tags: haproxy services ops load-balancing service-discovery nerve synapse airbnb)
The New York Review of Bots – @TwoHeadlines: Comedy, Tragedy, Chicago Bears
What is near-future late-capitalist dystopian fiction but a world where there is no discernible difference between corporations, nations, sports teams, brands, and celebrities? Adam was partly right in our original email thread. @TwoHeadlines is not generating jokes about current events. It is generating jokes about the future: a very specific future dictated by what a Google algorithm believes is important about humans and our affairs.
(tags: google-news google algorithms word-frequency twitter twoheadlines bots news emergent jokes)
-
‘Welcome to the New York Review of Bots, a professional journal of automated-agent studies. We aspire to the highest standards of rigorous analysis, but will often just post things we liked that a computer made.’
(tags: robots bots tumblr ai word-frequency markov-chain random twitter)
How to lose $172,222 a second for 45 minutes
Major outage and $465m of trading loss, caused by staggeringly inept software management: 8 years of incremental bitrot, technical debt, and failure to have correct processes to engage an ops team in incident response. Hopefully this will serve as a lesson that software is more than just coding, at least to one industry
(tags: trading programming coding software inept fail bitrot tech-debt ops incident-response)
Basho and Seagate partner to deliver scale-out cloud storage breakthrough
Ha, cool. Skip the OS, write the Riak store natively to the drive. This sounds frankly terrifying ;)
The Seagate Kinetic Open Storage platform eliminates the storage server tier of traditional data center architectures by enabling applications to speak directly to the storage system, thereby reducing expenses associated with the acquisition, deployment, and support of hyperscale storage infrastructures. The platform leverages Seagate’s expertise in hardware and software storage systems integrating an open source API and Ethernet connectivity with Seagate hard drive technology.
Sorry, lobbyists! Europe’s post-Snowden privacy reform gets a major boost
Following months of revelations, and on the same day that France heard its citizens’ phone calls were being reportedly recorded en masse by the Americans, the Parliament’s committee gave a resounding thumbs-up to every single amendment proposed by industrious German Green MEP Jan Phillip Albrecht (pictured above).
lolz.(tags: lobbying tech surveillance privacy eu jan-phillip-albrecht ep spying)
NCCA Junior Cycle – Programming and Coding Consultation Page
the National Council for Curriculum and Assessment are looking for feedback on adding programming to the junior cycle (ie., early secondary school) in Ireland. Add your EUR.02!
(tags: ireland programming coding education schools)
Everything You Always Wanted to Know About Synchronization but Were Afraid to Ask
‘the most exhaustive study of [multi-core] synchronization to date’
(tags: synchronization scalability cpus hardware papers via:fanf multicore cas)
WISH: A Monumental 11-Acre Portrait in Belfast by Jorge Rodríguez-Gerada
Must go up and visit this.
Unveiled several days ago in Belfast, Northern Ireland as part of the Belfast Festival, WISH is the latest public art project by Cuban-American artist Jorge Rodriguez-Gerada. The image depicted is of an anonymous Belfast girl and is so large it can only be viewed from the highest points in Belfast or an airplane. Several years in the making, WISH was first plotted on a grid using state-of-the-art Topcon GPS technology and 30,000 manually placed wooden stakes in Belfast’s Titanic Quarter. The portrait was then “drawn” with aid of volunteers who helped place nearly 8 million pounds of natural materials including soil, sand, and rock over a period of four weeks.
(tags: belfast ireland art portraits jorge-rodriguez-gerada land soil)
-
Autoremediation, ie. auto-replacement, of Cassandra nodes in production at Netflix
(tags: ops autoremediation outages remediation cassandra storage netflix chaos-monkey)
Barbarians at the Gateways – ACM Queue
I am a former high-frequency trader. For a few wonderful years I led a group of brilliant engineers and mathematicians, and together we traded in the electronic marketplaces and pushed systems to the edge of their capability.
Insane stuff — FPGAs embedded in the network switches to shave off nanoseconds of latency.(tags: low-latency hft via:nelson markets stock-trading latency fpgas networking)
Online Algorithms in High-frequency Trading – ACM Queue
one-pass algorithms for computing mean, variance, and linear regression, from the HFT world.
(tags: linear-regression variance mean variability volatility stream-processing online algorithms hft trading)
“Toy Story 2” was almost entirely deleted by accident at one point
A stray “rm -rf” on the main network share managed to wipe out 90% of the movie’s assets, and the backups were corrupt. Horrific backups war story
(tags: movies ops backups pixar recovery accidents rm-rf delete)
The Impossible Music of Black MIDI
excellently bananas. 8.49 million separate musical notes in a single 4-minute-long composition (via Paddy Benson)
(tags: music hardcore black-midi midi composition halp digital via:pbenson)
Bitcoin Mining Operating Margin
“The graph showing miners’ revenue minus estimated electricity and bandwidth costs.” — down to -694% right now, oh dear
(tags: bitcoin via:peakscale economics mining profit revenue charts electricity bubble)
How to Read a Scientific Paper (About That Researcher With a Nematode in His Mouth) – Wired Science
Let’s rewind to September 2012. It was about then- according to this recently published report (paywall) in The American Journal of Tropical Medicine – that an “otherwise healthy, 36-year-old man” felt a rough patch in his mouth, a scaly little area his right cheek. It didn’t hurt. But then it didn’t stay there either. He started testing for it with his tongue. It traveled. It moved to the back of his mouth, then forward, coiled backwards again. In the language of science: “These rough patches would appear and disappear on a daily basis, giving the patient the indirect sense that there was an organism moving within the oral cavity.”
(tags: nematodes parasites biology medicine paper gross funny wired mouth)
“High Performance Browser Networking”, by Ilya Grigorik, read online for free
Wow, this looks excellent. A must-read for people working on systems with high-volume, low-latency phone-to-server communications — and free!
How prepared are you to build fast and efficient web applications? This eloquent book provides what every web developer should know about the network, from fundamental limitations that affect performance to major innovations for building even more powerful browser applications—including HTTP 2.0 and XHR improvements, Server-Sent Events (SSE), WebSocket, and WebRTC. Author Ilya Grigorik, a web performance engineer at Google, demonstrates performance optimization best practices for TCP, UDP, and TLS protocols, and explains unique wireless and mobile network optimization requirements. You’ll then dive into performance characteristics of technologies such as HTTP 2.0, client-side network scripting with XHR, real-time streaming with SSE and WebSocket, and P2P communication with WebRTC. Deliver optimal TCP, UDP, and TLS performance; Optimize network performance over 3G/4G mobile networks; Develop fast and energy-efficient mobile applications; Address bottlenecks in HTTP 1.x and other browser protocols; Plan for and deliver the best HTTP 2.0 performance; Enable efficient real-time streaming in the browser; Create efficient peer-to-peer videoconferencing and low-latency applications with real-time WebRTC transports
Via Eoin Brazil.(tags: book browser networking performance phones mobile 3g 4g hsdpa http udp tls ssl latency webrtc websockets ebooks via:eoin-brazil google http2 sse xhr ilya-grigorik)
Even the NSA is finding it hard to cope with spam
3 new Snowden leaks, covering acquisition of Yahoo address books, buddy lists, and email account activity, and how spammer activity required intervention to avoid losing useful data in the noise
(tags: spam spammers nsa snowden leaks anti-spam yahoo im mail)
-
slides (lots of slides) from Baron Schwartz’ talk at Velocity in NYC.
(tags: slides monitoring metrics ops devops baron-schwartz pdf capacity)
-
Timestamps, as implemented in Riak, Cassandra, et al, are fundamentally unsafe ordering constructs. In order to guarantee consistency you, the user, must ensure locally monotonic and, to some extent, globally monotonic clocks. This is a hard problem, and NTP does not solve it for you. When wall clocks are not properly coupled to the operations in the system, causal constraints can be violated. To ensure safety properties hold all the time, rather than probabilistically, you need logical clocks.
(tags: clocks time distributed databases distcomp ntp via:fanf aphyr vector-clocks last-write-wins lww cassandra riak)
Reverse Engineering a D-Link Backdoor
Using the correct User-Agent: string, all auth is bypassed on several released models of D-Link and Planex routers. Horrific fail by D-Link
(tags: d-link security backdoors authorization reversing planex networking routers)
-
one of the most obvious inferences from the Snowden revelations published by the Guardian, New York Times and ProPublica recently is that the NSA has indeed been up to the business of inserting covert back doors in networking and other computing kit. The reports say that, in addition to undermining all of the mainstream cryptographic software used to protect online commerce, the NSA has been “collaborating with technology companies in the United States and abroad to build entry points into their products”. These reports have, needless to say, been strenuously denied by the companies, such as Cisco, that make this networking kit. Perhaps the NSA omitted to tell DARPA what it was up to? In the meantime, I hear that some governments have decided that their embassies should no longer use electronic communications at all, and are returning to employing couriers who travel the world handcuffed to locked dispatch cases. We’re back to the future, again.
(tags: politics backdoors snowden snooping networking cisco nsa gchq)
Azerbaijan accidentally publishes the results of its election before the polls open
The mistake came when an electoral commission accidentally published results showing a victory for Ilham Aliyev, the country’s long-standing President, a day before voting. Meydan TV, an online channel critical of the government, released a screenshot from a mobile app for the Azerbaijan Central Election Commission which showed that Mr Aliyev had received 72.76 per cent of the vote compared with 7.4 per cent for the opposition candidate, Jamil Hasanli. The screenshot also indicates that the app displayed information about how many people voted at various times during the day. Polls opened at 8am.
(tags: azerbaijan corruption fix elections voting voter-fraud)
-
According to EasyDNS:
Any registrar that has taken one of these sites offline that now impedes the registrants of those domains from simply getting their domain names out of there and back online somewhere else will then be subject to the TDRP – Transfer Dispute Resolution Policy and if they lose (which they will) they will be subject to TDRP fees assesed by the registry operator, and to quote the TDRP itself “Transfer dispute resolution fees can be substantial”. This is why it is never a good idea to just react to pressure in the face of obnoxious bluster – in the very act of trying to diffuse any perceived culpability you end up opening yourself to real liability.
(tags: tdrp easydns dns registrars domains piracy law due-process)
Schneier on Security: Air Gaps
interesting discussion in the comments. “Patricia”‘s process is particularly hair-raisingly complex, involving 3 separate machines and a multitude of VMs
(tags: air-gaps security networking bruce-schneier via:adulau)
New faculty positions versus new PhDs
The ever-plummeting chances of a PhD finding a faculty job:
Since 1982, almost 800,000 PhDs were awarded in science and engineering fields, whereas only about 100,000 academic faculty positions were created in those fields within the same time frame. The number of S&E PhDs awarded annually has also increased over this time frame, from ~19,000 in 1982 to ~36,000 in 2011. The number of faculty positions created each year, however, has not changed, with roughly 3,000 new positions created annually.
(via Javier Omar Garcia)(tags: via:javier career academia phd science work study research)
-
Sometimes good judgment can compel us to act illegally. Should a self-driving vehicle get to make that same decision?
(tags: ethics stories via:chris-horn the-atlantic driving cars law robots self-driving-vehicles)
-
‘A Ruby gem providing “time travel” and “time freezing” capabilities, making it dead simple to test time-dependent code. It provides a unified method to mock Time.now, Date.today, and DateTime.now in a single call.’ This is about the nicest mock-time library I’ve found so far. (via Ben)
(tags: time ruby testing coding unit-tests mocking timecop via:ben)
The 29 Stages Of A Twitterstorm
this is brilliant
(tags: uk twitter media funny pricehound racism outrage pitchforks rage social-media)
‘Experience of software engineers using TLA+, PlusCal and TLC’ [slides] [pdf]
by Chris Newcombe, an AWS principal engineer. Several Amazonians sharing their results in simulating tricky distributed-systems problems using formal methods
(tags: tla+ pluscal tlc formal-methods simulation proving aws amazon architecture design)
LinkBench: A database benchmark for the social graph
However, the gold standard for database benchmarking is to test the performance of a system on the real production workload, since synthetic benchmarks often don’t exercise systems in the same way. When making decisions about a significant component of Facebook’s infrastructure, we need to understand how a database system will really perform in Facebook’s production workload. [….] LinkBench addresses these needs by replicating the data model, graph structure, and request mix of our MySQL social graph workload.
Mentioned in a presentation from Peter Bailis, http://www.hpts.ws/papers/2013/bailis-hpts-2013.pdf(tags: graph databases mysql facebook performance testing benchmarks workloads)
-
from the Percona toolkit. ‘Conveniently summarizes the status and configuration of a server. It is not a tuning tool or diagnosis tool. It produces a report that is easy to diff and can be pasted into emails without losing the formatting. This tool works well on many types of Unix systems.’ — summarises OOM history, top, netstat connection table, interface stats, network config, RAID, LVM, disks, inodes, disk scheduling, mounts, memory, processors, and CPU.
(tags: percona tools cli unix ops linux diagnosis raid netstat oom)
How much can an extra hour’s sleep change you?
What they discovered is that when the volunteers cut back from seven-and-a-half to six-and-a-half hours’ sleep a night, genes that are associated with processes like inflammation, immune response and response to stress became more active. The team also saw increases in the activity of genes associated with diabetes and risk of cancer. The reverse happened when the volunteers added an hour of sleep.
-
some great phone cases from an Irish company, with nifty art by Irish illustrators and artists including Fatti Burke and Chris Judge
(tags: chris-judge fatti-burke illustrators art ireland iphone cases)
What drives JVM full GC duration
Interesting empirical results using JDK 7u21:
Full GC duration depends on the number of objects allocated and the locality of their references. It does not depend that much on actual heap size.
Reference locality has a surprisingly high effect.Rhizome | Occupy.here: A tiny, self-contained darknet
Occupy.here began two years ago as an experiment for the encampment at Zuccotti Park. It was a wifi router hacked to run OpenWrt Linux (an operating system mostly used for computer networking) and a small “captive portal” website. When users joined the wifi network and attempted to load any URL, they were redirected to http://occupy.here. The web software offered up a simple BBS-style message board providing its users with a space to share messages and files.
Nifty project from Dan Phiffer.Whatever Happened to “Due Process” ?
Mark Jeftovic is on fire after receiving yet another “take down this domain or else” mail from the City of London police:
We have an obligation to our customers and we are bound by our Registrar Accreditation Agreements not to make arbitrary changes to our customers settings without a valid FOA (Form of Authorization). To supersede that we need a legal basis. To get a legal basis something has to happen in court. […] What gets me about all of this is that the largest, most egregious perpetrators of online criminal activity right now are our own governments, spying on their own citizens, illegally wiretapping our own private communications and nobody cares, nobody will answer for it, it’s just an out-of-scope conversation that is expected to blend into the overall background malaise of our ever increasing serfdom. If I can’t make various governments and law enforcement agencies get warrants or court orders before they crack my private communications then I can at least require a court order before I takedown my own customer.
(tags: city-of-london police takedowns politics mark-jeftovic easydns registrars dns via:tjmcintyre)
-
The problem with software patents, part XVII.
So you have a situation where even when the original patent holder donated the patent for “the public good,” sooner or later, an obnoxious patent troll like IV comes along and turns it into a weapon. Again: AmEx patented those little numbers on your credit card, and then for the good of the industry and consumer protection donated the patent to a non-profit, who promised not to enforce the patent against banks… and then proceeded to sell the patent to Intellectual Ventures who is now suing banks over it.
(tags: intellectual-ventures scams patents swpats shakedown banking cvv american-express banks amex cmaf)
SPSC revisited part III – FastFlow + Sparse Data
holy moly. This is some heavily-optimized mechanical-sympathy Java code. By using a sparse data structure, cache-aligned fields, and wait-free low-level CAS concurrency primitives via sun.misc.Unsafe, a single-producer/single-consumer queue implementation goes pretty damn fast compared to the current state of the art
(tags: nitsanw optimization concurrency java jvm cas spsc queues data-structures algorithms)
Non-blocking transactional atomicity
interesting new distributed atomic transaction algorithm from Peter Bailis
(tags: algorithms database distributed scalability storage peter-bailis distcomp)
ZeroMQ: Helping us Block Malicious Domains in Real Time – Umbrella Security Labs
nice writeup of a ZeroMQ/Hadoop event processing pipeline architecture
(tags: zeromq hadoop event-processing architecture dns backend reputation)
Man sues RMV after driver’s license mistakenly revoked by automated anti-terror false positive:
John H. Gass hadn’t had a traffic ticket in years, so the Natick resident was surprised this spring when he received a letter from the Massachusetts Registry of Motor Vehicles informing him to cease driving because his license had been revoked. […] After frantic calls and a hearing with Registry officials, Gass learned the problem: An antiterrorism computerized facial recognition system that scans a database of millions of state driver’s license images had picked his as a possible fraud. “We send out 1,500 suspension letters every day,” said Registrar Rachel Kaprielian. […] “There are mistakes that can be made.”
See also this New Scientist story. This story notes that the system’s pretty widespread:
Massachusetts bought the system with a $1.5 million grant from the Department of Homeland Security. At least 34 states use such systems, which law enforcement officials say help prevent identity theft and ID fraud.
In my opinion, this kind of thing — trial by inaccurate, false-positive-prone algorithm, is one of the most worrying things about the post-PRISM world.
When we created SpamAssassin, we were well aware of the risk of automated misclassification. Any machine-learning classifier will always make mistakes. The key is to carefully calibrate the expected false-positive/false-negative ratio so that the negative side-effects of a misclassification corresponds to the expected rate.
These anti-terrorism machine learning systems are calibrated to catch as many potential cases as possible, but by aiming to reduce false negatives to this degree, they become wildly prone to false positives. And when they’re applied as a dragnet across all citizens’ interactions with the state — or even in the case of PRISM, all citizens’ interactions that can be surveilled en masse — it’s going to create buckets of bureaucratic false-positive horror stories, as random innocent citizens are incorrectly tagged as criminals due to software bugs and poor calibration.
Rapid read protection in Cassandra 2.0.2
Nifty new feature — if a request takes over the 99th percentile for requests to that server, it’ll be repeated against another replica. Unnecessary for Voldemort, of course, which queries all replicas anyway!
(tags: cassandra nosql replication distcomp latency storage)
Attacking Tor: how the NSA targets users’ online anonymity
As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target’s browser to visit a Foxacid server.
whoa, I missed this before.(tags: nsa gchq packet-injection attacks security backbone http latency)
GCHQ report on ‘MULLENIZE’ program to ‘stain’ anonymous electronic traffic
By modifying the User-Agent: header string, each HTTP transaction is “stained” to allow tracking. huh
(tags: gchq nsa snooping sniffing surveillance user-agent http browsers leaks)
Giving Docker/LXC containers a routable IP address
ugh, this is a mess. Docker, automate this crap
(tags: docker routing linux ops networking containers virtualization)
How the feds took down the Dread Pirate Roberts | Ars Technica
Well-written, comprehensive writeup of the Silk Road takedown, and the libertarian craziness of Ross William Ulbricht, it’s alleged owner and operator
(tags: silk-road drugs crazy ross-william-ulbricht fbi libertarian murder tor)
Patent troll Lodsys chickens out, folds case rather than face Eugene Kaspersky
In Kaspersky’s view, patent trolls are no better than the extortionists who cropped up in Russia after the fall of the Soviet Union, when crime ran rampant. Kaspersky saw more and more people becoming victims of various extortion schemes. US patent trolls seemed very similar. “Kaspersky’s view was that paying patent trolls was like paying a protection racket,” said Kniser. He wasn’t going to do it.
yay! pity it didn’t manage to establish precedent, though. But go Kaspersky!(tags: eugene-kaspersky shakedowns law east-texas swpats patents patent-trolls)
Sergio Bossa’s thoughts about Datomic
good comments from Sergio, particularly about the scalability of the single transactor in the Datomic architecture. I agree it’s a worrying design flaw
(tags: clojure nosql datomic sergio-bossa transactor spof architecture storage)
Codex Seraphinianus: A new edition of the strangest book in the world
Excited! one commenter claims a paperback of the new edition of Luigi Serafini’s masterwork should cost about $75 when it comes out in a couple of months. sign me up, this is an amazing work
(tags: codex-seraphinianus art weird strange books luigi-serafini)
The Snowden files: why the British public should be worried about GCHQ
When the Guardian offered John Lanchester access to the GCHQ files, the journalist and novelist was initially unconvinced. But what the papers told him was alarming: that Britain is sliding towards an entirely new kind of surveillance society
(tags: john-lanchester gchq guardian surveillance snooping police-state nsa privacy government)
Groundbreaking Results for High Performance Trading with FPGA and x86 Technologies
The enhancement in performance was achieved by providing a fast-path where trades are executed directly by the FPGA under the control of trigger rules processed by the x86 based functions. The latency is reduced further by two additional techniques in the FPGA – inline parsing and pre-emption. As market data enters the switch, the Ethernet frame is parsed serially as bits arrive, allowing partial information to be extracted and matched before the whole frame has been received. Then, instead of waiting until the end of a potential triggering input packet, pre-emption is used to start sending the overhead part of a response which contains the Ethernet, IP, TCP and FIX headers. This allows completion of an outgoing order almost immediately after the end of the triggering market feed packet.
Insane stuff. (Via Martin Thompson)(tags: via:martin-thompson insane speed low-latency fpga fast-path trading stock-markets performance optimization ethernet)
Why Tellybug moved from Cassandra to Amazon DynamoDB
Summary: poor reliability, better latencies, and cheaper (!)
(tags: aws dynamodb cassandra nosql storage tellybug counters scalability reliability latency)
-
Interviews with 2 New York bike thieves (one bottom feeder, one professional), reviewing the current batch of bicycle locks. Summary: U-locks are good, when used correctly, particularly the Kryptonite New York Lock ($80). On the other hand, Dublin’s recent spate of thefts are largely driven by wide availability of battery-powered angle grinders (thanks Lidl!), which, according to this article, are relatively quiet and extremely fast. :(
Fingerprints are Usernames, not Passwords
I could see some value, perhaps, in a tablet that I share with my wife, where each of us have our own accounts, with independent configurations, apps, and settings. We could each conveniently identify ourselves by our fingerprint. But biometrics cannot, and absolutely must not, be used to authenticate an identity. For authentication, you need a password or passphrase. Something that can be independently chosen, changed, and rotated. […] Once your fingerprint is compromised (and, yes, it almost certainly already is, if you’ve crossed an international border or registered for a driver’s license in most US states), how do you change it? Are you starting to see why this is a really bad idea?
(tags: biometrics apple security fingerprints passwords authentication authorization identity)
-
This is a pretty good summary of the salient points from the criminal complaint against Ross William Ulbricht — I’d say it’s pretty bad news for any users of the dodgy site, particularly given this:
“During the 60-day period from May 24, 2013 to July 23, 2013, there were approximately 1,217,218 communications sent between Silk Road users through Silk Road’s private-message system.”
According to the complaint, those are now in the FBI’s hands — likely unencrypted.(tags: crime silk-road drugs busts tor ross-william-ulbricht fbi)
-
ouch. some serious slagging here, along with taco science. (BTW we have the same problem with carne asada in Ireland, our taquerias use the cheater method too, sadly)
(tags: la tacos mexican food new-york slagging burritos taquerias carne-asada)
Edward Snowden’s E-Mail Provider Defied FBI Demands to Turn Over SSL Keys, Documents Show
Levison lost [in secret court against the government’s order]. In a work-around, Levison complied the next day by turning over the private SSL keys as an 11 page printout in 4-point type. The government called the printout “illegible” and the court ordered Levison to provide a more useful electronic copy.
Nice try though! Bottom line is they demanded the SSL private key. (via Waxy)(tags: government privacy security ssl tls crypto fbi via:waxy secrecy snooping)
Poisson Rouge: Crowdfunding Red Fish style
the fantastic French kids’ site is now crowdfunding new work — first off being a German Alphabet part of the site. My kids love their stuff, so — bonne chance!
(tags: french poisson-rouge flash web kids children education)
How an Engineer Earned 1.25 Million Air Miles By Buying Pudding
An amazing hack. ‘Air Miles are awesome, they can be used to score free flights, hotel stays and if you’re really lucky, the scorn and hatred of everyone you come in contact with who has to pay full price when they travel. The king of all virtually free travelers is one David Phillips, a civil engineer who teaches at the University of California, Davis. David came to the attention of the wider media when he managed to convert about 12,150 cups of Healthy Choice chocolate pudding [costing $3000] into over a million Air Miles. Ever since, David and his entire family have been travelling the world for next to nothing.’ (via al3xandru)
(tags: via:al3xandru hacks cool pudding small-print air-miles free)
-
An adventure that takes you through several popular Java language features and shows how they compile to bytecode and eventually JIT to assembly code.
(tags: charles-nutter java jvm compilation reversing talks slides)
Model checking for highly concurrent code
Applied formal methods in order to test distributed systems — specifically GlusterFS:
I’ll use an example from my own recent experience. I’m developing a new kind of replication for GlusterFS. To make sure the protocol behaves correctly even across multiple failures, I developed a Murphi model for it. […] I added a third failure [to the simulated model]. I didn’t expect a three-node system to continue working if more than one of those were concurrent (the model allows the failures to be any mix of sequential and concurrent), but I expected it to fail cleanly without reaching an invalid state. Surprise! It managed to produce a case where a reader can observe values that go back in time. This might not make much sense without knowing the protocol involved, but it might give some idea of the crazy conditions a model checker will find that you couldn’t possibly have considered. […] So now I have a bug to fix, and that’s a good thing. Clearly, it involves a very specific set of ill-timed reads, writes, and failures. Could I have found it by inspection or ad-hoc analysis? Hell, no. Could I have found it by testing on live systems? Maybe, eventually, but it probably would have taken months for this particular combination to occur on its own. Forcing it to occur would require a lot of extra code, plus an exerciser that would amount to a model checker running 100x slower across machines than Murphi does. With enough real deployments over enough time it would have happened, but the only feasible way to prevent that was with model checking. These are exactly the kinds of bugs that are hardest to fix in the field, and that make users distrust distributed systems, so those of us who build such systems should use every tool at our disposal to avoid them.
(tags: model-checking formal-methods modelling murphi distcomp distributed-systems glusterfs testing protocols)
Is Trypophobia a Real Phobia? | Popular Science
ie. “fear of small, clustered holes”. Sounds like it’s not so much a “phobia” as some kind of innate, visceral disgust response; I get it. ‘As for who actually made the word up, that distinction probably belongs to a blogger in Ireland named Louise, Andrews says. According to an archived Geocities page, Louise settled on “trypophobia” (Greek for “boring holes” + “fear”) after corresponding with a representative at the Oxford English Dictionary. Louise, Andrews and trypophobia Facebook group members have petitioned the dictionary to include the word. The term will need to be used for years and have multiple petitions and scholarly references before the dictionary accepts it, Andrews says. I, for one, would prefer to forget about it forever.’
(tags: disgusting revulsion fear phobias trypophobia holes ugh innate)
Common phobia you have never heard of: Fear of holes may stem from evolutionary survival response
“We think that everyone has trypophobic tendencies even though they may not be aware of it,” said Dr Cole. “We found that people who don’t have the phobia still rate trypophobic images as less comfortable to look at than other images. It backs up the theory that we are set-up to be fearful of things which hurt us in our evolutionary past. We have an innate predisposition to be wary of things that can harm us.”
(tags: trypophobia holes fear aversion disgust ugh evolution innate)
-
This is cool. Deploy Docker container images onto a Mesos cluster: key point, in the description of the Redis example: ‘there’s no need to install Redis or its supporting libraries on your Mesos hosts.’
(tags: mesos docker deployment ops images virtualization containers linux)
-
Aphyr takes a look at Kafka 0.8’s replication with the Jepsen test suite. It doesn’t go great. Jay Kreps responds here: http://blog.empathybox.com/post/62279088548/a-few-notes-on-kafka-and-jepsen
(tags: jay-kreps kafka replication distributed-systems distcomp networking reliability fault-tolerance jepsen)
-
A book published during the presidency of Chester A. Arthur has a greater chance of being in print today than one published during the time of Reagan.
This is not a gently sloping downward curve. Publishers seem unwilling to sell their books on Amazon for more than a few years after their initial publication. The data suggest that publishing business models make books disappear fairly shortly after their publication and long before they are scheduled to fall into the public domain. Copyright law then deters their reappearance as long as they are owned. On the left side of the graph before 1920, the decline presents a more gentle time-sensitive downward sloping curve.
(tags: business books legal copyright law public-domain reading history publishers amazon papers)
Horse_ebooks is human after all
Curated dissociated text. That’s great
(tags: ebooks art horse_ebooks internet twitter markov-chains)
-
(tags: coding funny processors multicore multiprocessing branch-prediction hardware)
To my daughter’s high school programming teacher
During the first semester of my daughter’s junior/senior year, she took her first programming class. She knew I’d be thrilled, but she did it anyway. When my daughter got home from the first day of the semester, I asked her about the class. “Well, I’m the only girl in class,” she said. Fortunately, that didn’t bother her, and she even liked joking around with the guys in class. My daughter said that you noticed and apologized to her because she was the only girl in class. And when the lessons started (Visual Basic? Seriously??), my daughter flew through the assigments. After she finished, she’d help classmates who were behind or struggling in class. Over the next few weeks, things went downhill. While I was attending SC ’12 in Salt Lake City last November, my daughter emailed to tell me that the boys in her class were harassing her. “They told me to get in the kitchen and make them sandwiches,” she said. I was painfully reminded of the anonymous men boys who left comments on a Linux Pro Magazine blog post I wrote a few years ago, saying the exact same thing.
I am sick to death of this ‘brogrammer’ bullshit.(tags: brogrammers sexism culture tech teaching coding software education)
“The cricket bat that died for Ireland”
The bat had the misfortune of being on display in the shop front of Elvery’s store on O’Connell Street, then Sackville Street, during the Easter Rising. J.W. Elvery & Co. was Ireland’s oldest sports store, specialising in sporting goods and waterproofed wear, with branches in Dublin, Cork (Patrick Street) and London (Conduit Street). […] Its location, about one block from the GPO, meant it was in the middle of the cross-fire and general destruction of the main street.
(tags: ireland cricket 1916 history easter-rising crossfire sports elverys)
_Availability in Globally Distributed Storage Systems_ [pdf]
empirical BigTable and GFS failure numbers from Google are orders of magnitude higher than naïve independent-failure models. (via kragen)
(tags: via:kragen failure bigtable gfs statistics outages reliability)
Why We Hate Infographics (And Why You Should)
YES. (via Des Traynor)
(tags: via:destraynor infographics visualization dataviz graphics fail)
Apple iOS 7 surprises as first with new multipath TCP connections – Network World
iOS 7 includes — and uses — multipath TCP, right now for device-to-Siri communications.
MPTCP is a TCP extension that enables the simultaneous use of several IP addresses or interfaces. Existing applications – completely unmodified — see what appears to be a standard TCP interface. But under the covers, MPTCP is spreading the connection’s data across several subflows, sending it over the least congested paths.
(tags: ios7 ios networking apple mptcp tcp protocols fault-tolerance)
_How Hard Can It Be? Designing and Implementing a Deployable Multipath TCP_ [pdf]
(tags: mptcp tcp protocols networking ip)
-
‘a client-side database that supports the complete DynamoDB API, but doesn’t manipulate any tables or data in DynamoDB itself. You can write code while sitting in a tree, on the beach, or in the desert. When you are ready to deploy your application, you simply instruct it to connect to the actual DynamoDB endpoint. No other modifications will be needed.’ This is good — an in-memory data store for integration testing is absolutely vital for production usage. (Voldemort does this well, for example.)
(tags: dynamodb aws ec2 testing integration-testing unit-tests)
Excellent Rob Pike quote about algorithmic complexity
‘Fancy algorithms are slow when n is small, and n is usually small.’ — Rob Pike
Been there, bought the t-shirt ;)(tags: rob-pike quotes algorithms big-o complexity coding)
Raft: The Understandable Distributed Consensus Protocol
good slides explaining the Raft protocol
(tags: raft slides presentation distcomp algorithms)
RSA warns developers not to use RSA products
In case you’re missing the story here, Dual_EC_DRBG (which I wrote about yesterday) is the random number generator voted most likely to be backdoored by the NSA. The story here is that — despite many valid concerns about this generator — RSA went ahead and made it the default generator used for all cryptography in its flagship cryptography library. The implications for RSA and RSA-based products are staggering. In a modestly bad but by no means worst case, the NSA may be able to intercept SSL/TLS connections made by products implemented with BSafe.
(tags: bsafe rsa crypto backdoors nsa security dual_ec_drbg rngs randomness)
-
This is exactly my problem with Cucumber and similar BDD test frameworks.
When I write a Cucumber feature, I have to write the Gherkin that describes the acceptance criteria, and the Ruby code that implements the step definitions. Since the code to implement the step definitions is just normal RSpec (or whichever testing library you use), if someone else is writing the Gherkin, the amount of setup to create a working test should be about the same. So you’re only breaking even! However, I don’t believe that it would really be breaking even. Cucumber adds another layer of indirection on top of your tests. When I’m trying to see why a specific scenario is failing, first I need to find the step that is failing. Since these steps are defined with regular expressions, I have to grep for the step definition.
Gamasutra – Opinion: The tragedy of Grand Theft Auto V
This is watching your sharp, witty father start telling old fart jokes as his mind slows down. And as much as the internet is habituated to defending GTA as “satire,” what is it satirizing, if everything is either sad or awful? Where is the “satire” when the awful parts no longer seem edgy or provocative, just attempts at catch-all “offense” that aren’t honed enough to even connect? Here’s a series that has been creating real, meaningful friction with conventional entertainment for as long as I can remember, and rather than push the envelope by creating new kinds of monsters, it’s reciting the same old gangland fantasies, like a college boy who can’t stop staring at the Godfather II poster on his wall, talking about how he’s gonna be a big Hollywood director in between bong rips. You call the trading index BAWSAQ? Oh, bro, you’re so funny, you’re gonna be huge.
CCC | Chaos Computer Club breaks Apple TouchID
“We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token”, said Frank Rieger, spokesperson of the CCC. “The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.” iPhone users should avoid protecting sensitive data with their precious biometric fingerprint not only because it can be easily faked, as demonstrated by the CCC team. Also, you can easily be forced to unlock your phone against your will when being arrested. Forcing you to give up your (hopefully long) passcode is much harder under most jurisdictions than just casually swiping your phone over your handcuffed hands.