Links for 2018-10-12

  • ‘We’re doomed’: Mayer Hillman on the climate reality no one else will dare mention | Environment | The Guardian

    Well this is terrifying.

    Can civilisation prolong its life until the end of this century? “It depends on what we are prepared to do.” He fears it will be a long time before we take proportionate action to stop climatic calamity. “Standing in the way is capitalism. Can you imagine the global airline industry being dismantled when hundreds of new runways are being built right now all over the world? It’s almost as if we’re deliberately attempting to defy nature. We’re doing the reverse of what we should be doing, with everybody’s silent acquiescence, and nobody’s batting an eyelid.”

    (tags: climate capitalism environment future scary mayer-hillman)

  • Querying OpenStreetMap Buildings with AWS Athena – door2door Engineering

    Well this is damn cool:

    AWS not only made OpenStreetMap planet data available on S3, but it also made it query-able with Athena. Pretty cool, no? Now, in theory, you can just construct an SQL query, send it to Athena, and then do whatever you want with the results. No more: Updating OSM planet data yourself; it gets updated on AWS whenever OSM publishes it, once a week. Transforming the data into a query-able format; Athena handles that for you. Query/request frequency limits (it’s still AWS though, so other limitations might apply ???? ????) At door2door, we had a pretty straight-forward use-case for this: we needed to get buildings in specific regions based only on where they were, and transform those buildings into GeoJSON that we can attach our data to, and visualize on the front-end on top of our base map.

    (tags: athena osm buildings aws geodata mapping maps door2door cool hacks)

  • Opinion | When Your Boss Is an Algorithm – The New York Times

    I have learned that drivers at ride-hailing companies may have the freedom and flexibility of gig economy work, but they are still at the mercy of a boss — an algorithmic boss.  Data and algorithms are presented as objective, neutral, even benevolent: Algorithms gave us super-convenient food delivery services and personalized movie recommendations. But Uber and other ride-hailing apps have taken the way Silicon Valley uses algorithms and applied it to work, and that’s not always a good thing.

    (tags: algorithms uber gig-economy work)

  • A Soyuz “ballistic re-entry” which subjected the crew to 21 g

    At the time when the safety system initiated separation the spacecraft was already pointed downward toward Earth, which accelerated its descent significantly. Instead of the expected acceleration in such an emergency situation of 15 g (147 m/s²), the cosmonauts experienced up to 21.3 g (209 m/s²).[2] Despite very high overloading, the capsule’s parachutes opened properly and slowed the craft to a successful landing after a flight of only 21 minutes.

    (tags: spaceflight soyuz accidents history cosmonauts)

Posted in Uncategorized | Leave a comment

Links for 2018-10-11

  • How To Survive The Coming Century

    New Scientist article from 2009 with a rather terrifying map of the 4-degrees-warmer Earth

    (tags: earth new-scientist climate fear)

  • IPCC 1.5 degrees target requires massive carbon dioxide removal technology efforts

    The grimmest prognosis in the draft report is in the details of the effort it would take to actually limit warming to 1.5°C. Countries won’t just have to give up fossil fuels and stop emitting greenhouse gases; they’ll have to pull carbon dioxide straight out of the air. “All pathways that limit global warming to 1.5°C with limited or no overshoot project the use of carbon dioxide removal (CDR),” according to the report. And not just a little, but a lot, upward of 1,000 gigatons of carbon dioxide removed from the atmosphere by the end of the century. This will require machines that scrub carbon dioxide out of the air as well as biofuels coupled with carbon capture and sequestration. These tactics have their own energy demands and environmental drawbacks, and we may not be able to deploy them in time. “CDR deployment of several hundreds of [gigatons of CO2] is subject to multiple feasibility and sustainability constraints,” according to the IPCC report.

    (tags: cdr co2 greenhouse-gases climate-change technology ipcc un)

Posted in Uncategorized | Leave a comment

Links for 2018-10-10

  • The 100 best restaurants, cafes and places to eat in Ireland

    the Irish Times latest foodie list, via Aoife McElwain

    (tags: irish-times food cafes eating dublin foodie restaurants)

  • A Controversial Virus Study Shows Flaws in How Science Is Done – The Atlantic

    Absent clearer guidelines, the burden falls on the scientific enterprise to self-regulate—and it isn’t set up to do that well. Academia is intensely competitive, and “the drivers are about getting grants and publications, and not necessarily about being responsible citizens,” says Filippa Lentzos from King’s College London, who studies biological threats. This means that scientists often keep their work to themselves for fear of getting scooped by their peers. Their plans only become widely known once they’ve already been enacted, and the results are ready to be presented or published. This lack of transparency creates an environment where people can almost unilaterally make decisions that could affect the entire world. Take the horsepox study [the main topic of this article]. Evans was a member of a World Health Organization committee that oversees smallpox research, but he only told his colleagues about the experiment after it was completed. He sought approval from biosafety officers at his university, and had discussions with Canadian federal agencies, but it’s unclear if they had enough ethical expertise to fully appreciate the significance of the experiment. “It’s hard not to feel like he opted for agencies that would follow the letter of the law without necessarily understanding what they were approving,” says Kelly Hills, a bioethicist at Rogue Bioethics. She also sees a sense of impulsive recklessness in the interviews that Evans gave earlier this year. Science reported that he did the experiment “in part to end the debate about whether recreating a poxvirus was feasible.” And he told NPR that “someone had to bite the bullet and do this.” To Hills, that sounds like I did it because I could do it. “We don’t accept those arguments from anyone above age 6,” she says.

    (tags: the-atlantic science news smallpox horsepox diseases danger risk academia papers publish-or-perish bioethics ethics biology genetics)

  • Amazon scraps secret AI recruiting tool that showed bias against women | Reuters

    Amazon’s computer models were trained to vet applicants by observing patterns in resumes submitted to the company over a 10-year period. Most came from men, a reflection of male dominance across the tech industry. […] Amazon’s system taught itself that male candidates were preferable. It penalized resumes that included the word “women’s,” as in “women’s chess club captain.” And it downgraded graduates of two all-women’s colleges, according to people familiar with the matter.’
    nice demo of algorithmic bias right there. Worrying that there are plenty of other places carrying on with the concept though….

    (tags: algorithmic-bias amazon hiring resumes bias feminism machine-learning ml)

Posted in Uncategorized | Leave a comment

Links for 2018-10-08

Posted in Uncategorized | Leave a comment

Links for 2018-10-05

Posted in Uncategorized | Leave a comment

Links for 2018-10-03

  • Kubernetes: The Surprisingly Affordable Platform for Personal Projects

    At the beginning of the year I spent several months deep diving on Kubernetes for a project at work. As an all-inclusive, batteries-included technology for infrastructure management, Kubernetes solves many of the problems you’re bound to run into at scale. However popular wisdom would suggest that Kubernetes is an overly complex piece of technology only really suitable for very large clusters of machines; that it carries a large operational burden and that therefore using it for anything less than dozens of machines is overkill. I think that’s probably wrong. Kubernetes makes sense for small projects and you can have your own Kubernetes cluster today for as little as $5 a month.
    (via Tony Finch)

    (tags: via:fanf deployment howto kubernetes ops projects hacks clustering)

  • This is how cyber attackers stole £2.26m from Tesco Bank customers | ZDNet

    What a shitshow.

    Poor design of Tesco Bank debit cards played a significant role in creating security vulnerabilities that led to thousands of customers having their accounts emptied. One of these involved the PAN numbers — the 16-digit card number sequence used to identify all debit cards. Tesco Bank inadvertently issued debit cards with sequential PAN numbers. This increased the likelihood that the attackers would find the next PAN number in the sequence. It took 21 hours after the attack began before Tesco Bank’s Fraud Strategy Team was informed about the incident. Only after what the FCA describes as a “series of errors” — including Tesco Bank’s Financial Crime Operations Team sending an email to the wrong address, instead of making a phone call as procedure requires — was the fraud team made aware of the attack. In all that time, nothing had been done to stop the attacks, with fraudulent transactions continuing to siphon money from accounts as the bank received more and more calls from worried customers.

    (tags: tesco fail tesco-bank banking pan-numbers debit-cards security fraud uk)

  • Running high-scale web applications on Amazon EC2 Spot Instances

    AppNext’s setup looks like quite good practice for a CPU-bound fleet

    (tags: appnext spot-instances ec2 scalability aws ops architecture)

Posted in Uncategorized | Leave a comment

Links for 2018-10-01

  • Amazon S3 Announces Selective Cross-Region Replication Based on Object Tags

    Amazon S3 Cross-Region Replication (CRR) now supports object filtering based on S3 object tags. This allows you to identify individual objects using S3 object tags for automatic replication across AWS Regions for compliance and/or data protection. CRR is an Amazon S3 feature that automatically replicates every object uploaded to an S3 bucket to a destination bucket in a different AWS Region that you choose. S3 object tags are key-value pairs applied to S3 objects that allow you to better organize, secure, and manage your data stored in S3. By using S3 object tags to determine which objects to replicate using CRR, you now have fine grained control to selectively replicate your storage to another AWS Region to backup critical data for compliance and disaster recovery.

    (tags: aws s3)

Posted in Uncategorized | Leave a comment

Links for 2018-09-28

  • Estonia sues Gemalto for 152 mln euros over ID card flaws

    Estonia’s Police and Border Guard Board (PPA) said in a statement Gemalto had created private key codes for individual cards, leaving the government IDs vulnerable to external cyber attack, rather than embedding it on the card’s chip as promised. “It turned out that our partner had violated this principle for years, and we see this as a very serious breach of contract,” PPA’s deputy director-general Krista Aas said in the statement.
    If true, this is a big problem…

    (tags: gemalto fail security smartcards estonia chip-cards)

  • Defcon Voting Village report: Bug in one system could “flip Electoral College” | Ars Technica

    ES&S strike again:

    Today, six prominent information-security experts who took part in DEF CON’s Voting Village in Las Vegas last month issued a report on vulnerabilities they had discovered in voting equipment and related computer systems. One vulnerability they discovered—in a high-speed vote-tabulating system used to count votes for entire counties in 23 states—could allow an attacker to remotely hijack the system over a network and alter the vote count, changing results for large blocks of voters. “Hacking just one of these machines could enable an attacker to flip the Electoral College and determine the outcome of a presidential election,” the authors of the report warned. The machine in question, the ES&S M650, is used for counting both regular and absentee ballots. The device from Election Systems & Software of Omaha, Nebraska, is essentially a networked high-speed scanner like those used for scanning standardized-test sheets, usually run on a network at the county clerk’s office. Based on the QNX 4.2 operating system—a real-time operating system developed and marketed by BlackBerry, currently up to version 7.0—the M650 uses Iomega Zip drives to move election data to and from a Windows-based management system. It also stores results on a 128-megabyte SanDisk Flash storage device directly mounted on the system board. The results of tabulation are output as printed reports on an attached pin-feed printer. The report authors—Matt Blaze of the University of Pennsylvania, Jake Braun of the University of Chicago, David Jefferson of the Verified Voting Foundation, Harri Hursti and Margaret MacAlpine of Nordic Innovation Labs, and DEF CON founder Jeff Moss—documented dozens of other severe vulnerabilities found in voting systems. They found that four major areas of “grave and undeniable” concern need to be addressed urgently. One of the most critical is the lack of any sort of supply-chain security for voting machines—there is no way to test the machines to see if they are trustworthy or if their components have been modified.

    (tags: fail security evoting vote-tabulation us-politics voting-machines)

Posted in Uncategorized | Comments closed

Links for 2018-09-27

Posted in Uncategorized | Comments closed

Links for 2018-09-26

  • Do not fall into Oracle’s Java 11 trap

    The key part of the terms is as follows: You may not: use the Programs for any data processing or any commercial, production, or internal business purposes other than developing, testing, prototyping, and demonstrating your Application; The trap is as follows: Download Oracle JDK (because that is what you’ve always done, and it is what the web-search tells you); Use it in production (because you didn’t realise the license changed); Get a nasty phone call from Oracle’s license enforcement teams demanding lots of money In other words, Oracle can rely on inertia from Java developers to cause them to download the wrong (commercial) release of Java. Unless you read the text/warnings/legalese very carefully you might not even realise Oracle JDK is now commercial, and that you are therefore liable to pay Oracle for Java.

    (tags: java licensing openjdk open-source oracle software jdk jre)

Posted in Uncategorized | Comments closed

Links for 2018-09-25

  • Dublin Bikes Animated

    lots of nice graphs and dataviz around Dublin Bikes usage

    (tags: bikes cycling dublin dataviz cool)

  • Common Cyborg | Jillian Weise | Granta

    Fantastic essay:

    When I tell people I am a cyborg, they often ask if I have read Donna Haraway’s ‘A Cyborg Manifesto’. Of course I have read it. And I disagree with it. The manifesto, published in 1985, promised a cyberfeminist resistance. The resistance would be networked and coded by women and for women to change the course of history and derange sexism beyond recognition. Technology would un-gender us. Instead, it has been so effective at erasing disabled women that even now, in conversation with many feminists, I am no longer surprised that disability does not figure into their notions of bodies and embodiment. Haraway’s manifesto lays claim to cyborgs (‘we are all cyborgs’) and defines the cyborg unilaterally through metaphor. To Haraway, the cyborg is a matter of fiction, a struggle over life and death, a modern war orgy, a map, a condensed image, a creature without gender. The manifesto coopts cyborg identity while eliminating reference to disabled people on which the notion of the cyborg is premised. Disabled people who use tech to live are cyborgs. Our lives are not metaphors.
    (Via Tony Finch)

    (tags: via:dotat cyborg technology feminism essay disability tech jillian-weise granta)

Posted in Uncategorized | Comments closed

Links for 2018-09-24

  • 25 Years of WIRED Predictions: Why the Future Never Arrives

    These early views of the sharing economy were accurate depictions of the moment, but poor visions of the future. Within a few short years, many of those Uber drivers would be stuck paying off their cars in sub-minimum-wage jobs with no benefits. What began as an earnest insight about bits and atoms quickly turned into an arbitrage opportunity for venture capitalists eager to undercut large, lucrative markets by skirting regulations. To meet the growth and monetization demands of investors, yesterday’s sharing economy became today’s gig economy.

    (tags: advertising future technology futurism predictions wired web2.0 history 1990s 2000s)

Posted in Uncategorized | Comments closed

Links for 2018-09-21

Posted in Uncategorized | Comments closed

Links for 2018-09-20

Posted in Uncategorized | Comments closed

Links for 2018-09-18

Posted in Uncategorized | Comments closed

Links for 2018-09-14

Posted in Uncategorized | Comments closed

Links for 2018-09-13

  • Google spent $60 million on building Content ID

    That’s how much it costs to build a not-particularly-accurate UGC copyright filter:

    Google’s new report takes aim at this claim. It asserts that Content ID is a highly effective solution, with over 98 percent of copyright management on YouTube happening through Content ID, and just 2 percent coming from humans filing copyright removal notices. Google also says the music industry opts to monetize more than 95 percent of its copyright claims, meaning they leave the videos up on the service. It claims a whopping half of the music industry’s YouTube revenue comes from fan content — covers, remixes, dance versions, etc. — claimed via Content ID. The report also puts a hard figure on how much Google has spent so far on Content ID: $60 million.

    (tags: filtering copyright eu article-13 copyfight content-id google web ugc)

  • A definitive blood test for post-infectious irritable bowel syndrome?: Expert Review of Gastroenterology & Hepatology: Vol 10, No 11

    Very interesting! This paper and the one at https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0126438 discuss the increasing evidence that some kinds of IBS may be caused by post-infection autoimmune activity triggered by a gastroenteritis infection — this matches the thing which put me on a restricted diet a few years ago.

    (tags: digestion ibs medicine health diet fodmap gastroenteritis papers)

  • Notes on some artefacts

    Five or six years ago, around the time most people seemed to be spending almost all of their time on the internet, I began to notice a particular kind of online phenomenon, one that I did not have a terminology for. I started to call these moments “artefacts”, borrowing a term from photography that describes the machine-created distortions and ghosts that corrupt digital imagery. “An unintended alteration in data” is one definition, but this new kind of “artefact” was expanding beyond sporadic instances and becoming a persistent sub-theme in discourse at large. The result was a type of semiotic collapse, one that first found its fullest expression in the absurdity of the 2016 presidential campaign, when news stories fabricated in Macedonia found a wider reach than The Washington Post. Countermeasures to interference in the coming 2018 congressional election look ineffectual, perhaps deliberately so.

    (tags: artefacts fake-news bots weird 2018 trump politics)

Posted in Uncategorized | Comments closed

Links for 2018-09-12

Posted in Uncategorized | Comments closed

Links for 2018-09-11

  • UIDAI’s Aadhaar Software Hacked, ID Database Compromised, Experts Confirm

    The authenticity of the data stored in India’s controversial Aadhaar identity database, which contains the biometrics and personal information of over 1 billion Indians, has been compromised by a software patch that disables critical security features of the software used to enrol new Aadhaar users, a three month-long investigation by HuffPost India reveals. The patch—freely available for as little as Rs 2,500 (around $35)— allows unauthorised persons, based anywhere in the world, to generate Aadhaar numbers at will, and is still in widespread use. This has significant implications for national security at a time when the Indian government has sought to make Aadhaar numbers the gold standard for citizen identification, and mandatory for everything from using a mobile phone to accessing a bank account.

    (tags: security aadhaar identity india privacy databases data-privacy)

  • Troy Hunt: The Effectiveness of Publicly Shaming Bad Security

    Now I don’t know how much of this change was due to my public shaming of their security posture, maybe they were going to get their act together afterward anyway. Who knows. However, what I do know for sure is that I got this DM from someone not long after that post got media attention (reproduced with their permission): Hi Troy, I just want to say thanks for your blog post on the Natwest HTTPS issue you found that the BBC picked up on. I head up the SEO team at a Media agency for a different bank and was hitting my head against a wall trying to communicate this exact thing to them after they too had a non secure public site separate from their online banking. The quote the BBC must have asked from them prompted the change to happen overnight, something their WebDev team assured me would cost hundreds of thousands of pounds and at least a year to implement! I was hitting my head against the desk for 6 months before that so a virtual handshake of thanks from my behalf! Thanks!

    (tags: business internet security social-media shame troy-hunt bad-press spin shaming)

Posted in Uncategorized | Comments closed

Links for 2018-09-09

  • Software as Craft: software delivery and open source in a Cloud & Enterprise world

    Niall Murphy sends this on:

    Microsoft is very pleased to welcome Maggie Pint and Dr. Nicole Forsgren to our new campus, to talk about open source and the deep connections between how software is written, and how successful it is. For those of you who are not aware, Maggie Pint is a software engineering lead in Azure’s Production Infrastructure Engineering (PIE) organization. Maggie’s team works on improving the engineering systems experience for Microsoft’s web-focused developers. She co-ordinates open source and inner source education and execution through Azure PIE. Outside of her day job, Maggie maintains the popular Moment.js JavaScript library, and is the JS Foundation’s delegate to TC39, the standards committee for JavaScript. She is passionate about dogs, coffee, the JavaScript language, and helping others live open source values in their day-to-day work. Dr. Nicole Forsgren is the co-founder and Chief Scientist of the DevOps Research and Assessment joint venture with Jez Humble and Gene Kim, also well-known leaders in the DevOps community. She is best known as a co-author of Accelerate: The Science of Lean Software and DevOps and lead investigator for the largest-scale DevOps studies undertaken to date. She is also member of the ACM Queue editorial board, a research affiliate for a number of universities, and earned her PhD in Management Information Systems from the University of Arizona. This event comprises two public technical talks, with an intended audience of a few hundred software and systems professionals, including technical managers and SREs.

    (tags: software coding open-source microsoft maggie-pint nicole-forsgren azure)

Posted in Uncategorized | Comments closed

Links for 2018-09-06

Posted in Uncategorized | Comments closed

Links for 2018-09-05

  • ‘The Internet of Garbage’ by Sarah Jeong

    Sarah Jeong’s 2015 book is now free: ‘I think The Internet of Garbage still provides a useful framework to begin to talk about our new dystopia, and it continues to be surprisingly relevant in many ways. But I wrote the book with a tone of optimism I did not feel even at the time, hoping that by reaching the well-meaning policy teams across Silicon Valley, I might be able to spark change for the better. Not only did that change never quite solidify, but the coordinated, orchestrated harassment campaigns of Gamergate that I very briefly touch on in Chapter Two have since overtaken our national political and cultural conversations. These twisted knots of lies, deflection, and rage are not just some weird and terrible online garbage. They shadow executive orders, court rulings, even the newly appointed judiciary. They will haunt us for years to come. We are all victims of fraud in the marketplace of ideas. I hope that in the very near future, I will be putting out a second edition of The Internet of Garbage. In that future edition, I hope to grapple with advertising incentives, engagement traps, international propaganda wars, the American crisis in free speech coinciding with the rise of platform power, and search engine optimization as the new paradigm of speech. In the meantime, I am putting out The Internet of Garbage 1.5 as an interim edition. I wish it were more helpful in our present reality. But as imperfect a tool as it is, I figure we all need as much help as we can get. ‘

    (tags: dystopia fake-news internet spam harrassment abuse twitter gamergate politics books free to-read)

Posted in Uncategorized | Comments closed

Links for 2018-09-04

  • Science Europe – cOAlition S

    cOAlition S signals the commitment to implement, by 1 January 2020, the necessary measures to fulfil its main principle: “By 2020 scientific publications that result from research funded by public grants provided by participating national and European research councils and funding bodies, must be published in compliant Open Access Journals or on compliant Open Access Platforms.” The 11 national research funding organisations that form cOAlition S have agreed to implement the 10 principles of Plan S in a coordinated way, together with the European Commission including the ERC. Other research funders from across the world, both public and private, are invited to join cOAlition S.
    I am extremely happy to see SFI on this list! (Via Cathal Garvey)

    (tags: sfi ireland funding science open-access open papers journals via:cathalgarvey)

Posted in Uncategorized | Comments closed

Links for 2018-09-03

  • Mastodon and the challenges of abuse in a federated system

    Similar to this thread by CJ Silverio, I’m not thinking about this in terms of whether Wil Wheaton or his detractors were right or wrong. Rather, I’m thinking about how this incident demonstrates that a large-scale harassment attack by motivated actors is not only possible in the fediverse, but is arguably easier than in a centralized system like Twitter or Facebook, where automated tools can help moderators to catch dogpiling as it happens. As someone who both administrates and moderates Mastodon instances, and who believes in Mastodon’s mission to make social media a more pleasant and human-centric place, this post is my attempt to define the attack vector and propose strategies to prevent it in the future.

    (tags: mastodon abuse twitter wilw harassment moderation)

  • Biohackers Encoded Malware in a Strand of DNA

    a group of researchers from the University of Washington has shown for the first time that it’s possible to encode malicious software into physical strands of DNA, so that when a gene sequencer analyzes it the resulting data becomes a program that corrupts gene-sequencing software and takes control of the underlying computer.

    (tags: hacking malware security sequencing genome biohacking dna)

Posted in Uncategorized | Comments closed

Links for 2018-08-31

  • Unsupervised machine translation: A novel approach to provide fast, accurate translations for more languages – Facebook Code

    Training an MT model without access to any translation resources at training time (known as unsupervised translation) was the necessary next step. Research we are presenting at EMNLP 2018 outlines our recent accomplishments with that task. Our new approach provides a dramatic improvement over previous state-of-the-art unsupervised approaches and is equivalent to supervised approaches trained with nearly 100,000 reference translations. To give some idea of the level of advancement, an improvement of 1 BLEU point (a common metric for judging the accuracy of MT) is considered a remarkable achievement in this field; our methods showed an improvement of more than 10 BLEU points. This is an important finding for MT in general and especially for the majority of the 6,500 languages in the world for which the pool of available translation training resources is either nonexistent or so small that it cannot be used with existing systems. For low-resource languages, there is now a way to learn to translate between, say, Urdu and English by having access only to text in English and completely unrelated text in Urdu – without having any of the respective translations.

    (tags: unsupervised-learning ml machine-learning ai translation facebook)

  • Linocuts by Gail Brodholt

    scenes from London transit infrastructure. There’s a fantastic 1960s vibe off these

    (tags: london tube public-transport prints art gail-brodholt via:mltshp)

Posted in Uncategorized | Comments closed

Links for 2018-08-30

  • This Music Theory Professor Just Showed How Stupid and Broken Copyright Filters Are – Motherboard

    Kaiser then decided to test Google’s system more fully. He opened a new YouTube account named Labeltest, and began sharing additional examples of copyright-free music. “I quickly received Content ID notifications for copyright-free music by Bartok, Schubert, Puccini, and Wagner,” Kaiser said. “Again and again, YouTube told me that I was violating the copyright of these long-dead composers, despite all of my uploads existing in the public domain.” Google’s Content ID is the result of more than $100 million in investment funds and countless development hours. Yet Kaiser found the system was largely incapable of differentiating between copyrighted music and content in the public domain. And the appeals process that Google has erected to tackle these false claims wasn’t any better.

    (tags: content-id copyright copyright-filtering youtube fail google public-domain ip music filtering bartok schubert wagner puccini)

  • Google Online Security Blog: Introducing the Tink cryptographic software library

    Tink aims to provide cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Tink is built on top of existing libraries such as BoringSSL and Java Cryptography Architecture, but includes countermeasures to many weaknesses in these libraries, which were discovered by Project Wycheproof, another project from our team. With Tink, many common cryptographic operations such as data encryption, digital signatures, etc. can be done with only a few lines of code.

    (tags: tink google java c++ boringssl ssl jca crypto)

Posted in Uncategorized | Comments closed

Links for 2018-08-29

Posted in Uncategorized | Comments closed

Links for 2018-08-28

  • Surgical team collaborates with McLaren F1 to improve processes

    On the screen was a motor racing grand prix and, as they watched, the two men became aware of the similarities between the handover disciplines from theatre to intensive care and what they were seeing in the pit of a Formula One racing team. From that moment began a collaboration between the leaders of Great Ormond Street’s surgical and intensive care units, first with the McLaren F1 racing team and then with Ferrari’s team chief Jan Todt, technical guru Ross Brawn and, in particular, race technical director Nigel Stepney. They worked together at their home base in Modena, Italy, in the pits of the British Grand Prix and in the Great Ormond Street theatre and intensive care ward. The major restructuring of the patient handover procedure, resulting directly from the input of the F1 pit technicians, will soon be described in two scientific publications. “It is not too early to say that, when we look at the number of critical instances we encounter, they have reduced markedly since we introduced the modified training protocol developed from what we have learned from Formula 1,” said Prof Elliott. The single A4 sheet of paper, which contained the flow diagram of Ferrari’s pit procedure, became several pages of twice that size when Mr Stepney and his colleagues at Ferrari were confronted with the critical transfer from operating theatre to recovery room at Great Ormond Street.

    (tags: collaboration cross-discipline surgery formula-1 mclaren pitstops cardiac)

Posted in Uncategorized | Comments closed

Links for 2018-08-26

Posted in Uncategorized | Comments closed

Links for 2018-08-24

  • Russian Trolls Used Vaccine Debate to Sow Discord, Study Finds – The New York Times

    But instead of picking a side, researchers said, the trolls and bots they programmed hurled insults at both pro- and anti-vaccine advocates. Their only intent, the study concluded, seemed to be to raise the level of hostility. “You see this pattern,” said David A. Broniatowski, a computer engineer at George Washington University and lead author of the study, which was published Thursday in the American Journal of Public Health. “On guns, or race, these accounts take opposite sides in lots of debates. They’re about sowing discord.”
    So the Russian strategy is basically more of a “Hail Eris” than a “Hail Mary”?

    (tags: russia trolls discord vaccination health internet)

Posted in Uncategorized | Comments closed

Links for 2018-08-22

  • spotify/dockerfile-maven: A set of Maven tools for dealing with Dockerfiles

    ‘a Maven plugin and extension which help to seamlessly integrate Docker with Maven. The design goals are: Don’t try to do anything fancy. Dockerfiles are how you build Docker projects; that’s what this plugin uses. They are mandatory. Make the Docker build process integrate with the Maven build process. If you bind the default phases, when you type mvn package, you get a Docker image. When you type mvn deploy, your image gets pushed. Make the goals remember what you are doing. You can type mvn dockerfile:build and later mvn dockerfile:tag and later mvn dockerfile:push without problems. This also eliminates the need for something like mvn dockerfile:build -DalsoPush; instead you can just say mvn dockerfile:build dockerfile:push. Integrate with the Maven build reactor. You can depend on the Docker image of one project in another project, and Maven will build the projects in the correct order. This is useful when you want to run integration tests involving multiple services.’ Looks very nice and well-run — shame it’s Maven instead of Gradle…

    (tags: java docker maven build coding packaging)

  • One in five genetics papers contains errors thanks to Microsoft Excel | Science | AAAS

    ‘Autoformatting in Microsoft Excel has caused many a headache — but now, a new study shows that one in five genetics papers in top scientific journals contains errors from the program, The Washington Post reports. The errors often arose when gene names in a spreadsheet were automatically changed to calendar dates or numerical values.’

    (tags: science microsoft excel spreadsheets autoformatting clippy fail papers genetics)

Posted in Uncategorized | Comments closed

Links for 2018-08-20

Posted in Uncategorized | Comments closed

Recipe: clara con limón granizado

I came across this cocktail in Pals, in Catalonia, in 30 degree heat, a few weeks back — I saw it on the menu at the cafe in the square of the old town, and had to give it a go. It’s incredible. Basically, it’s lager mixed with a lemon granita — like a beer slushy. Nothing is better at thirst quenching on a hot day, and best of all it’s quite low in alcohol so no worries about lorrying into it during the daytime :)

This year at Groovefest, our yearly get together/mini-festival, I got to serve up a few, with great results — they were quite popular. So here’s the recipe!

First off, a day or two in advance, make a batch of lemon granita. I based mine on this recipe which I’ll copy here just in case the original goes away:

Lemon Granita

Serves: about 8

Ingredients:

  • 3-4 lemons
  • 1L water
  • 150g of sugar

Method:

  • Zest the lemons and set the zest aside. Juice the lemons until you have 150ml juice (you may not need all of them).

  • Add the water and sugar to a large pan and bring to the boil. Reduce to a simmer and cook for 2 minutes, stirring to dissolve the sugar.

  • Add the lemon juice and zest, remove from the heat and cover. Set aside to cool for 20 minutes.

  • Strain the mixture into 2 containers that will fit in your freezer and leave to cool to room temperature.

  • Freeze until the mixture is partially frozen, which should take several hours. (I just left them overnight)

  • Remove the granita from the freezer and leave at room temperature until you can break it into chunks with a large spoon or fork.

  • Either transfer to a blender or food processor and blitz, or break it up with a fork. It doesn’t need to be perfectly smooth and snowy — a slushy texture is just right for this drink.

  • Store in the freezer. Take out 30 minutes before serving and break it up again with a fork.

Clara Con Limón Granizado

To serve: half-fill a half-pint glass with the lemon granita. Pour the beer on top to fill the glass. Stir once or twice to mix. Enjoy!

Posted in Uncategorized | Comments closed

Links for 2018-08-15

  • The BARR-C:2018 Embedded C Coding Standard

    ‘Barr Group’s Embedded C Coding Standard was developed to minimize bugs in firmware by focusing on practical rules that keep bugs out–while also improving the maintainability and portability of embedded software. The coding standard details a set of guiding principles as well as specific naming conventions and other rules for the use of data types, functions, preprocessor macros, variables and much more. Individual rules that have been demonstrated to reduce or eliminate certain types of bugs are highlighted. In this latest version, BARR-C:2018, the stylistic coding rules have been fully harmonized with MISRA C: 2012, while helping embedded system designers reduce defects in firmware written in C and C++.’

    (tags: embedded c coding standards style-guides misra c++)

Posted in Uncategorized | Comments closed

Links for 2018-08-14

  • Nosferatu is only viewable today due to piracy

    ‘In 1922 a German court ordered all prints and negatives of Nosferatu destroyed following a copyright dispute with the widow of Bram Stoker. The film only exists today because of piracy. One copy survived and somehow found it’s way to America, where Dracula was already in the public domain. That’s it. That’s the only reason you’ve ever seen the granddaddy of all horror movies.’

    (tags: dracula bram-stoker nosferatu piracy licensing movies history)

Posted in Uncategorized | Comments closed

Links for 2018-08-10

  • Anatomy of a tabloid Fortnite front page story

    Interesting writeup of how the UK tabloids concoct their scare stories, rustling up “victims” and paying them and their agents fees of thousands of pounds

    (tags: fortnite pokemon-go gaming tabloids uk newspapers truth the-sun games)

  • Hacker Finds Hidden ‘God Mode’ on Old VIA C3 x86 CPUs

    Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents. He found one — US8341419 — that mentioned jumping from ring 3 to ring 0 and protecting the machine from exploits of model-specific registers (MSRs), manufacturer-created commands that are often limited to certain chipsets. Domas followed the “trail of breadcrumbs,” as he put it, from one patent to another and figured out that certain VIA chipsets were covered by the patents. Then he collected many old VIA C3 machines and spent weeks fuzzing code. He even built a testing rig consisting of seven Nehemiah-based thin clients hooked up to a power relay that would power-cycle the machines every couple of minutes, because his fuzzing attempts would usually crash the systems. After three weeks, he had 15 GB of log data — and the instructions to flip on the backdoor in the hidden RISC chip.
    (via Nelson)

    (tags: cpu via x86 fuzzing security nehemiah via:nelson)

Posted in Uncategorized | Comments closed

Links for 2018-08-09

  • How I gained commit access to Homebrew in 30 minutes

    If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it. If I can gain access to commit in 30 minutes, what could a nation state with dedicated resources achieve against a team of 17 volunteers? How many private company networks could be accessed? How many of these could be used to escalate to large scale data breaches? What other package management systems have similar weaknesses? This is my growing concern, and it’s been proven time and time again that package managers, and credential leaks, are a weak point in the security of the internet, and that supply chain attacks are a real and persistent threat. This is not a weakness in Homebrew, but rather a systemic problem in the industry, and one where we need more security research.

    (tags: homebrew github security jenkins credentials scary)

  • Fonez – Pre-owned Phones

    Galway-based refurb phone retailer, recommended by co-worker Ciaran where he picked up his Pixel

    (tags: phones ireland shopping mobile)

  • ncw/rclone

    “rsync for cloud storage” – Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files

    (tags: backup github sync cloud s3 storage rsync rclone google aws dropbox backblaze yandex onedrive)

  • People Think This Whole QAnon Conspiracy Theory Is A Prank On Trump Supporters

    This, if true, is the most gloriously Discordian thing ever.

    “Let us take for granted, for a while, that QAnon started as a prank in order to trigger right-wing weirdos and have a laugh at them. There’s no doubt it has long become something very different. At a certain level it still sounds like a prank. But who’s pulling it on whom?” they [Roberto Bui, Giovanni Cattabriga, and Federico Guglielmi] said.

    (tags: q conspiracy politics trump qanon luther-blissett discordianism wu-ming funny crazy)

Posted in Uncategorized | Comments closed

Links for 2018-07-17

Posted in Uncategorized | Comments closed

Links for 2018-07-16

Posted in Uncategorized | Comments closed

Links for 2018-07-13

  • Facebook’s new rules for moderators on dealing with far-right pages are awful

    This is a total shitshow. Facebook needs to sort this out, it is not remotely desirable.

    Facebook: “We allow to call for the creation of white ethno-states.” In other words, Facebook is officially ok with people calling for ethnic cleansing and genocide. The time for Facebook to hire/consult with experts re: the far-right was about three or four years ago. That they now *agree* with the rationale of Alt-Reich rebranding in 2018 shows that this company is simply not fit for purpose. […] t’s quite something that Facebook’s advice to their moderators literally mirrors Nazi propaganda: “Being interested in and caring for one’s kind is not to disparage foreign peoples and races”- Nazi party pamphlet “Why the Aryan Law?” (1934)

    (tags: facebook awful moderation far-right nazis fascism ethnic-cleansing genocide social-media fail)

  • How my research on DNA ancestry tests became “fake news”

    I was not surprised to see our research twisted by fake news and satire websites. Conspiracy theories are meant to be just as entertaining as they are convincing. They also provide a way out of confronting reality and reckoning with facts that don’t confirm preexisting worldviews. For white nationalists and racists, if test results showed traces of African American or Jewish ancestry, either the tests did not work, or the results were planted by some ideologically motivated scientists, or the tests were part of a global war against whites. With conspiracy theories, debunking is rarely useful because the individual is often searching for an interpretation that confirms their prior beliefs. As such, DNA conspiracy theories allow white supremacists to plan new escape routes for the traps they laid for themselves long ago. With DNA testing, the one-drop rule—a belief made law in the 1900s that one drop of African blood makes one Black—becomes transmuted genealogically into the one-percent rule, according to which to remain racially white, an individual’s results must show no sign of African or Jewish origin. Through the genealogical lens, American white nationalists consider “one hundred percent European” as good results, which in turn substantiates their “birth right” to the United States as a marker of heredity and conquest.

    (tags: racism science fake-news conspiracy genealogy dna dna-testing)

  • Second Wind CPAP

    Second-hand CPAP machines — decent prices here, recommended by @Searcher on FP

    (tags: cpap second-hand appliances)

Posted in Uncategorized | Comments closed