Apple outlaws third-party repairs with vague TouchID-related justifications:
Freelance photographer and self-confessed Apple addict Antonio Olmos says this happened to his phone a few weeks ago after he upgraded his software. Olmos had previously had his handset repaired while on an assignment for the Guardian in Macedonia. “I was in the Balkans covering the refugee crisis in September when I dropped my phone. Because I desperately needed it for work I got it fixed at a local shop, as there are no Apple stores in Macedonia. They repaired the screen and home button, and it worked perfectly.” He says he thought no more about it, until he was sent the standard notification by Apple inviting him to install the latest software. He accepted the upgrade, but within seconds the phone was displaying “error 53” and was, in effect, dead.Now that is scummy.
good roundup of real-world clock skew links
A critique of the “Redlock” locking algorithm from Redis by Martin Kleppman. antirez responds here: http://antirez.com/news/101
looks reasonably usable, although EMR’s crappy UI is still an issue
Awesome post from Dan Luu with data from Google:
The cause [of some mystery widespread 250ms hangs] was kernel throttling of the CPU for processes that went beyond their usage quota. To enforce the quota, the kernel puts all of the relevant threads to sleep until the next multiple of a quarter second. When the quarter-second hand of the clock rolls around, it wakes up all the threads, and if those threads are still using too much CPU, the threads get put back to sleep for another quarter second. The phase change out of this mode happens when, by happenstance, there aren’t too many requests in a quarter second interval and the kernel stops throttling the threads. After finding the cause, an engineer found that this was happening on 25% of disk servers at Google, for an average of half an hour a day, with periods of high latency as long as 23 hours. This had been happening for three years. Dick Sites says that fixing this bug paid for his salary for a decade. This is another bug where traditional sampling profilers would have had a hard time. The key insight was that the slowdowns were correlated and machine wide, which isn’t something you can see in a profile.
Looks like GCM now offers a way to determine if a message got delivered, via the GCM diagnostics console
I can confirm, there is a help forum from the “deutsche telekom”, they say there is a feature called MEC (it’s mainly for setting phone parameters to match their network), active on all their SIM cards, which is not correctly handled by any of the OnePlus Devices (one, two, x) so it writes constantly to flash memory, killing it arround 100.000 writes which is 3-6 weeks.(via Mike Walsh on the Irish tech slack)
As the economist Emily Oster pointed out in her 2013 book Expecting Better, there is also no “proven safe” level of Tylenol or caffeine, and yet both are fine in moderation during pregnancy. Oster pored through reams of research on alcohol and pregnancy for her book and concluded that there is simply no scientific evidence that light drinking during pregnancy impacts a baby’s health. (In one frequently cited 2001 study that suggested light drinking in pregnancy increases the chances of a child displaying aggressive behaviors, the drinkers were also significantly likelier to have taken cocaine during pregnancy.)My wife also followed the paper trail on this issue in the past. In the papers from which these recommendations were derived, the level of drinking at which any effects were observed in babies was when women consumed at least *9 units every day* for the entire pregnancy. That’s an entire bottle of wine, daily!
‘“Spam emails are a large proportion of emails seen in SIGINT [signals intelligence],” reads part of a dense document from the Snowden archive, published by Boing Boing on Tuesday. “GCHQ would like to reduce the impact of spam emails on data storage, processing and analysis.”’ (circa 2011). Steganography, anyone? (via Tony Finch)
‘Lawyers for [a Hungarian news] site said the comments concerned had been taken down as soon as they were flagged. They said making their clients liable for everything readers posted “would have serious adverse repercussions for freedom of expression and democratic openness in the age of Internet”. The ECHR agreed. “Although offensive and vulgar, the incriminated comments did not constitute clearly unlawful speech; and they certainly did not amount to hate speech or incitement to violence,” the judges wrote.’
quine.zip, quine.gz, and quine.tar.gz. Here’s what happens when you mail it through bad AV software: https://twitter.com/FioraAeterna/status/694655296707297281
Great article by Geoff “bldgblog” Manaugh on the ruins of the Nike air-to-air missile emplacements dotted around California. I had absolutely no idea that these — the 1958-era Nike-Hercules missiles, at least — carried 30-kiloton nuclear warheads, intended to be detonated at 50,000 feet *above* the cities they were defending, in order to destroy in-flight bomber formations. Nuclear war was truly bananas.
This is an excellent essay from Cory Doctorow on mass surveillance in the post-Snowden era, and the difference between HUMINT and SIGINT. So much good stuff, including this (new to me) cite for, “Goodhart’s law”, on secrecy as it affects adversarial classification:
The problem with this is that once you accept this framing, and note the happy coincidence that your paymasters just happen to have found a way to spy on everyone, the conclusion is obvious: just mine all of the data, from everyone to everyone, and use an algorithm to figure out who’s guilty. The bad guys have a Modus Operandi, as anyone who’s watched a cop show knows. Find the MO, turn it into a data fingerprint, and you can just sort the firehose’s output into ”terrorist-ish” and ”unterrorist-ish.” Once you accept this premise, then it’s equally obvious that the whole methodology has to be kept from scrutiny. If you’re depending on three ”tells” as indicators of terrorist planning, the terrorists will figure out how to plan their attacks without doing those three things. This even has a name: Goodhart’s law. “When a measure becomes a target, it ceases to be a good measure.” Google started out by gauging a web page’s importance by counting the number of links they could find to it. This worked well before they told people what they were doing. Once getting a page ranked by Google became important, unscrupulous people set up dummy sites (“link-farms”) with lots of links pointing at their pages.
‘Anderson encourages his readers to forward telemarketers to the robot, and is happy to send them recordings of the ensuing conversations. His instructions are below if you’d like to give it a shot.’
The only possible deal that is immediately available is where the European Commission agrees a politically expeditious but legally untenable deal, creating a time bomb rather than a durable deal, to the benefit of no one. In absence of reforms before an agreement, individuals’ fundamental rights would remain under threat.
interactive menu selection for the UNIX command line
It seems git’s default behavior in many situations is — despite communicating objectID by content-addressable hashes which should be sufficient to assure some integrity — it may not actually bother to *check* them. Yes, even when receiving objects from other repos. So, enabling these configuration parameters may “slow down” your git operations. The return is actually noticing if someone ships you a bogus object. Everyone should enable these.
Good explanation and scipy code for the birthday paradox and hash collisions
sync up with the Apple product cycle when you’re buying new hardware
After evaluating a number of platforms, including existing open source projects, we were unable to find one that met all of our needs and decided to set about developing a robust and scalable load balancing platform. The requirements were not exactly complex – we needed the ability to handle traffic for unicast and anycast VIPs, perform load balancing with NAT and DSR (also known as DR), and perform adequate health checks against the backends. Above all we wanted a platform that allowed for ease of management, including automated deployment of configuration changes. One of the two existing platforms was built upon Linux LVS, which provided the necessary load balancing at the network level. This was known to work successfully and we opted to retain this for the new platform. Several design decisions were made early on in the project — the first of these was to use the Go programming language, since it provided an incredibly powerful way to implement concurrency (goroutines and channels), along with easy interprocess communication (net/rpc). The second was to implement a modular multi-process architecture. The third was to simply abort and terminate a process if we ended up in an unknown state, which would ideally allow for failover and/or self-recovery.
cut out and keep PNG for many occasions! “Why is Redis talking to MongoDB?”
Good description of this key feature of decent serialization formats
At the time, many of us citizens thought the State was being craven in the face of the EU but it is now clear that Trichet’s ECB was prepared to let the Irish banks go to the wall, prompting a new bank run in 2010. This is like a hostage situation. The ECB was saying to the Irish government: you managed in September 2008 to prevent a bank run with the guarantee (which should always have been temporary and conditional) but now we are going to threaten you with another bank run – because we are still funding your banks and you must pay all the bondholders and add the cost to the national debt of the country. So the implicit threat was: “We will close the banks, cause a bank run and you will be left to pick up the pieces politically, socially and economically.”
Wow, the deployment thing is pretty hacky
‘# TEMPORARY, I HOPE HOPE HOPE’
Bookmarking so I can follow my own link from https://pinboard.in/u:jmason/t:post-mortems/
SOUND THE POUTINE KLAXON
Dropwizard for Go, basically:
a distributed programming toolkit for building microservices in large organizations. We solve common problems in distributed systems, so you can focus on your business logic.
bookmarking for future use
“Bang Bang”, new fancy deli on Leinster Road North
OMG, this is hilarious. High drama among the arch-druids (via Lisa Carey)
‘In his essay on Income Inequality, Paul Graham credited me for pre-publication feedback. Because he didn’t do much with my comments, I thought I’d publish them here.’ … ‘Mostly, I think you are picking a fight with people who would mostly agree with you, and ignoring the real arguments about what inequality means and why it matters.’
Analysis showed Jack and the Beanstalk was rooted in a group of stories classified as The Boy Who Stole Ogre’s Treasure, and could be traced back to when eastern and western Indo-European languages split – more than 5,000 years ago. Beauty and the Beast and Rumpelstiltskin to be about 4,000 years old. A folk tale called The Smith and the Devil was estimated to date back 6,000 years to the bronze age. The study employed phylogenetic analysis, which was developed to investigate evolutionary relationships between species, and used a tree of Indo-European languages to trace the descent of shared tales on it, to see how far they could be demonstrated to go back in time. Tehrani said: “We find it pretty remarkable these stories have survived without being written. They have been told since before even English, French and Italian existed. They were probably told in an extinct Indo-European language.”
probably totally dodgy where the Oyster rules are concerned, but still pretty damn cool
handy — search Netflix in all regions, then show where the show/movie is available. Probably going to be less handy from now on now that Netflix is blocking region-spoofing
This is full of good points.
Without having a distinct SORT KEY for a geographically distinct area, a postcode is of no real benefit to any type of transport firm or agency. To take one example, Eircode have used the same sort key, F92, for Arranmore (Donegal’s largest inhabited island) and the north western Donegal mainland. Cill Rónáin, Inis Mór, the largest of the Aran Islands, has the same sort key H91, as Connemara and Galway City. Galway city and the Aran Islands may be in a relatively small geographical area, but keen eyes may have noticed that the Aran Islands are separated from the mainland by a small section of the Atlantic Ocean. Sort codes which ignore clear and obvious boundaries, like seas or oceans, need to be redesigned. In two seconds a [UK] website could tell a Hebridean that his delivery will take 4 days at a cost of fifty quid by using the first three characters of the postcode. The Eircode-using Irish equivalent website would need to lookup a large database to tell an Arranmore resident the cost and time for delivery – and they’d need the full exact code. Any mistake made here, and your estimated delivery time, and cost for delivery will be wrong.
Very nifty — autodeploys free wildcard certs to ELBs and Cloudfront. HN discussion thread is pretty good: https://news.ycombinator.com/item?id=10947186
Eric Brandwine details the internal workings of Amazon VPC
Bryan Cantrill gives unikernels a 10-point dismissal. This is great
Excellent flowchart of how to fix common git screwups (via ITC slack)
Karlin Lillington in the Irish Times, going through journos for a shortcut:
All the hand-wringing from journalists, unions and media companies – even politicians and ministers – over the GSOC’s accessing of journalist’s call records? Oh, please. What wilful ignorance, mixed with blatant hypocrisy. Where have you all been for the past decade and a half, as successive Irish governments and ministers for justice supported and then rammed through legislation for mandatory call data retention for one of the longest periods in the world, with some of the weakest legal constraints and oversight?
Good plug for emrfs for encryption
Good explanation of why RSUs are becoming increasingly common
Amazon Echo sends your WiFi password to Amazon. No option to disable. Trust us it’s in an “encrypted file”
ah, <3 the 'batter
This is absolutely appalling. IP law gone mad:
DNC Parks & Resorts at Yosemite, Inc (a division of one of the largest privately owned companies in the world) used to have the concessions to operate various businesses around Yosemite National Park. Now that they’ve been fired, they’re using some decidedly dubious trademark to force the Park Service to change the names of buildings and locations that have stood for as much as a century, including some that have been designated national landmarks. The Parks Service has caved to these requests as it readies the park for its centennial celebration. It will not only change the names of publicly owned landmarks — such as the Ahwahnee hotel, Yosemite Lodge, the Wawona Hotel, Curry Village, and Badger Pass ski area — it will also have to change all its signs, maps and guidebooks.
‘THE DRAGNET: How a man accused of million-dollar fraud uncovered a never before seen, secret surveillance device’
Online chart maker for CSV and Excel data; make charts and dashboards online. One really nice feature is that charts made this way get permalinks, and can be easily inlined as PNGs or HTML5 divs. (See https://www.vividcortex.com/blog/analyzing-sparks-mpp-scalability-with-the-usl for an example.)
Patents ruin everything, CRISPR edition
Nchan is a scalable, flexible pub/sub server for the modern web, built as a module for the Nginx web server. It can be configured as a standalone server, or as a shim between your application and tens, thousands, or millions of live subscribers. It can buffer messages in memory, on-disk, or via Redis. All connections are handled asynchronously and distributed among any number of worker processes. It can also scale to many nginx server instances with Redis. Messages are published to channels with HTTP POST requests or websockets, and subscribed also through websockets, long-polling, EventSource (SSE), old-fashioned interval polling, and more. Each subscriber can listen to up to 255 channels per connection, and can be optionally authenticated via a custom application url. An events meta channel is also available for debugging.Also now supports HTTP/2. This used to be called the Nginx HTTP Push Module, and I used it with great results in that form. This is the way to do HTTP push in all its forms….
A great theory!
I don’t have contact information for Hiroko Okuda, but I am positive that the track she is referring to [as the source of the Casiotone MT-40 "rock" preset] is “Hang Onto Yourself” by David Bowie.
A very US-oriented, but still useful, reference for all the aspects of stock options, RSUs, and other forms of equity compensation
shock horror, Docker-SDN layers have terrible performance. Still pretty lousy perf impacts from basic Docker containerization, presumably without “–net=host” (which is apparently vital)
‘Norman Maurer presents how Apple uses Netty for its Java based services and the challenges of doing so, including how they enhanced performance by participating in the Netty open source community. Maurer takes a deep dive into advanced topics like JNI, JVM internals, and others.’
excellent blueprint-style poster covering all the major cocktails
LOL, internet of broken things (via Dave Bolger)
Excellent post from Percona. I particularly like that they don’t just say “don’t use MySQL” — they give good advice on how it can be made work: 1) avoid polling; 2) avoid locking; and 3) avoid storing your queue in the same table as other data.
Replacing varnish with nginx. Nice deep-dive blog post covering kernel innards
Excellent blog post on thread pools, backpressure, Little’s Law, and other Hystrix-related topics (PS: use Hystrix)
good explanation of this new data structure for searching multidimensional data
William S. Gosset, discoverer of the Student’s T-Test. Amazon should have taken note of this trick:
Upon completing his work on the t-distribution, Gosset was eager to make his work public. It was an important finding, and one he wanted to share with the wider world. The managers of Guinness were not so keen on this. They realized they had an advantage over the competition by using this method, and were not excited about relinquishing that leg up. If Gosset were to publish the paper, other breweries would be on to them. So they came to a compromise. Guinness agreed to allow Gosset to publish the finding, as long as he used a pseudonym. This way, competitors would not be able to realize that someone on Guinness’s payroll was doing such research, and figure out that the company’s scientifically enlightened approach was key to their success.
Little known to the rest of the world, a team of open source software developers played a small but integral part in helping to stop the spread of Ebola in Sierra Leone, solving a payroll crisis that was hindering the fight against the disease. Emerson Tan from NetHope, a consortium of NGOs working in IT and development, told the tale at the Chaos Communications Congress in Hamburg, Germany. “These guys basically saved their country from complete collapse. I can’t overestimate how many lives they saved,” he said about his co-presenters, Salton Arthur Massally, Harold Valentine Mac-Saidu and Francis Banguara, who appeared over video link.
A good review of RethinkDB! Hopefully not just because this test is contract work on behalf of the RethinkDB team ;)
I’ve run hundreds of test against RethinkDB at majority/majority, at various timescales, request rates, concurrencies, and with different types of failures. Consistent with the documentation, I have never found a linearization failure with these settings. If you use hard durability, majority writes, and majority reads, single-document ops in RethinkDB appear safe.
Metrics integration for OkHttp. looks quite nice
on Normalization of Deviance, with a few anecdotes from Silicon Valley. “The gradual process through which unacceptable practice or standards become acceptable. As the deviant behavior is repeated without catastrophic results, it becomes the social norm for the organization.”
The history of real-world CA-based PKI is pretty awful
wow, this is great footage
hooray, Docker registry here at last
turns out it’s easy enough — Mozilla standardised a debugging SSL session-key logging file format which Wireshark and Chrome support
Adam Langley on the Juniper VPN-snooping security hole:
… if it wasn’t the NSA who did this, we have a case where a US government backdoor effort (Dual-EC) laid the groundwork for someone else to attack US interests. Certainly this attack would be a lot easier given the presence of a backdoor-friendly RNG already in place. And I’ve not even discussed the SSH backdoor. [...]
For the past several years, it appears that Juniper NetScreen devices have incorporated a potentially backdoored random number generator, based on the NSA’s Dual_EC_DRBG algorithm. At some point in 2012, the NetScreen code was further subverted by some unknown party, so that the very same backdoor could be used to eavesdrop on NetScreen connections. While this alteration was not authorized by Juniper, it’s important to note that the attacker made no major code changes to the encryption mechanism — they only changed parameters. This means that the systems were potentially vulnerable to other parties, even beforehand. Worse, the nature of this vulnerability is particularly insidious and generally messed up. [....] The end result was a period in which someone — maybe a foreign government — was able to decrypt Juniper traffic in the U.S. and around the world. And all because Juniper had already paved the road. One of the most serious concerns we raise during [anti-law-enforcement-backdoor] meetings is the possibility that encryption backdoors could be subverted. Specifically, that a back door intended for law enforcement could somehow become a backdoor for people who we don’t trust to read our messages. Normally when we talk about this, we’re concerned about failures in storage of things like escrow keys. What this Juniper vulnerability illustrates is that the danger is much broader and more serious than that. The problem with cryptographic backdoors is not that they’re the only way that an attacker can break intro our cryptographic systems. It’s merely that they’re one of the best. They take care of the hard work, the laying of plumbing and electrical wiring, so attackers can simply walk in and change the drapes.(via Tony Finch)
good thread of AWS’ shortcomings — so many services still don’t handle VPC for instance
During the passage of RIPA, and in many debates since 2000, Parliament was asked to consider and require data retention by telephone companies, claiming that the information was vital to fighting crime and terrorism. But Prime Minister Tony Blair and successive Home Secretaries David Blunkett and Jack Straw never revealed to Parliament that at the same time, the government was constantly siphoning up and storing all telephone call records at NTAC. As a result, MPs and peers spent months arguing about a pretence, and in ignorance of the cost and human rights implications of what successive governments were doing in secret.
seriously, AWS. editing JSON files in a browser text box is an awful, awful user experience
A German bank offering a worldwide(?) bank account, using your smartphone (with push notifications etc.) as the main UI
The Limerick Leader quoted other unnamed gardai who said they believed those who had stolen the bikes were selling them to a third party for shipment abroad, most likely to another country in Europe. “It would seem that he has his own network on the Continent and has a lucrative market for the bikes he sends on,” said one of the sources quoted in the report. “Some of the racing bikes would fetch large sums of money on the Continent.” Trucks were seen arriving and departing the house in Castletroy where the find was made. And while it was unclear exactly how gardai were informed of the suspicious activity, when a team of officers went to search the property they found the bikes in the back garden.
“Statistical regression to the mean predicts that patients selected for abnormalcy will, on the average, tend to improve. We argue that most improvements attributed to the placebo effect are actually instances of statistical regression.”
It appears that more mechanically intensive champions are more affected by latency, while tankier champions or those with point-and-click abilities are less affected by latency.(via Nelson)
via Tony Finch. ‘In this post I will demonstrate how to do reservoir sampling orders of magnitude faster than the traditional “naive” reservoir sampling algorithm, using a fast high-fidelity approximation to the reservoir sampling-gap distribution.’
Phillip Rogaway, a professor of CS at UC Davis, contends that computer scientists should stand up against the construction of surveillance states built using their work:
Waddell: In your paper, you compare the debate over nuclear science in the 1950s to the current debate over cryptography. Nuclear weapons are one of the most obvious threats to humanity today — do you think surveillance presents a similar type of danger? Rogaway: I do. It’s of a different nature, obviously. The threat is more indirect and more subtle. So with nuclear warfare, there was this visually compelling and frightening risk of going up in a mushroom cloud. And with the transition to a state of total surveillance, what we have is just the slow forfeiture of democracy.
This is basically terrifying. A catalog of race conditions and reliability horrors around the POSIX filesystem abstraction in Linux — it’s a wonder anything works. ‘Where’s this documented? Oh, in some mailing list post 6-8 years ago (which makes it 12-14 years from today). The fs devs whose posts I’ve read are quite polite compared to LKML’s reputation, and they generously spend a lot of time responding to basic questions, but it’s hard for outsiders to troll [sic] through a decade and a half of mailing list postings to figure out which ones are still valid and which ones have been obsoleted! I don’t mean to pick on filesystem devs. In their OSDI 2014 talk, the authors of the paper we’re discussing noted that when they reported bugs they’d found, developers would often respond “POSIX doesn’t let filesystems do that”, without being able to point to any specific POSIX documentation to support their statement. If you’ve followed Kyle Kingsbury’s Jepsen work, this may sound familiar, except devs respond with “filesystems don’t do that” instead of “networks don’t do that”.I think this is understandable, given how much misinformation is out there. Not being a filesystem dev myself, I’d be a bit surprised if I don’t have at least one bug in this post.’
Interesting performance-related tweak going into Lucene — based on the Bkd-Tree I think: https://users.cs.duke.edu/~pankaj/publications/papers/bkd-sstd.pdf . Being used for all numeric index types, not just multidimensional ones?
Cutting and pasting from Facebook for posterity… there are some really solid tips in here. ‘Some people plan their lives out and then there are people like me who randomly do things and suddenly, in retrospect, it looks like a grand plan has come together. In reality it’s more like my subconscious pulls in useful info and pokes me to go learn things as required. If you live/work in Ireland, the following “grand plan” might be useful. This year has apparently been “figure out how to retire” year. It started late last year with finally organising all my private Irish pensions (2 from employers, 1 personal). In the process I learned the following: * Many Irish pension plans allow you to start drawing down from them at age 50. There are downsides to this, but if you have several of them it allows you more room to avoid stock market downturns when you purchase annuities. * You can get 25% of each pension as a tax-free lump sum. I also learned a few property things. The key thing is that if you have a buy-to-let property you should *not* pay off its mortgage early. You can deduct 75% of the interest you pay against the taxes you’d owe for rental income. That means the interest you pay will essentially be close to or even under the rate of inflation. A residential mortgage might have a lower interest rate nominally, but the effective interest rate is higher. The Irish state pension is changing. If you are 68 after 2020 the rules have changed – and they’re now much simpler. Work for 10 years and you get the minimum state pension (1/3 of a full pension). Work for 20, you get 2/3 of of a state pension. Work for 30, you get a full pension. But you can’t collect it till you’re 68 and remember that Irish employers can apparently force you to “retire” at 65 (ageism is legal). So you need to bridge those 3 years (or hope they change the law to stop employers from doing that). When I “retired” I kept a part time job for a number of reasons, but one was because I suspected I needed more PRSI credits for a pension. And it turns out this was correct. Part-time work counts as long as you make more than €38/week. And self-employment counts as long as you make more than €5,000/year. You can also make voluntary PRSI contributions (around €500/year but very situation dependent). If you’ve worked in Europe or the US or Canada or a few other countries, you can get credits for social welfare payments in those countries. But if you have enough here and you have enough for some pension in the other country, you can draw a pension from both. Lastly most people I’ve talked to about retirement this year have used the analogy of legs on a stool. Every source of post-retirement income is a leg on the stool – the more legs, the more secure your retirement. There are lots of options for legs: * Rental income. This is a little wobbly as legs go at least for me. But if you have more than one rental property – and better yet some commercial rental property – this leg firms up a bit. Still, it’s a bit more work than most. * Savings. This isn’t very tax-efficient, but it can help fill in blank spots some legs have (like rental income or age restrictions) or maximise another legs value (weathering downturns for stock-based legs). And in retirement you can even build savings up. Sell a house, the private pension lump sum, etc. But remember you’re retired, go have fun. Savings won’t do you much good when you’re dead. * Stocks. I’ve cashed all mine in, but some friends have been more restrained in cashing in stocks they might have gotten from employers. This is a volatile leg, but it can pay off rather well if you know what you’re doing. But be honest with yourself. I know I absolutely don’t know what I’m doing on this so stayed away. * Government pension. This is generally a reliable source of income in retirement. It’s usually not a lot, but it does tend to last from retirement to death and it shows up every month. You apply once and then it just shows up each month. If you’ve worked in multiple countries, you can hedge some bets by taking a pension in each country you qualify from. You did pay into them after all. * Private pension. This can also give you a solid source of income but you need to pay into it. And paying in during your 20s and 30s really pays off later. But you need to make your investments less risky as you get into your late 50s – so make sure to start looking at them then. And you need to provide yourself some flexibility for starting to draw it down in order to survive market drops. The crash in 2007 didn’t fully recover until 2012 – that’s 5 years. * Your home. Pay off your mortgage and your home can be a leg. Not having to pay rent/mortgage is a large expense removed and makes the other legs more effective. You can also “sell down” or look into things like reverse mortgages, but the former can take time and has costs while the latter usually seems to have a lot of fine print you should read up on. * Part-time work. I know a number of people who took part-time jobs when they retired. If you can find something that doesn’t take a huge amount of time that you’d enjoy doing and that people will pay you for, fantastic! Do that. And it gets you out of the house and keeping active. For friends who are geeks and in my age cohort, I note that it will be 2037 around the time we hit 65. If you know why that matters, ka-ching!’ Another particularly useful page about the state pension: “Six things every woman needs to know about the State pension”, Irish Times, Dec 1 2015, https://www.irishtimes.com/business/personal-finance/six-things-every-woman-needs-to-know-about-the-state-pension-1.2448981 , which links to this page to get your state pension contribution record: http://www.welfare.ie/en/pages/secure/ RequestSIContributionRecord.aspx
As Glynn Moody noted, if UK police, intelligence agencies, HMRC and others call all legally hack phones and computers, that also means that digital evidence can be easily and invisibly planted. This will undermine future court cases in the UK, which seems like a significant own goal…
3 months ago when we, at nanit.com, came to evaluate which Docker orchestration framework to use, we gave ECS the first priority. We were already familiar with AWS services, and since we already had our whole infrastructure there, it was the default choice. After testing the service for a while we had the feeling it was not mature enough and missing some key features we needed (more on that later), so we went to test another orchestration framework: Kubernetes. We were glad to discover that Kubernetes is far more comprehensive and had almost all the features we required. For us, Kubernetes won ECS on ECS’s home court, which is AWS.
The legendary Jeff “Beachbum” Berry, tiki-cocktail wizard, has partnered with a Brooklyn-based orgeat maker to provide the key ingredient for an original Trader-Vic-style Mai Tai. may be a bit tricky to ship to Ireland though!
Emin Gün Sirer pours cold water on the “Craig Wright is Satoshi Nakamoto” theory
Is the Irish policing system capable of tackling computer crime? A report this week from the Garda Inspectorate makes it clear that the answer is no. There is no Garda cybercrime unit, which is of serious concern given the threat posed by cybercrime to key national infrastructure such as energy, transport and telecommunications systems. [...] A combination of inadequate resources and increased workload have swamped the [Computer Crime Investigation Unit]. Today, almost every crime is a computer crime, in the sense that mobile phones, laptops and even devices such as game consoles are likely to contain evidence. The need to forensically inspect all these devices – using outdated equipment – has resulted in several-year delays and seem to have forced the unit into a position where it is running to stand still rather than responding to new developments.
I keep having to google this, so here’s a good one which works — unlike Wolfram Alpha!
‘At least for Europe it is obvious: All roads lead to Rome! You can reach the eternal city on almost 500.000 routes from all across the continent. Which road would you take? To approach one of the biggest unsolved quests of mobility, the first question we asked ourselves was: Where do you start, when you want to know every road to Rome? We aligned starting points in a 26.503.452 km² grid covering all of Europe. Every cell of this grid contains the starting point to one of our journeys to Rome. Now that we have our 486.713 starting points we need to find out how we could reach Rome as our destination. For this we created a algorithm that calculates one route for every trip. The more often a single street segment is used, the stronger it is drawn on the map. The maps as outcome of this project is somewhere between information visualization and data art, unveiling mobility and a very large scale.’ Beautiful! Decent-sized prints available for 26 euros too.
excellent, extensive list from Cloudflare
good worked-through example of an API Gateway rewriting system
“To identify if someone is travelling outside the EU, we don’t need an EU PNR. This data are already easily available in the airline reservation system,” [Giovanni Buttarelli, the European data protection supervisor] said. EU governments want more information in the belief it will help law enforcement in tracking down terrorists and are demanding access to information, such as travel dates, travel itinerary, ticket information, contact details, baggage information, and payment information of anyone flying in or out of the EU. … EU PNR data would be retained for up to five years
this is more than just data science really — this is proper machine learning, with deep learning and a convolutional neural network. serious business
Baron Schwartz on metrics, percentiles, and aggregation. +1, although as a HN commenter noted, quantile digests are probably the better fix
Spotify wrote their own metrics store on ElasticSearch and Cassandra. Sounds very similar to Prometheus
ELS measures the following things: Success latency and success rate of each machine; Number of outstanding requests between the load balancer and each machine. These are the requests that have been sent out but we haven’t yet received a reply; Fast failures are better than slow failures, so we also measure failure latency for each machine. Since users care a lot about latency, we prefer machines that are expected to answer quicker. ELS therefore converts all the measured metrics into expected latency from the client’s perspective.[...] In short, the formula ensures that slower machines get less traffic and failing machines get much less traffic. Slower and failing machines still get some traffic, because we need to be able to detect when they come back up again.
great research from LMAX: xfs/ext4 are the best choices, and they explain why in detail, referring to the code