fantastic piece of C=64 history — the “Ocean fast loader” by Paul Hughes, which allowed Commodore 64 games to load from tape at 4000 baud, far faster than the built-in system implementation, and with graphics and music at the same time
This, IMO, would be a really good reason to upgrade to the payware version of IDEA – Chronon looks cool.
Chronon is a new revolutionary tool keeping track of running Java programs and recording their execution process for later analysis, which can be helpful when you need to thoroughly retrace your steps when dealing with complicated bugs.
Google paper describing the infrastructure they’ve built for cross-service request tracing (ie. “tracer requests”). Features: low code changes required (since they’ve built it into the internal protobuf libs), low performance impact, sampling, deployment across the ~entire production fleet, output visibility in minutes, and has been live in production for over 2 years. Excellent read
‘a Japanese term that means “mistake-proofing”. A poka-yoke is any mechanism in a lean manufacturing process that helps an equipment operator avoid (yokeru) mistakes (poka). Its purpose is to eliminate product defects by preventing, correcting, or drawing attention to human errors as they occur.’
lovely New Yorker writeup on Tove Jansson, author of those beautiful children’s books
I am very heartened by Minister of State for Research and Innovation Sean Sherlock’s recent announcement of a review of the costs and benefits of Ireland’s membership of international research organisations including CERN. I disagreed with the conclusion of the last review which suggested that costs outweighed the benefits to Ireland. I think it was an extreme oversight not to be a part of the engineering phase of the Collider during the period 1998-2008 – but it’s not too late. CERN will celebrate its 60th anniversary in 2014. There is no public scientific institution its equal in terms of the scale and complexity of problems being analysed and solved. No longer excluding young Irish people from being a part of this, from learning and growing from it, can only help Ireland.Also, spot my name in lights ;)
Mining Arscoins, dogecoins and litecoins — CPU/GPU mining apps and how to run ‘em
‘a fucking nightmare’:
Cascading requires a compilation step, yet since you’re writing Ruby code, you get get none of the benefits of static type checking. It was standard to discover a type issue only after kicking off a job on, oh, 10 EC2 machines, only to have it fail because of a type mismatch. And user code embedded in strings would regularly fail to compile – which you again wouldn’t discover until after your job was running. Each of these were bad individually, together, they were a fucking nightmare. The interaction between the code in strings and the type system was the worst of all possible worlds. No type checking, yet incredibly brittle, finicky and incomprehensible type errors at run time. I will never forget when one of my friends at Etsy was learning Cascading.JRuby and he couldn’t get a type cast to work. I happened to know what would work: a triple cast. You had to cast the value to the type you wanted, not once, not twice, but THREE times.
Attempting to cash out of Bitcoins turns out to be absurdly difficult:
Trying to sell the coins in person, and basically saying he ether wants Cash, or a Cashiers check (since it can be handed over right then and there), has apparently been a hilarious clusterfuck. Today he met some guy infront of his bank, and apparently as soon as he mentioned that he needs to get the cash checked to make sure it is not counterfeit, the guy freaked out and basically walked away. Stuff like this has been happening all week, and he apparently so far has only sold a single coin of several hundred.
Harris is the leading maker of [IMSI catchers aka "stingrays"] in the U.S., and the ACLU has long suspected that the company has been loaning the devices to police departments throughout the state for product testing and promotional purposes. As the court document notes in the 2008 case, “the Tallahassee Police Department is not the owner of the equipment.” The ACLU now suspects these police departments may have all signed non-disclosure agreements with the vendor and used the agreement to avoid disclosing their use of the equipment to courts. “The police seem to have interpreted the agreement to bar them even from revealing their use of Stingrays to judges, who we usually rely on to provide oversight of police investigations,” the ACLU writes.
At the core of the redesign is a Dynamic Scripting Platform which provides us the ability to inject code into a running Java application at any time. This means we can alter the behavior of the application without a full scale deployment. As you can imagine, this powerful capability is useful in many scenarios. The API Server is one use case, and in this post, we describe how we use this platform to support a distributed development model at Netflix.Holy crap.
essentially decoupling the client services from ZK using a local daemon on each client host; very similar to Airbnb’s Smartstack. This is a bit of an indictment of ZK’s usability though
Good post on the ‘FOI costs too much’ talking point.
I realise if you’re a councillor, tea and biscuits sounds much more appealing than transparency and being held accountable and actually having to answer to voters, but those things are what you signed up to when you stood for election.
Good to know:
‘As far as I understand (this was true as of 2013, when I last looked into this issue) there’s at least one Apache ZooKeeper znode per topic in Kafka. While there is no hard limitation in Kafka itself (Kafka is linearly scalable), it does mean that the maximum number of znodes comfortable supported by ZooKeeper (on the order of about ten thousand) is the upper limit of Kafka’s scalability as far as the number of topics goes.’
There are people in my profession who think they can ignore this problem. Some are murmuring that this mess is like MMR, a public misunderstanding to be corrected with better PR. They are wrong: it’s like nuclear power. Medical data, rarefied and condensed, presents huge power to do good, but it also presents huge risks. When leaked, it cannot be unleaked; when lost, public trust will take decades to regain. This breaks my heart. I love big medical datasets, I work on them in my day job, and I can think of a hundred life-saving uses for better ones. But patients’ medical records contain secrets, and we owe them our highest protection. Where we use them – and we have used them, as researchers, for decades without a leak – this must be done safely, accountably, and transparently. New primary legislation, governing who has access to what, must be written: but that’s not enough. We also need vicious penalties for anyone leaking medical records; and HSCIC needs to regain trust, by releasing all documentation on all past releases, urgently. Care.data needs to work: in medicine, data saves lives.
bookmarking as a future reference
Nice bit of marketing from the day job:
The group of gamers responsible for half of all in-game revenue in mobile titles is frightening because it is so narrow, according to a survey by Swrve, an established analytics and app marketing firm. About 0.15 percent of mobile gamers contribute 50 percent of all of the in-app purchases generated in free-to-play games. This means it may even more important than game companies realized in the past to find and retain the users that fall into the category of big spenders, or “whales.” The vast majority of users never spend any money, despite the clever tactics that game publishers have developed to incentivize people to spend money in their favorite games.
‘EAT CELEBRITY MEAT! BiteLabs grows meat from celebrity tissue samples and uses it to make artisanal salami.’ Genius. (via John Looney)
‘A system that proactively detects and avoids bad neighbouring VMs without significantly penalizing node instantiation [in EC2]. With Bobtail, common [datacenter] communication patterns benefit from reductions of up to 40% in 99.9th percentile response times.’ Excellent stuff — another conclusion they come to is that it’s not the network’s fault, it’s the Xen hosts themselves. The EC2 networking team will be happy about that ;)
Charlie Stross on GCHQ’s 1984-esque webcam spying
These problems can be circumvented, but they must be dealt with, publically and soberly, if the NHS really does want to win public confidence. The NHS should approach selling the scheme to the public as if was opt-in, not opt-out, then work to convince us to join it. Tell us how sharing our data can help, but tell us what risk too. Let us decide if that balance is worth it. If it’s found wanting, the NHS must go back to the drawing board and retool the scheme until it is. It’s just too important to get wrong.
“Computer says no”, taken to the next level.
Even if an algorithmic prisoner knows he is in a prison, he may not know who his jailer is. Is he unable to get a loan because of a corrupted file at Experian or Equifax? Or could it be TransUnion? His bank could even have its own algorithms to determine a consumer’s creditworthiness. Just think of the needle-in-a-haystack effort consumers must undertake if they are forced to investigate dozens of consumer-reporting companies, looking for the one that threw them behind algorithmic bars. Now imagine a future that contains hundreds of such companies. A prisoner might not have any idea as to what type of behavior got him sentenced to a jail term. Is he on an enhanced screening list at an airport because of a trip he made to an unstable country, a post on his Facebook page, or a phone call to a friend who has a suspected terrorist friend?
as we all know by now, a misplaced “goto fail” caused a critical, huge security flaw in versions of IOS and OSX SSL, since late 2012. Lessons: 1. unit test the failure cases, particularly for critical security code! 2. use braces. 3. dead-code analysis would have caught this. I’m not buying the “goto considered harmful” line, though, since any kind of control flow structure would have had the same problem.
in a world where Netflix and Yahoo connect directly to residential ISPs, every Internet company will have its own separate pipe. And policing whether different pipes are equally good is a much harder problem than requiring that all of the traffic in a single pipe be treated the same. If it wanted to ensure a level playing field, the FCC would be forced to become intimately involved in interconnection disputes, overseeing who Verizon interconnects with, how fast the connections are and how much they can charge to do it.
nice piece of classic graph design
With Cogent and Verizon fighting, [peering capacity] upgrades are happening at a glacial pace, according to Schaeffer. “Once a port hits about 85 percent throughput, you’re going to begin to start to drop packets,” he said. “Clearly when a port is at 120 or 130 percent [as the Cogent/Verizon ones are] the packet loss is material.” The congestion isn’t only happening at peak times, he said. “These ports are so over-congested that they’re running in this packet dropping state 22, 24 hours a day. Maybe at four in the morning on Tuesday or something there might be a little bit of headroom,” he said.
The 274-page report describes the NHS Hospital Episode Statistics as a “valuable data source in developing pricing assumptions for ‘critical illness’ cover.” It says that by combining hospital data with socio-economic profiles, experts were able to better calculate the likelihood of conditions, with “amazingly” clear forecasts possible for certain diseases, in particular lung cancer. Phil Booth, from privacy campaign group medConfidential, said: “The language in the document is extraordinary; this isn’t about patients, this is about exploiting a market. Of course any commercial organisation will focus on making a profit – the question is why is the NHS prepared to hand this data over?”
‘A Monumental Land Art Installation in the Sahara Desert’, by the D.A.S.T. Arteam in 1997. More correctly, near the Red Sea resort of El Gouna — so possible to visit!
A member of the Harvard community was stripped of his or her access to the University’s research computing facilities last week after setting up a “dogecoin” mining operation using a Harvard research network, according to an internal email circulated by Faculty of Arts and Sciences Research Computing officials.
turn Youtube videos into animated GIFs (via Waxy)
Presentation by Rick Reed of WhatsApp on the large-scale Erlang cluster backing the WhatsApp API, delivered at Erlang Factory SF, March 30 2012. lots of juicy innards here
this is cool. Google are exposing an aggregated ‘all services’ hit count time-series graph, broken down by country, as part of their Transparency Report pages
I want to emphasize that if you use redis as intended (as a slightly-persistent, not-HA cache), it’s great. Unfortunately, more and more shops seem to be thinking that Redis is a full-service database and, as someone who’s had to spend an inordinate amount of time maintaining such a setup, it’s not. If you’re writing software and you’re thinking “hey, it would be easy to just put a SET key value in this code and be done,” please reconsider. There are lots of great products out there that are better for the overwhelming majority of use cases.Ouch. (via Aphyr)
I’m going to need this pretty soon — lots of white spots showing up with the current BenQ :(
‘The firmware updates are encrypted using GPG, which is intended to prevent this issue. Unfortunately, Belkin misuses the GPG asymmetric encryption functionality, forcing it to distribute the firmware-signing key within the WeMo firmware image. Most likely, Belkin intended to use the symmetric encryption with a signature and a shared public key ring. Attackers could leverage the current implementation to easily sign firmware images.’ Using GPG to sign your firmware updates: yay. Accidentally leaving the private key in the distribution: sad trombone.
On-the-fly video transcoding during live streaming. They’ve done a great job of this!
At the beginning of the development of this feature, we entertained the idea to simply pre-transcode all the videos in Dropbox to all possible target devices. Soon enough we realized that this simple approach would be too expensive at our scale, so we decided to build a system that allows us to trigger a transcoding process only upon user request and cache the results for subsequent fetches. This on-demand approach: adapts to heterogeneous devices and network conditions, is relatively cheap (everything is relative at our scale), guarantees low latency startup time.
The case is still ongoing, so one to watch.
Plaintiff wrote an XML parser and made it available as open source software under the GPLv2. Defendant acquired from another vendor software that included the code, and allegedly distributed that software to parties outside the organization. According to plaintiff, defendant did not comply with the conditions of the GPL, so plaintiff sued for copyright infringement. Defendants moved to dismiss for failure to state a claim. The court denied the motion.
“How could targeting an entire website’s user base be necessary or proportionate?” says Gus Hosein, executive director of the London-based human rights group Privacy International. “These are innocent people who are turned into suspects based on their reading habits. Surely becoming a target of a state’s intelligence and security apparatus should require more than a mere click on a link.” The agency’s covert targeting of WikiLeaks, Hosein adds, call into question the entire legal rationale underpinning the state’s system of surveillance. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies,” he says. “But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law.”
“The dog ate my homework, er, I mean, hackers hacked my account.”
Former Mayor of Kildare, Cllr. Michael Nolan, has denied a claim he asked a local campaigner to stop e-mailing him. Cllr. Michael Nolan from Newbridge said his site was hacked and wrong e-mails were sent out to a number of people, including Leixlip based campaigner, John Weigel. Mr. Weigel has been campaigning, along with others, about the danger of electromagnetic radiation to humans and the proximity of communications masts to homes and, in particular schools. He regularly updates local politicians on news items relating to the issue. Recently, he said that he had received an e-mail from Cllr. Nolan asking to be removed from Mr. Weigel’s e-mail list. The Leader asked Cllr. Nolan why he had done this. But the Fine Gael councillors said that “his e-mail account was hacked and on one particular day a number of mails a were sent from my account pertaining to be from me.”
very good, workable tips on how to remote-work effectively (both in the comments of this thread and the original article)
Korean researcher Hwang Woo-suk electrified the science world 10 years ago with his claim that he had created the world’s first cloned human embryos and had extracted stem cells from them. But the work was later found to be fraudulent, and Dr. Hwang was fired from his university and convicted of crimes. Despite all that, Dr. Hwang has just been awarded an American patent covering the disputed work, leaving some scientists dumbfounded and providing fodder to critics who say the Patent Office is too lax. “Shocked, that’s all I can say,” said Shoukhrat Mitalipov, a professor at Oregon Health and Science University who appears to have actually accomplished what Dr. Hwang claims to have done. “I thought somebody was kidding, but I guess they were not.” Jeanne F. Loring, a stem cell scientist at the Scripps Research Institute in San Diego, said her first reaction was “You can’t patent something that doesn’t exist.” But, she said, she later realized that “you can.”
‘Testing applications under slow or flaky network conditions can be difficult and time consuming. Blockade aims to make that easier. A config file defines a number of docker containers and a command line tool makes introducing controlled network problems simple.’ Open-source release from Dell’s Cloud Manager team (ex-Enstratius), inspired by aphyr’s Jepsen. Simulates packet loss using “tc netem”, so no ability to e.g. drop packets on certain flows or certain ports. Still, looks very usable — great stuff.
what US airports are causing the most misery? Looks like that old favourite, storms in ORD, right now…. (via Theo Schlossnagle)
This sounds amazing. I hope it makes it to some kind of “semi-finished”.
A semi-roguelike game inspired by Jorge Borges, Umberto Eco, Neal Stephenson, Shadow of the Colossus, Europa Universalis and Civilization. Although currently in its early stages, URR aims to explore several philosophical and sociological issues that both arose during the sixteenth and seventeenth century (when the game is approximately set), and in the present day, whilst almost being a deep, complex and highly challenging roguelike. To do this the game seeks to generate realistic world histories, though ones containing a few unusual happenings and anomalous experiences. The traditional roguelike staple of combat will be rare and deadly – whilst these mechanics will be modeled in detail, exploration, trade and diplomacy factors will have just as much effort put into them.
It is interesting to note that the fake UK network was the only one detected by Verrimus. However, given that IMSI Catchers operate multiple fake towers simultaneously, it is highly likely that one or more Irish networks were also being intercepted. Very often a misconfiguration, such as an incorrect country code, is the only evidence available of an IMSI Catcher being deployed when forensic tools are not being used to look for one.
An extremely congested local network segment causes the “TCP incast” throughput collapse problem — packet loss occurs, and TCP throughput collapses as a side effect. So far, this is pretty unsurprising, and anyone designing a service needs to keep bandwidth requirements in mind. However it gets worse with Riak. Due to a bug, this becomes a serious issue for all clients: the Erlang network distribution port buffers fill up in turn, and the Riak KV vnode process (in its entirety) will be descheduled and ‘cannot answer any more queries until the A-to-B network link becomes uncongested.’ This is where EC2′s fully-uncontended-1:1-network compute cluster instances come in handy, btw. ;)
The Law Society will attend a meeting of the Oireachtas Health Committee today to outline its strong opposition to the Government proposals to introduce legislation that will require tobacco products to use plain packaging. The society’s director general Ken Murphy will be its principal representative at the meeting today to discuss its submission on the legislation, and to discuss its concerns that a plain packaging regime will undermine registered trade mark, and design, systems and will amount to an “expropriation of brand owners intellectual property rights’. Speaking ahead of the meeting, Mr Murphy told The Irish Times the views contained in it represent those of the Law Society as a whole, and its 10,000 members, and have been endorsed by the society as a whole, rather than the committee. Mr Murphy also said the purpose of the Law Society submission was not to protect the tobacco industry, rather the wider effect and impact such a law would have on intellectual property rights, trade marks, in other areas. “There is a real concern also that plain packaging in the tobacco industry is just the beginning of a trend that will severely undermine intellectual property owners’ rights in other sectors such as alcohol, soft drinks and fast foods.”Judging by some reactions on Twitter, “endorsed by the society as a whole” may be over-egging it a little.
Compare and contrast with the Law Society’s comments:
We believe we are entitled to use our packs to distinguish our products from those of our competitors. Our brands are our intellectual property which we have created and invested in. Plain packaging would deny us the right to use brands. But also, a brand is also an important tool for consumers. As the British Brands Group has stated , plain packaging legislation “ignores the crucial role that branding plays in providing consumers with high quality, consistent products they can trust”. The restriction of valuable corporate brands by any government would risk placing it in breach of legal obligations relating to intellectual property rights and, in most cases, international trade.
Good stuff (as usual) from Ross Anderson and Stephen Murdoch. ‘Today we release a paper on security protocols and evidence which analyses why dispute resolution mechanisms in electronic systems often don’t work very well. On this blog we’ve noted many many problems with EMV (Chip and PIN), as well as other systems from curfew tags to digital tachographs. Time and again we find that electronic systems are truly awful for courts to deal with. Why? The main reason, we observed, is that their dispute resolution aspects were never properly designed, built and tested. The firms that delivered the main production systems assumed, or hoped, that because some audit data were available, lawyers would be able to use them somehow. As you’d expect, all sorts of things go wrong. We derive some principles, and show how these are also violated by new systems ranging from phone banking through overlay payments to Bitcoin. We also propose some enhancements to the EMV protocol which would make it easier to resolve disputes over Chip and PIN transactions.’
IPKat says ‘this morning the Court of Justice of the European Union issued its keenly awaited decision in Case C-466/12 Svensson [...]: The owner of a website may, without the authorisation of the copyright holders, redirect internet users, via hyperlinks, to protected works available on a freely accessible basis on another site. This is so even if the internet users who click on the link have the impression that the work is appearing on the site that contains the link.’ This is potentially big news. Not so much for the torrent-site scenario, but for the NNI/NLI linking-to-newspaper-stories scenario.
Interesting side-effect of using LUKS for full-disk encryption: ‘For every disk read, we were pulling in 3MB of data (RA is sectors, SSZ is sector size, 6144*512=3145728 bytes) into cache. Oops. Not only were we doing tons of extra work, but we were trashing our page cache too. The default for the device-mapper used by LUKS under Ubuntu 12.04LTS is incredibly sub-optimal for database usage, especially our usage of Cassandra (more small random reads vs. large rows). We turned this down to 128 sectors — 64KB.’
Good to see the guys cracking on without me ;) ’2014-02-11: SpamAssassin 3.4.0 has been released adding native support for IPv6, improved DNS Blocklist technology and support for massively-scalable Bayesian filtering using the Redis backend.’
The Cellxion UGX Series 330 is a ‘transportable Dual GSM/Triple UMTS Firewall and Analysis Tool’ — ie. an IMSI catcher in a briefcase, capable of catching IMSI/IMEIs in 3G. It even supports configurable signal strength. Made in the UK
‘an interesting approach to a common problem, that of securely passing secrets around an infrastructure. It uses GPG signed files under the hood and nicely integrates with both version control systems and S3.’ I like this as an approach to securely distributing secrets across a stack of services during deployment. Check in the file of keys, gpg keygen on the server, and add it to the keyfile’s ACL during deployment. To simplify, shared or pre-generated GPG keys could also be used. (via the Devops Weekly newsletter)
A good canonical URL for this piece of coding guidance.
For example, suppose you have $1.03 and you spend 42c. How much money do you have left? System.out.println(1.03 – .42); => prints out 0.6100000000000001.
I can relate to this
‘One case involved Julian Assange’s current home at the Ecuadorian Embassy in London, where visitors were surprised to receive welcome messages from a Ugandan telephone company. It turned out the messages were coming from a foreign base station device installed on the roof, masquerading as a cell tower for surveillance purposes. Appelbaum suspects the GCHQ simply forgot to reformat the device from an earlier Ugandan operation.’via T.J. McIntyre.
More background on IMSI catchers — looking likely to have been the “government-level technology” used to snoop on the Garda Ombudsman’s offices, particularly given the ‘detection of an unexpected UK 3G network near the GSOC offices’:
The technology involved is called cellular interception. The active variety of this, the “IMSI catcher,” is a portable device that masquerades as a mobile phone tower. Any phone within range (a mile for a low-grade IMSI catcher; as much as 100 miles for a passive interception device with a very large antenna, such as those used in India) automatically checks to see if the device is a tower operated by its carrier, and the false “tower” indicates that it is. It then logs the phone’s International Mobile Subscriber Identity number — and begins listening in on its calls, texts and data communications. No assistance from any wireless carrier is needed; the phone has been tricked. [...] “network extender” devices — personal mobile-phone towers — sold by the carriers themselves, often called femtocells, can be turned into IMSI catchers.Via T.J. McIntyre
Mailing list thread from 2011; git starts to keel over if you tag too much
A lot of unsupervised use:
Just under half of children said they access the internet from their own bedroom on a daily basis with 22pc saying they do so several times a day.
a pretty thought-provoking article from Linux Journal on women in computing, and how we’re doing it all wrong
leading Bitcoin exchange “Magic The Gatherine Online Exchange” turns out to suffer from crappy code, surprise:
why does Mt. Gox experience this issue? They run a custom Bitcoin daemon, with a custom implementation of the Bitcoin protocol. Their implementation, against all advice, does rely on the transaction ID, which makes this attack possible. They have actually been warned about it months ago by gmaxwell, and have apparently decided to ignore this warning. In other words, this is not a vulnerability in the Bitcoin protocol, but an implementation error in Mt. Gox’ custom Bitcoin software.The rest of the article is eyeopening, including the MySQL injection vulnerabilities and failure to correctly secure a Prolexic-defended server. https://news.ycombinator.com/item?id=7211286 has some other shocking reports of Bitcoin operators being incompetent, including ‘Bitomat, the incompetent exchange that deleted their own [sole] amazon instance accidentally which contained all their keys, and thus customer funds’. wtfbbq
The side-effects of algorithmic false-positives get worse and worse.
What’s more, he adds, the NSA often locates drone targets by analyzing the activity of a SIM card, rather than the actual content of the calls. Based on his experience, he has come to believe that the drone program amounts to little more than death by unreliable metadata. “People get hung up that there’s a targeted list of people,” he says. “It’s really like we’re targeting a cell phone. We’re not going after people – we’re going after their phones, in the hopes that the person on the other end of that missile is the bad guy.”
‘let’s say that you tweet that you’ve gotten a job offer to move to San Francisco. Using IBM’s linguistic analysis technologies, your bank would analyze your Twitter feed and not only tailor services it could offer you ahead of the move–for example, helping you move your account to another branch, or offering you a loan for a new house — but also judge your psychological profile based upon the tone of your messages about the move, giving advice to your bank’s representatives about the best way to contact you.’Ugh. Here’s hoping they’ve patented this shit so we don’t actually have to suffer through it. Creeeepy. (via Adam Shostack)
This is bananas. Confirmation bias running amok.
Brandon Mayfield was a US Army veteran and an attorney in Portland, OR. After the 2004 Madrid train bombing, his fingerprint was partially matched to one belonging to one of the suspected bombers, but the match was a poor one. But by this point, the FBI was already convinced they had their man, so they rationalized away the non-matching elements of the print, and set in motion a train of events that led to Mayfield being jailed without charge; his home and office burgled by the FBI; his client-attorney privilege violated; his life upended.
On November 9 1965, the Blonskys were granted US Patent 3,216,423, for an Apparatus for Facilitating the Birth of a Child by Centrifugal Force. The drawings, as well as the text, are a revelation. The Patent Office has them online at http://tinyurl.com/jd4ra and I urge you – if you have any shred of curiosity in your body – to look them up. For conceiving what appears to be the greatest labour-saving device ever invented, George and Charlotte Blonsky won the 1999 Ig Nobel Prize in the field of Managed Health Care.This is utterly bananas. (via christ)
In this sense, doge really is the next generation of LOLcat, in terms of a pet-based snapshot of a certain era in internet language. We’ve kept the idea that animals speak like an exaggerated version of an internet-savvy human, but as our definitions of what it means to be a human on the internet have changed, so too have the voices that we give our animals. Wow.
‘(Examples [of big-data B-I crunching pipelines] from Stripe, Tapad, Etsy & Square)’
Some very nice Dygraph-based time-series graphs in here, along with open CSV data. Good job!
This seems to imply they haven’t been investigating any allegations of cyber-bullying/harassment from “anonymous” Twitter handles, despite having the legal standing to do so. Enforcement is needed, not new laws
QuakeNet are not happy about GCHQ’s DDoS attacks against them.
Yesterday we learned … that GCHQ, the British intelligence agency, are performing persistent social and technological attacks against IRC networks. These attacks are performed without informing the networks and are targeted at users associated with politically motivated movements such as “Anonymous”. While QuakeNet does not condone or endorse and actively forbids any illegal activity on its servers we encourage discussion on all topics including political and social commentary. It is apparent now that engaging in such topics with an opinion contrary to that of the intelligence agencies is sufficient to make people a target for monitoring, coercion and denial of access to communications platforms. The … documents depict GCHQ operatives engaging in social engineering of IRC users to entrap themselves by encouraging the target to leak details about their location as well as wholesale attacks on the IRC servers hosting the network. These attacks bring down the IRC network entirely affecting every user on the network as well as the company hosting the server. The collateral damage and numbers of innocent people and companies affected by these forms of attack can be huge and it is highly illegal in many jurisdictions including the UK under the Computer Misuse Act.
Good to know; this generic anti-flap damping algorithm has a name.
A proportional-integral-derivative controller (PID controller) is a generic control loop feedback mechanism (controller) widely used in industrial control systems. A PID controller calculates an “error” value as the difference between a measured process variable and a desired setpoint. The controller attempts to minimize the error by adjusting the process control outputs.
This is a great idea — Neelie Kroes suggesting that there be a certification mark for EU companies who have top-of-the-line data protection practices.
Mikko Hypponen: “This makes British Government the only Western government known to have launched DDoS attacks.”
‘I want to reassure you that RTÉ explored every option available to it, including right of reply. Legal advice was sought and all avenues were explored, including an offer to make a donation to a neutral charity.’ And they folded. Notable lack of testicular fortitude by our national broadcaster.
‘The team’s obfuscator works by transforming a computer program into what Sahai calls a “multilinear jigsaw puzzle.” Each piece of the program gets obfuscated by mixing in random elements that are carefully chosen so that if you run the garbled program in the intended way, the randomness cancels out and the pieces fit together to compute the correct output. But if you try to do anything else with the program, the randomness makes each individual puzzle piece look meaningless. This obfuscation scheme is unbreakable, the team showed, provided that a certain newfangled problem about lattices is as hard to solve as the team thinks it is. Time will tell if this assumption is warranted, but the scheme has already resisted several attempts to crack it, and Sahai, Barak and Garg, together with Yael Tauman Kalai of Microsoft Research New England and Omer Paneth of Boston University, have proved that the most natural types of attacks on the system are guaranteed to fail. And the hard lattice problem, though new, is closely related to a family of hard problems that have stood up to testing and are used in practical encryption schemes.’ (via Tony Finch)
good blog post on Little’s Law, plugging quasar, pulsar, and comsat, 3 new open-source libs offering Erlang-like lightweight threads on the JVM
Avivah Litan, a fraud analyst with Gartner Inc., said that although the current PCI standard does not require organizations to maintain separate networks for payment and non-payment operations (page 7), it does require merchants to incorporate two-factor authentication for remote network access originating from outside the network by personnel and all third parties.Target shared the same network for outside contractor access and the critical POS devices. fail. (via Joe Feise)
Like many companies, the structure of Yahoo’s business is driven by the needs of the business. There are a number of factors which influence decisions about the locations in which the business operates. To encourage more collaboration and innovation, we’re increasing our headcount in Dublin, thus continuing to bring more Yahoos together in fewer locations. Dublin is already the European home to many of the world’s leading global technology brands and has been a home for Yahoo for over a decade already.Via Conor O’Neill
zero-install, one-click video chat, using WebRTC. nifty
The fact that RTÉ had agreed to pay damages (€80,000 in total, according to reports yesterday) to the ‘injured parties’, only came to light in an email from the [far-right Catholic lobby group Iona Institute] to its members last Tuesday. Given the ramifications of the decision to make any kind of payment – regardless of the amount – both for the TV licence payer and those who voice contrarian opinions, the lack of coverage in print media as soon as the Iona email came to light marked a low point for print journalism in Ireland. Aside from a lead story on the damages printed in this paper last Wednesday and ongoing debate online, the media has been glacially slow with commentary and even reportage of the affair. The debacle has untold ramifications for public life in this country. That many liberal commentators may now baulk at the opportunity to speak and write openly and honestly about homophobia is the most obvious issue here. Most worrying of all, however, is the question that with a referendum on the introduction of gay marriage on the horizon, how can we expect the national broadcaster to facilitate even-handed debate on the subject when they’ve already found themselves cowed before reaching the first hurdle?
Rest.li is a REST+JSON framework for building robust, scalable service architectures using dynamic discovery and simple asynchronous APIs. Rest.li fills a niche for building RESTful service architectures at scale, offering a developer workflow for defining data and REST APIs that promotes uniform interfaces, consistent data modeling, type-safety, and compatibility checked API evolution.The new underlying comms layer for Voldemort, it seems.
ELBs support the PROXY protocol
“A data scientist is a statistician who lives in San Francisco” – slide from Monkigras this year. lols
My mate Luke’s doc on the World Series of Poker — now online in full. it’s great.
A documentary about the World Series Of Poker in Las Vegas. Featuring Andrew Black, Donnacha O’Dea, Mike Magee, “Mad” Martyn Wilson, Mark Napolitano, Amarillo Slim, Scotty Nguyen, Dave “Devilfish” Ulliott & Matt Damon. Narrated by John Hurt. Directed by John Butler, Produced by Luke McManus
One wierd trick to get your personal data (in any format) from any random organisation, for only EUR6.35 and up to 40 days wait! Good to know.
Hospitals and doctors’ offices in Ireland will give a person their medical records if they ask for them. Mostly. Eventually. When they get to it. And, sometimes, if you pay them over €100 (for a large file). But, like so much else in the legal world, there is a set of magic words you can incant to place a 40 day deadline on the delivery of your papers and limit the cost to €6.35 — you invoke the Data Protection Acts data access request procedure.
Not content with adding Hystrix (circuit breakers, threadpooling, request time limiting, metrics, etc.) to their entire SOA stack, they’ve made it incredibly configurable by hooking in a web-based configuration UI, allowing dynamic on-the-fly reconfiguration by their ops guys of the circuit breakers and threadpools in production. Mad stuff
Stories of this sort will tumble out to the inquiry over the next 18 months, making it plain that the network of “homes” where children’s happiness had relentlessly, deliberately, systematically been destroyed, this archipelago of Catholic evil, had covered the entire island. These things should be kept in mind when next we hear it said that the social ills of today can be explained by reference to loss of faith in the traditional institutions of moral authority. This is the reverse of the truth and an insult to the victims of an unforgiveable sin.
Protesters for weeks had suspected that the government was using location data from cellphones near the demonstration to pinpoint people for political profiling, and they received alarming confirmation when a court formally ordered a telephone company to hand over such data. [...] Three cellphone companies — Kyivstar, MTS and Life — denied that they had provided the location data to the government or had sent the text messages. Kyivstar suggested that it was instead the work of a “pirate” cellphone tower set up in the area. In a ruling made public on Wednesday, a city court ordered Kyivstar to disclose to the police which cellphones were turned on during an antigovernment protest outside the courthouse on Jan. 10.
Netflix open-source library to make using ZooKeeper from Java less of a PITA. I really wish I’d used this now, having reimplemented some key parts of it after failures in prod ;)
a list of not-so-common outage causes which are easy to overlook; swap rate, NTP drift, SSL expiration, fork rate, etc.
Hot on the heels of Dropbox, AirBnB, Twitter, Facebook and many others, Irish online ticket sales company Tito are amongst the latest in a long series of companies choosing to locate their offices in Ireland. “It just seemed to make sense,” said founder Paul Campbell, talking about the decision making process that led him to set up shop in the capital, Dublin. “Dublin is great. There’s something really familiar about it that I can’t quite put my finger on.”Har har!
Sugru + neodymium magnets = WANT
Paradoxically, it’s possible that the widespread use of digital tools facilitates capabilities in some domains, such as organization, logistics, and publicity, while simultaneously engendering hindrances to [political] movement impacts on other domains, including those related to policy and electoral spheres.
Good description of the “hero coder” organisational antipattern.
Now imagine that most of the team is involved in fire-fighting. New recruits see the older recruits getting praised for their brave work in the line-of-fire and they want that kind of praise and reward too. Before long everyone is focused on putting out fires and it is no ones interest to step back and take on the risks that long-term DevOps-focused goals entail.
a script to perform divide-and-conquer recursive rsync over SSH
nice use of HyperLogLog
Ad company InMobi are using graphite heavily (albeit not as heavily as $work are), ran into the usual scaling issues, and chose to fix it in code by switching from a filesystem full of whisper files to a LevelDB per carbon-cache:
The carbon server is now able to run without breaking a sweat even when 500K metrics per minute is being pumped into it. This has been in production since late August 2013 in every datacenter that we operate from.Very nice. I hope this gets merged/supported.
When a producer from BBC Two’s Newsnight programme tracked Nimmo down after he had sent the abuse, the former call centre worker told him: “The police will do nothing, it’s only Twitter.”
TorMail was a Tor-based webmail system, and apparently its drives have been imaged and seized by the FBI. More info on the Freedom Hosting seizure:
The connection, if any, between the FBI obtaining Freedom Hosting’s data and apparently launching the malware campaign through TorMail and the other sites isn’t spelled out in the new document. The bureau could have had the cooperation of the French hosting company that Marques leased his servers from. Or it might have set up its own Tor hidden services using the private keys obtained from the seizure, which would allow it to adopt the same .onion addresses used by the original sites. The French company also hasn’t been identified. But France’s largest hosting company, OVH, announced on July 29, in the middle of the FBI’s then-secret Freedom Hosting seizure, that it would no longer allow Tor software on its servers. A spokesman for the company says he can’t comment on specific cases, and declined to say whether Freedom Hosting was a customer. “Wherever the data center is located, we conduct our activities in conformity with applicable laws, and as a hosting company, we obey search warrants or disclosure orders,” OVH spokesman Benjamin Bongoat told WIRED. “This is all we can say as we usually don’t make any comments on hot topics.”
An 11 hour outage caused by a false positive in Sky’s anti-phishing filter; all sites using the code.jquery.com CDN for JQuery would have seen errors.
‘PLOS and Mozilla conducted a month-long pilot study in which professional developers performed code reviews on software associated with papers published in PLOS Computational Biology. While the developers felt the reviews were limited by (a) lack of familiarity with the domain and (b) lack of two-way contact with authors, the scientists appreciated the reviews, and both sides were enthusiastic about repeating the experiment. ‘ Actually sounds like it was more successful than this summary implies.
The views expressed by [the Iona Institute] – especially in relation to gay people – are very much at odds with the liberal secular society that Ireland has become. Indeed, Rory O’Neill suggested that the only time he experiences homophobia is online or at the hands of Iona and Waters. When they’re done with that, they can ask why Iona is given so much room in the media. In any other country in the world, an organisation as litigious as Iona would never be asked to participate in anything.
mine’s a Smoky/Spicy/Medicinal, thanks
The cluster we tuned is hosted on AWS and is comprised of 6 hi1.4xlarge EC2 instances, with 2 1TB SSDs raided together in a raid 0 configuration. The cluster’s dataset is growing steadily. At the time of this writing, our dataset is 341GB, up from less than 200GB a few months ago, and is growing by 2-3GB per day. The workload on this cluster is very read heavy, with quorum reads making up 99% of all operations.Some careful GC tuning here. Probably not applicable to anyone else, but good approach in general.
this is definitely one to send a consultation document response to
I’ve seen a lot of hand-wringing from techies in San Francisco and Silicon Valley saying “Why are we so hated?” now that there’s been a more vocal contingent of people being critical of their lack of civic responsibility. Is it true that corruption and NIMBYism have kept affordable housing from being built? Sure. Is it true that members of the tech industry do contribute tax dollars to the city? Absolutely. But does that mean techies have done enough? Nope.
Some basic succinct data structures. [...] The main highlights are: a novel, broadword-based implementation of rank/select queries for up to 264 bits that is highly competitive with known 32-bit implementations on 64-bit architectures (additional space required is 25% for ranking and 12.5%-37.5% for selection); several Java structures using the Elias–Fano representation of monotone sequences for storing pointers, variable-length bit arrays, etc. Java code implementing minimal perfect hashing using around 2.68 bits per element (also using some broadword ideas); a few Java implementations of monotone minimal perfect hashing. Sux is free software distributed under the GNU Lesser General Public License.
Sugar blocks concrete from setting. This I did not know
The government’s opponents said three recent actions had been intended to incite the more radical protesters and sow doubt in the minds of moderates: the passing of laws last week circumscribing the right of public assembly, the blocking of a protest march past the Parliament building on Sunday, and the sending of cellphone messages on Tuesday to people standing in the vicinity of the fighting that said, “Dear subscriber, you are registered as a participant in a mass disturbance.” [....] The phrasing of the message, about participating in a “mass disturbance,” echoed language in a new law making it a crime to participate in a protest deemed violent. The law took effect on Tuesday. And protesters were concerned that the government seemed to be using cutting-edge technology from the advertising industry to pinpoint people for political profiling. Three cellphone companies in Ukraine — Kyivstar, MTS and Life — denied that they had provided the location data to the government or had sent the text messages, the newspaper Ukrainskaya Pravda reported. Kyivstar suggested that it was instead the work of a “pirate” cellphone tower set up in the area.
Staggeringly inept. The UK national porn filter blocks based on a regexp match of the URL against /.*sex.*/i — the good old “Scunthorpe problem”. Better, it returns a 404 response. This is also a good demonstration of how web filtering has unintended side effects, breaking third-party software updates with its false positives.
The update to online strategy game League of Legends was disrupted by the internet filter because the software attempted to access files that accidentally include the word “sex” in the middle of their file names. The block resulted in the update failing with “file not found” errors, which are usually created by missing files or broken updates on the part of the developers.
This article is frequently on target; this secrecy (both around open source and publishing papers) was one of the reasons I left Amazon.
Of the sources with whom we spoke, many indicated that Amazon’s lack of participation was a key reason for why people left the company – or never joined at all. This is why Amazon’s strategy of maintaining secrecy may derail the e-retailer’s future if it struggles to hire the best talent. [...] “In many cases in the big companies and all the small startups, your Github profile is your resume,” explained another former Amazonian. “When I look at developers that’s what I’m looking for, [but] they go to Amazon and that resume stops … It absolutely affects the quality of their hires.” “You had no portfolio you could share with the world,” said another insider on life after working at Amazon. “The argument this was necessary to attract talent and to retain talent completely fell on deaf ears.”
‘That address — which is home to some 2,000 companies on paper — was the subject of a lengthy 2011 Reuters investigation that found that among the entities registered to the address were a shell company controlled by a jailed former Ukraine prime minister; the owner of a company charged with helping online poker operators evade an Internet gambling ban; and one entity that was banned from government contracts after selling counterfeit truck parts to the Pentagon.’
This is a demo of PCE’s classic Macintosh emulation, running System 7.0.1 with MacPaint, MacDraw, and Kid Pix. If you want to try out more apps and games see this demo.Incredible. I remember using this version of MacPaint!
‘Lightweight performance tools’.
Likwid stands for ‘Like I knew what I am doing’. This project contributes easy to use command line tools for Linux to support programmers in developing high performance multi-threaded programs. It contains the following tools: likwid-topology: Show the thread and cache topology likwid-perfctr: Measure hardware performance counters on Intel and AMD processors likwid-features: Show and Toggle hardware prefetch control bits on Intel Core 2 processors likwid-pin: Pin your threaded application without touching your code (supports pthreads, Intel OpenMP and gcc OpenMP) likwid-bench: Benchmarking framework allowing rapid prototyping of threaded assembly kernels likwid-mpirun: Script enabling simple and flexible pinning of MPI and MPI/threaded hybrid applications likwid-perfscope: Frontend for likwid-perfctr timeline mode. Allows live plotting of performance metrics. likwid-powermeter: Tool for accessing RAPL counters and query Turbo mode steps on Intel processor. likwid-memsweeper: Tool to cleanup ccNUMA memory domains.No kernel patching required. (via kellabyte)
Because Backblaze has a history of openness, many readers expected more details in my previous posts. They asked what drive models work best and which last the longest. Given our experience with over 25,000 drives, they asked which ones are good enough that we would buy them again. In this post, I’ll answer those questions.
Scary, but potentially useful in future, so worth bookmarking. By carefully orchestrating memory accesses using volatile and non-volatile fields, one can ensure that a non-volatile, non-synchronized field’s value is safely visible to all threads after that point due to JMM barrier semantics.
What you are looking to do is enforce a barrier between your initializing stores and your publishing store, without that publishing store being made to a volatile field. This can be done by using volatile access to other fields in the publication path, without using those variables in the later access paths to the published object.
The Consumers Association of Ireland had a sudden jump from 300 to 3000 Twitter followers, mostly from Latin and South America — with more followers in Brazil than Ireland. They are now blaming “hacking”: http://www.independent.ie/irish-news/consumers-body-denies-buying-3000-twitter-fans-29931196.html
1. There is NO SUCH THING as “Organic Irish Honey” (due to EU directives making it impossible to certify); 2. In the absence of Organic the best thing you can look for is “Raw Irish honey” (which is of Irish origin, and not heated to very high temperatures, so it retains its antibacterial properties); 3. Blended honeys, or honeys which say EEC/Non EEC are NOT Irish, however they may be packed in Ireland; 4. Look for the NIHBS “Produced by Native Irish Honey Bees” or similar, for confirmation that the honey you are buying is indeed of Irish origin.
The research, conducted among hundreds of Irish companies’ IT managers by the Irish Computer Society, reveals that 51 per cent of Irish firms have suffered a data breach over the last year, a jump on 43 per cent recorded in 2012.Wow, that’s high.
The lucrative whack-a-mole business continues — mostly in response to High Court actions, although Eircom are just helping out. I bet a google for “kickass proxy” doesn’t return anything useful at all, of course….
TF are not happy about Sky blocking their blog.
There can be little doubt that little by little, piece by piece, big corporations and governments are taking chunks out of the free Internet. Today they pretend that the control is in the hands of the people, but along the way they are prepared to mislead and misdirect, even when their errors are pointed out to them. I’m calling on Sky, Symantec, McAfee and other ISPs about to employ filtering to categorize this site correctly as a news site or blog and to please start listening to people’s legitimate complaints about other innocent sites. It serves nobody’s interests to wrongfully block legitimate information.
a small tool for comparing strings and measuring their similarity. The tool supports several common distance and kernel functions for strings as well as some exotic similarity measures. The focus of Harry lies on implicit similarity measures, that is, comparison functions that do not give rise to an explicit vector space. Examples of such similarity measures are the Levenshtein distance and the Jaro-Winkler distance. For comparison Harry loads a set of strings from input, computes the specified similarity measure and writes a matrix of similarity values to output. The similarity measure can be computed based on the granularity of characters as well as words contained in the strings. The configuration of this process, such as the input format, the similarity measure and the output format, are specified in a configuration file and can be additionally refined using command-line options. Harry is implemented using OpenMP, such that the computation time for a set of strings scales linear with the number of available CPU cores. Moreover, efficient implementations of several similarity measures, effective caching of similarity values and low-overhead locking further speedup the computation.via kragen.
A nice node.js app to perform continuous deployment from a GitHub repo via its webhook support, from Matt Sergeant
yummy-looking recipe from Lily at amexicancook.ie
a succinctly-encoded trie — slow to encode, super-compact, but fast to look up
The minister also spoke of a number of new transport initiatives, such as mandatory use of high visibility jackets by cyclists.
a Windows ‘RAM scraper’ trojan known as Trojan.POSRAM, which was used to attack the Windows-based point-of-sales systems which the POS terminals are connected to. part of an operation called Kaptoxa. ‘The code is based on a previous malicious tool known as BlackPOS that is believed to have been developed in 2013 in Russia, though the new variant was highly customized to prevent antivirus programs from detecting it’ … ‘The tool monitors memory address spaces used by specific programs, such as payment application programs like pos.exe and PosW32.exe that process the data embossed in the magnetic strip of credit and debit cards data. The tool grabs the data from memory.’ … ‘The siphoned data is stored on the system, and then every seven hours the malware checks the local time on the compromised system to see if it’s between the hours of 10 a.m. and 5 p.m. If so, it attempts to send the data over a temporary NetBIOS share to an internal host inside the compromised network so the attackers can then extract the data over an FTP … connection.’ http://www.pcworld.com/article/2088920/target-credit-card-data-was-sent-to-server-in-russia.html says the data was then transmitted to another US-based server, and from there relayed to Russia, and notes: ‘At the time of its discovery, Trojan.POSRAM “had a zero percent antivirus detection rate, which means that fully updated antivirus engines on fully patched computers could not identify the software as malicious,” iSight said.’ Massive AV fail.
‘POS malware is becoming increasingly available to cyber criminals’ … ‘there is growing demand for [this kind of malware]‘. Watch your credit cards…
Both Heartland Payment Systems and Hannaford Bros. were in fact certified PCI-compliant while the hackers were in their system. In August 2006, Wal-Mart was also certified PCI-compliant while unknown attackers were lurking on its network. [...] “This PCI standard just ain’t working,” says Litan, the Gartner analyst. “I wouldn’t say it’s completely pointless. Because you can’t say security is a bad thing. But they’re trying to patch a really weak [and] insecure payment system [with it].”Basically, RAM scrapers have been in use in live attacks, sniffing credentials in the clear, since 2007. Ouch.
ISPAI is rather dismayed and somewhat confused by the recent press release issued by Deputy Patrick O’Donovan (FG). He appears to be asking the Oireachtas Communications Committee (of which he is a member) to investigate: “the matter of tougher controls on the use of open source internet browsers and payment systems” which he claims “allow users to remain anonymous for illegal trade of drugs weapons and pornography.” Deputy O’Donovan would do well to ask the advice of industry experts on these matters given that legislating to curtail the use of such legitimate software or services, which may be misused by some, is neither practical nor logical. Whether or not a browser is open source bears no relevance to its ability to be the subject of anonymous use. Indeed, Deputy O’Donovan must surely be confusing and conflating different technical concepts? In tracing illegal activities, Law Enforcement Agencies and co-operating parties will use IP addresses – users’ choice of browser has little relevance to an investigation of criminal activity. Equally, it may be that the Deputy is uncomfortable with the concept of electronic payment systems but these underpin the digital economy which is bringing enormous benefit to Ireland. Yes, these may be misused by criminals but so are cash and traditional banking services. Restricting the growth of innovative financial services is not the solution to tackling cyber criminals who might be operating what he describes as “online supermarkets for illegal goods.” Tackling international cybercrime requires more specialist Law Enforcement resources at national level and improved international police cooperation supported by revision of EU legislation relating to obtaining server log evidence existing in other jurisdictions.
I use it to modify Time Machine’s backup behavior using weighted reservoir sampling. I built Time Warp to preserve important backup snapshots and prevent Time Machine from deleting them.via Aman. Nifty!
Amazing. Massive nanny-stateism of the ‘something must be done’ variety, with a 100% false-alarm hit rate, and it’s now policy.
‘Nominet have made a decision, based on a report by Lord Macdonald QC, that recommends that they check any domain registration that signals sex crime content or is in itself a sex crime. This is screening of domains within 48 hours of registration, and de-registration. The report says that such domains should be reported to the police.’ [....] ‘The report itself states [...] that in 2013 Nominet checked domains for key words used by the IWF, and as a result reported tens of thousands of domains to IWF for checking, all of which were false positives. Not one was, in fact, related to child sex abuse.’
from Ilya Grigorik. nginx version here: http://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte/