Links for 2015-04-24

Posted in Uncategorized | Leave a comment

Links for 2015-04-23

  • attacks using U+202E – RIGHT-TO-LEFT OVERRIDE

    Security implications of in-band signalling strikes again, 43 years after the “Blue Box” hit the mainstream. Jamie McCarthy on Twitter: “.@cmdrtaco – Remember when we had to block the U+202E code point in Slashdot comments to stop siht ekil stnemmoc?” See also — GMail was vulnerable too; and for more inline control chars. has some official recommendations from the Unicode consortium on dealing with bidi override chars.

    (tags: security attacks rlo unicode control-characters codepoints bidi text gmail slashdot sanitization input)

  • Meet the e-voting machine so easy to hack, it will take your breath away | Ars Technica

    The AVS WinVote system — mind-bogglingly shitty security.

    If an election was held using the AVS WinVote, and it wasn’t hacked, it was only because no one tried. The vulnerabilities were so severe, and so trivial to exploit, that anyone with even a modicum of training could have succeeded. They didn’t need to be in the polling place—within a few hundred feet (e.g., in the parking lot) is easy, and within a half mile with a rudimentary antenna built using a Pringles can. Further, there are no logs or other records that would indicate if such a thing ever happened, so if an election was hacked any time in the past, we will never know. I’ve been in the security field for 30 years, and it takes a lot to surprise me. But the VITA report really shocked me—as bad as I thought the problems were likely to be, VITA’s five-page report showed that they were far worse. And the WinVote system was so fragile that it hardly took any effort. While the report does not state how much effort went into the investigation, my estimation based on the description is that it was less than a person week.

    (tags: security voting via:johnke winvote avs shoup wep wifi windows)

Posted in Uncategorized | Leave a comment

Links for 2015-04-22

  • ‘Continuous Deployment: The Dirty Details’

    Good slide deck from Etsy’s Mike Brittain regarding their CD setup. Some interesting little-known details: Slide 41: database schema changes are not CD’d — they go out on “Schema change Thursdays”. Slide 44: only the webapp is CD’d — PHP, Apache, memcache components (, support and back-office tools, developer API, gearman async worker queues). The external “services” are not — databases, Solr/JVM search (rolling restarts), photo storage (filters, proxy cache, S3), payments (PCI-DSS, controlled access). They avoid schema changes and breaking changes using an approach they call “non-breaking expansions” — expose new version in a service interface; support multiple versions in the consumer. Example from slides 50-63, based around a database schema migration. Slide 66: “dev flags” (rollout oriented) are promoted to “feature flags” (long lived degradation control). Slide 71: some architectural philosophies: deploying is cheap; releasing is cheap; gathering data should be cheap too; treat first iterations as experiments. Slide 102: “Canary pools”. They have multiple pools of users for testing in production — the staff pool, users who have opted in to see prototypes/beta stuff, 0-100% gradual phased rollout.

    (tags: cd deploy etsy slides migrations database schema ops ci version-control feature-flags)

  • Etsy’s Release Management process

    Good info on how Etsy use their Deployinator tool, end-to-end. Slide 11: git SHA is visible for each env, allowing easy verification of what code is deployed. Slide 14: Code is deployed to “princess” staging env while CI tests are running; no need to wait for unit/CI tests to complete. Slide 23: smoke tests of pre-prod “princess” (complete after 8 mins elapsed). Slide 31: dashboard link for deployed code is posted during deploy; post-release prod smoke tests are run by Jenkins. (short ones! they complete in 42 seconds)

    (tags: deployment etsy deploy deployinator princess staging ops testing devops smoke-tests production jenkins)

  • Makerbot’s Saddest Hour | TechCrunch

    I’ve been speaking to a few people [at Makerbot] who prefer to remain anonymous and most of my contacts there are gone (the head of PR was apparently fired) and don’t want to talk. But the new from inside is troubling. The mass-layoffs are blamed on low revenue and one former employee wrote “Company was failing. Couldn’t pay vendors, had to downsize.” Do I think Makerbot will sink? At this point I don’t know.

    (tags: makerbot 3d-printing startups downsizing layoffs ouch)

  • credstash

    ‘CredStash is a very simple, easy to use credential management and distribution system that uses AWS Key Management System (KMS) for key wrapping and master-key storage, and DynamoDB for credential storage and sharing.’

    (tags: aws credstash python security keys key-management secrets kms)

  • distributed scalability systems coding server-side erlang devops networking reliability)

Posted in Uncategorized | 1 Response

Links for 2015-04-21

Posted in Uncategorized | Leave a comment

Links for 2015-04-20

  • FBI admits flaws in hair analysis over decades

    Wow, this is staggering.

    The Justice Department and FBI have formally acknowledged that nearly every examiner in an elite FBI forensic unit gave flawed testimony in almost all trials in which they offered evidence against criminal defendants over more than a two-decade period before 2000. [....] The review confirmed that FBI experts systematically testified to the near-certainty of “matches” of crime-scene hairs to defendants, backing their claims by citing incomplete or misleading statistics drawn from their case work. In reality, there is no accepted research on how often hair from different people may appear the same. Since 2000, the lab has used visual hair comparison to rule out someone as a possible source of hair or in combination with more accurate DNA testing. Warnings about the problem have been mounting. In 2002, the FBI reported that its own DNA testing found that examiners reported false hair matches more than 11 percent of the time.

    (tags: fbi false-positives hair dna biometrics trials justice experts crime forensics inaccuracy csi)

  • The missing MtGox bitcoins

    Most or all of the missing bitcoins were stolen straight out of the MtGox hot wallet over time, beginning in late 2011. As a result, MtGox operated at fractional reserve for years (knowingly or not), and was practically depleted of bitcoins by 2013. A significant number of stolen bitcoins were deposited onto various exchanges, including MtGox itself, and probably sold for cash (which at the bitcoin prices of the day would have been substantially less than the hundreds of millions of dollars they were worth at the time of MtGox’s collapse). MtGox’ bitcoins continuously went missing over time, but at a decreasing pace. Again by the middle of 2013, the curve goes more or less flat, matching the hypothesis that by that time there may not have been any more bitcoins left to lose. The rate of loss otherwise seems unusually smooth and at the same time not strictly relative to any readily available factors such as remaining BTC holdings, transaction volumes or the BTC price. Worth pointing out is that, thanks to having matched up most of the deposit/withdrawal log earlier, we can at this point at least rule out the possibility of any large-scale fake deposits — the bitcoins going into MtGox were real, meaning the discrepancy was likely rather caused by bitcoins leaving MtGox without going through valid withdrawals.

    (tags: mtgox bitcoin security fail currency theft crime btc)

  • Bank of the Underworld – The Atlantic

    Prosecutors analyzed approximately 500 of Liberty Reserve’s biggest accounts, which constituted 44 percent of its business. The government contends that 32 of these accounts were connected to the sale of stolen credit cards and 117 were used by Ponzi-scheme operators. All of this activity flourished, prosecutors said, because Liberty Reserve made no real effort to monitor its users for criminal behavior. What’s more, records showed that one of the company’s top tech experts, Mark Marmilev, who was also arrested, appeared to have promoted Liberty Reserve in chat rooms devoted to Ponzi schemes.
    (via Nelson)

    (tags: scams fraud crime currency the-atlantic liberty-reserve ponzi-schemes costa-rica arthur-budovsky banking anonymity cryptocurrency money-laundering carding)

  • I was a Lampedusa refugee. Here’s my story of fleeing Libya – and surviving

    ‘The boy next to me fell to the floor and for a moment I didn’t know if he had fainted or was dead – then I saw that he was covering his eyes so he didn’t have to see the waves any more. A pregnant woman vomited and started screaming. Below deck, people were shouting that they couldn’t breathe, so the men in charge of the boat went down and started beating them. By the time we saw a rescue helicopter, two days after our boat had left Libya with 250 passengers on board, some people were already dead – flung into the sea by the waves, or suffocated downstairs in the dark.’

    (tags: lampedusa migration asylum europe fortress-europe italy politics immigration libya refugees)

  • Run your own high-end cloud gaming service on EC2

    Using Steam streaming and EC2 g2.2xlarge spot instances — ‘comes out to around $0.52/hr’. That’s pretty compelling IMO

    (tags: aws ec2 gaming games graphics spot-instances hacks windows steam)

  • Running Arbitrary Executables in AWS Lambda

    actually an officially-supported mode. huh

    (tags: lambda aws architecture ops node.js javascript unix linux)

Posted in Uncategorized | Leave a comment

Links for 2015-04-18

Posted in Uncategorized | Leave a comment

Links for 2015-04-17

Posted in Uncategorized | Leave a comment

Links for 2015-04-16

  • Extracting Structured Data From Recipes Using Conditional Random Fields

    nice probabilistic/ML approach to recipe parsing

    (tags: nytimes recipes parsing text nlp machine-learning probabilistic crf++ algorithms feature-extraction)

  • Large-scale cluster management at Google with Borg

    Google’s Borg system is a cluster manager that runs hundreds of thousands of jobs, from many thousands of different applications, across a number of clusters each with up to tens of thousands of machines. It achieves high utilization by combining admission control, efficient task-packing, over-commitment, and machine sharing with process-level performance isolation. It supports high-availability applications with runtime features that minimize fault-recovery time, and scheduling policies that reduce the probability of correlated failures. Borg simplifies life for its users by offering a declarative job specification language, name service integration, real-time job monitoring, and tools to analyze and simulate system behavior. We present a summary of the Borg system architecture and features, important design decisions, a quantitative analysis of some of its policy decisions, and a qualitative examination of lessons learned from a decade of operational experience with it.
    (via Conall)

    (tags: via:conall clustering google papers scale to-read borg cluster-management deployment packing reliability redundancy)

  • Keeping Your Car Safe From Electronic Thieves –

    In a normal scenario, when you walk up to a car with a keyless entry and try the door handle, the car wirelessly calls out for your key so you don’t have to press any buttons to get inside. If the key calls back, the door unlocks. But the keyless system is capable of searching for a key only within a couple of feet. Mr. Danev said that when the teenage girl turned on her device, it amplified the distance that the car can search, which then allowed my car to talk to my key, which happened to be sitting about 50 feet away, on the kitchen counter. And just like that, open sesame.
    What the hell — who designed a system that would auto-unlock based on signal strength alone?!!

    (tags: security fail cars keys signal proximity keyless-entry prius toyota crime amplification power-amplifiers 3db keyless)

  • Closed access means people die

    ‘We’ve paid 100 BILLION USD over the last 10 years to “publish” science and medicine. Ebola is a massive systems failure.’ See also : ‘The conventional wisdom among public health authorities is that the Ebola virus, which killed at least 10,000 people in Liberia, Sierra Leone and Guinea, was a new phenomenon, not seen in West Africa before 2013. [...] But, as the team discovered, that “conventional wisdom” was wrong. In fact, they found a bunch of studies, buried behind research paywalls, that revealed that there was significant evidence of antibodies to the Ebola virus in Liberia and in other nearby nations. There was one from 1982 that noted: “medical personnel in Liberian health centers should be aware of the possibility that they may come across active cases and thus be prepared to avoid nosocomial epidemics.”

    (tags: deaths liberia ebola open-access papers elsevier science medicine reprints)

  • Making Pinterest — Learn to stop using shiny new things and love MySQL

    ‘The third reason people go for shiny is because older tech isn’t advertised as aggressively as newer tech. The younger companies needs to differentiate from the old guard and be bolder, more passionate and promise to fulfill your wildest dreams. But most new tech sales pitches aren’t generally forthright about their many failure modes. In our early days, we fell into this third trap. We had a lot of growing pains as we scaled the architecture. The most vocal and excited database companies kept coming to us saying they’d solve all of our scalability problems. But nobody told us of the virtues of MySQL, probably because MySQL just works, and people know about it.’ It’s true! — I’m still a happy MySQL user for some use cases, particularly read-mostly relational configuration data…

    (tags: mysql storage databases reliability pinterest architecture)

  • Microservices and elastic resource pools with Amazon EC2 Container Service

    interesting approach to working around ECS’ shortcomings — bit specific to Hailo’s microservices arch and IPC mechanism though. aside: I like their version numbering scheme: ISO-8601, YYYYMMDDHHMMSS. keep it simple!

    (tags: versioning microservices hailo aws ec2 ecs docker containers scheduling allocation deployment provisioning qos)

  • Please Kill Me (Eventually) | Motherboard

    There is much that the wise application of technology can do to help us ease off this mortal coil, instead of tormenting ourselves at the natural end of life in a futile, undignified and excruciating attempt to keep it somehow duct-taped on. Train more people in geriatrics, for example. Learn new ways to make life safe, healthy, fun and interesting for the old. Think like a community, a brotherhood, not like atomized competing individuals a few of whom can somehow “beat the system” of the universe. Maybe it is better to examine clearly what we are with a view to understanding and acceptance than it is to try to escape what perhaps should be our inevitable ending.

    (tags: death mortality cryogenics alcor geriatrics life singularity mind-uploading ray-kurzweil)

  • CGA in 1024 Colors – a New Mode: the Illustrated Guide

    awesome hackery. brings me back to my C=64 demo days

    (tags: pc cga graphics hacks art 1024-colours)

Posted in Uncategorized | Leave a comment

Links for 2015-04-15

  • Keywhiz

    ‘a secret management and distribution service [from Square] that is now available for everyone. Keywhiz helps us with infrastructure secrets, including TLS certificates and keys, GPG keyrings, symmetric keys, database credentials, API tokens, and SSH keys for external services — and even some non-secrets like TLS trust stores. Automation with Keywhiz allows us to seamlessly distribute and generate the necessary secrets for our services, which provides a consistent and secure environment, and ultimately helps us ship faster. [...] Keywhiz has been extremely useful to Square. It’s supported both widespread internal use of cryptography and a dynamic microservice architecture. Initially, Keywhiz use decoupled many amalgamations of configuration from secret content, which made secrets more secure and configuration more accessible. Over time, improvements have led to engineers not even realizing Keywhiz is there. It just works. Please check it out.’

    (tags: square security ops keys pki key-distribution key-rotation fuse linux deployment secrets keywhiz)

Posted in Uncategorized | Leave a comment

Links for 2015-04-14

Posted in Uncategorized | Leave a comment

Links for 2015-04-13

  • Amazon Machine Learning

    Upsides of this new AWS service: * great UI and visualisations. * solid choice of metric to evaluate the results. Maybe things moved on since I was working on it, but the use of AUC, false positives and false negatives was pretty new when I was working on it. (er, 10 years ago!) Downsides: * it could do with more support for unsupervised learning algorithms. Supervised learning means you need to provide training data, which in itself can be hard work. My experience with logistic regression in the past is that it requires very accurate training data, too — its tolerance for misclassified training examples is poor. * Also, in my experience, 80% of the hard work of using ML algorithms is writing good tokenisation and feature extraction algorithms. I don’t see any help for that here unfortunately. (probably not that surprising as it requires really detailed knowledge of the input data to know what classes can be abbreviated into a single class, etc.)

    (tags: amazon aws ml machine-learning auc data-science)

  • Rob Pike’s 5 rules of optimization

    these are great. I’ve run into rule #3 (“fancy algorithms are slow when n is small, and n is usually small”) several times…

    (tags: twitter rob-pike via:igrigorik coding rules laws optimization performance algorithms data-structures aphorisms)

  • AWS Lambda Event-Driven Architecture With Amazon SNS

    Any message posted to an SNS topic can trigger the execution of custom code you have written, but you don’t have to maintain any infrastructure to keep that code available to listen for those events and you don’t have to pay for any infrastructure when the code is not being run. This is, in my opinion, the first time that Amazon can truly say that AWS Lambda is event-driven, as we now have a central, independent, event management system (SNS) where any authorized entity can trigger the event (post a message to a topic) and any authorized AWS Lambda function can listen for the event, and neither has to know about the other.

    (tags: aws ec2 lambda sns events cep event-processing coding cloud hacks eric-hammond)

  • Texting at the wheel kills more US teenagers every year than drink-driving

    Texting while behind the wheel has overtaken drink driving as the biggest cause of death among teenagers in America. More than 3,000 teenagers are killed every year in car crashes caused by texting while driving compared to 2,700 from drink driving. The study by Cohen Children’s Medical Center also discovered that 50 per cent of students admit to texting while driving.

    (tags: texting sms us driving car-safety safety drink-driving)

  • China’s Great Cannon

    Conducting such a widespread attack clearly demonstrates the weaponization of the Chinese Internet to co-opt arbitrary computers across the web and outside of China to achieve China’s policy ends.  The repurposing of the devices of unwitting users in foreign jurisdictions for covert attacks in the interests of one country’s national priorities is a dangerous precedent — contrary to international norms and in violation of widespread domestic laws prohibiting the unauthorized use of computing and networked systems.

    (tags: censorship ddos internet security china great-cannon citizen-lab reports web)

  • Sirius: An open end-to-end voice and vision personal assistant and its implications for future warehouse scale computers

    How to build an Intelligent Personal Assistant: ‘Sirius is an open end-to-end standalone speech and vision based intelligent personal assistant (IPA) similar to Apple’s Siri, Google’s Google Now, Microsoft’s Cortana, and Amazon’s Echo. Sirius implements the core functionalities of an IPA including speech recognition, image matching, natural language processing and a question-and-answer system. Sirius is developed by Clarity Lab at the University of Michigan. Sirius is published at the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2015.’

    (tags: sirius siri cortana google-now echo ok-google ipa assistants search video audio speech papers clarity nlp wikipedia)

  • Why We Will Not Be Registering easyDNS.SUCKS –

    If you’re not immersed in the naming business you may find the jargon in it hard to understand. The basic upshot is this: the IPC believes that the mechanisms that were enacted to protect trademark holders during the deluge of new TLD rollouts are being gamed by the .SUCKS TLD operator to extort inflated fees from trademark holders.
    (via Nelson)

    (tags: shakedown business internet domains dns easydns dot-sucks scams tlds trademarks ip)

Posted in Uncategorized | Leave a comment

Links for 2015-04-12

Posted in Uncategorized | Leave a comment

Links for 2015-04-11

Posted in Uncategorized | Leave a comment

Links for 2015-04-10

  • Hacked French network exposed its own passwords during TV interview


    (tags: passwords post-its fail tv5monde authentication security tv funny)

  • RADStack – an open source Lambda Architecture built on Druid, Kafka and Samza

    ‘In this paper we presented the RADStack, a collection of complementary technologies that can be used together to power interactive analytic applications. The key pieces of the stack are Kafka, Samza, Hadoop, and Druid. Druid is designed for exploratory analytics and is optimized for low latency data exploration, aggregation, and ingestion, and is well suited for OLAP workflows. Samza and Hadoop complement Druid and add data processing functionality, and Kafka enables high throughput event delivery.’

    (tags: druid samza kafka streaming cep lambda-architecture architecture hadoop big-data olap)

  • outbrain/gruffalo

    an asynchronous Netty based graphite proxy. It protects Graphite from the herds of clients by minimizing context switches and interrupts; by batching and aggregating metrics. Gruffalo also allows you to replicate metrics between Graphite installations for DR scenarios, for example. Gruffalo can easily handle a massive amount of traffic, and thus increase your metrics delivery system availability. At Outbrain, we currently handle over 1700 concurrent connections, and over 2M metrics per minute per instance.

    (tags: graphite backpressure metrics outbrain netty proxies gruffalo ops)

  • Privacy Security Talk in TOG – 22nd April @ 7pm – FREE

    Dublin is lucky enough to have great speakers pass through town on occasion and on Wednesday the 22nd April 2015, Runa A. Sandvik (@runasand) and Per Thorsheim (@thorsheim) have kindly offered to speak in TOG from 7pm. The format for the evening is a general meet and greet, but both speakers have offered to give a presentation on a topic of their choice. Anyone one interested in privacy, security, journalism, Tor and/or has previously attended a CryptoParty would be wise to attend. Doors are from 7pm and bring any projects with you you would like to share with other attendees. This is a free event, open to the public and no need to book. See you Wednesday. Runa A. Sandvik is an independent privacy and security researcher, working at the intersection of technology, law and policy. She contributes to The Tor Project, writes for Forbes, and is a technical advisor to both the Freedom of the Press Foundation and the TrueCrypt Audit project. Per Thorsheim as founder/organizer of, his topic of choice is of course passwords, but in a much bigger context than most people imagine. Passwords, pins, biometrics, 2-factor authentication, security/usability and all the way into surveillance and protecting your health, kids and life itself.

    (tags: privacy security runa-sandvik per-thorsheim passwords tor truecrypt tog via:oisin events dublin)

Posted in Uncategorized | Comments closed

Links for 2015-04-09

Posted in Uncategorized | Comments closed

Links for 2015-04-08

Posted in Uncategorized | Comments closed

Links for 2015-04-07

Posted in Uncategorized | Comments closed

Links for 2015-04-06

Posted in Uncategorized | Comments closed

Links for 2015-04-04

Posted in Uncategorized | Comments closed

Links for 2015-04-03

  • Twitter’s new anti-harassment filter

    Twitter is calling it a “quality filter,” and it’s been rolling out to verified users running Twitter’s iOS app since last week. It appears to work much like a spam filter, except instead of hiding bots and copy-paste marketers, it screens “threats, offensive language, [and] duplicate content” out of your notifications feed.
    via Nelson

    (tags: via:nelson harassment spam twitter gamergame abuse ml)

  • 5% of Google visitors have ad-injecting malware installed

    Ad injectors were detected on all operating systems (Mac and Windows), and web browsers (Chrome, Firefox, IE) that were included in our test. More than 5% of people visiting Google sites have at least one ad injector installed. Within that group, half have at least two injectors installed and nearly one-third have at least four installed.
    via Nelson.

    (tags: via:nelson ads google chrome ad-injectors malware scummy)

  • On Ruby

    The horrors of monkey-patching:

    I call out the Honeybadger gem specifically because was the most recent time I’d been bit by a seemingly good thing promoted in the community: monkey patching third party code. Now I don’t fault Honeybadger for making their product this way. It provides their customers with direct business value: “just require ‘honeybadger’ and you’re done!” I don’t agree with this sort of practice. [....] I distrust everything [in Ruby] but a small set of libraries I’ve personally vetted or are authored by people I respect. Why is this important? Without a certain level of scrutiny you will introduce odd and hard to reproduce bugs. This is especially important because Ruby offers you absolutely zero guarantee whatever the state your program is when a given method is dispatched. Constants are not constants. Methods can be redefined at run time. Someone could have written a time sensitive monkey patch to randomly undefined methods from anything in ObjectSpace because they can. This example is so horribly bad that no one should every do, but the programming language allows this. Much worse, this code be arbitrarily inject by some transitive dependency (do you even know what yours are?).

    (tags: ruby monkey-patching coding reliability bugs dependencies libraries honeybadger sinatra)

Posted in Uncategorized | Comments closed

Links for 2015-04-02

Posted in Uncategorized | Comments closed

Links for 2015-04-01

Posted in Uncategorized | Comments closed

Links for 2015-03-31

Posted in Uncategorized | Comments closed

Links for 2015-03-30

Posted in Uncategorized | Comments closed

Links for 2015-03-28

Posted in Uncategorized | Comments closed

Links for 2015-03-27

Posted in Uncategorized | Comments closed

Links for 2015-03-26

Posted in Uncategorized | Comments closed

Links for 2015-03-25

Posted in Uncategorized | Comments closed

Links for 2015-03-24

Posted in Uncategorized | Comments closed

Links for 2015-03-23

Posted in Uncategorized | Comments closed

Links for 2015-03-22

Posted in Uncategorized | Comments closed

Links for 2015-03-20

Posted in Uncategorized | Comments closed

Links for 2015-03-19

  • Stairs to nowhere, trap streets, and other Toronto oddities

    ‘There’s a set of stairs on Greenwood Avenue that lead nowhere. At the top, a wooden fence at the end of someone’s back yard blocks any further movement, forcing the climber to turn around and descend back to the street. What’s remarkable about the pointless Greenwood stairs, which were built in 1959 as a shortcut to a now-demolished brickyard, is that someone still routinely maintains them: in winter, some kindly soul deposits a scattering of salt lest one of the stairs’ phantom users slip; in summer someone comes with a broom to sweep away leaves. These urban leftovers are lovingly called “Thomassons” after Gary Thomasson, a former slugger for the San Francisco Giants, Oakland As, Yankees, Dodgers, and, most fatefully, the Yomiuri Giants in Tokyo.’

    (tags: trap-streets maps ip google via:bldgblog mapping copyright thomassons orphaned-roads)

Posted in Uncategorized | Comments closed

Links for 2015-03-18

  • President’s message gets lost in (automated) translation

    In a series of bizarre translations, YouTube’s automated translation service took artistic licence with the [President's] words of warmth. When the head of state sent St Patrick’s Day greetings to viewers, the video sharing site said US comedian Tina Fey was being “particular with me head”. As President Higgins spoke of his admiration for Irish emigrants starting new communities abroad, YouTube said the President referenced blackjack and how he “just couldn’t put the new iPhone” down. And, in perhaps the most unusual moment, as he talked of people whose hearts have sympathy, the President “explained” he was once on a show “that will bar a gift card”.
    (via Daragh O’Brien)

    (tags: lol president ireland michael-d-higgins automation translation machine-learning via:daraghobrien funny blackjack iphone tina-fey st-patrick fail)

  • Irish government under fire for turning its back on basic research : Nature News & Comment

    Pretty much ALL of Ireland’s research scientists have put their names to an open letter to the Irish government, decrying the state of science funding, published this week in “Nature”. ‘Although total spending on research and development grew through the recession, helped by foreign investments, Ireland’s government has cut state spending on research (see ‘Celtic tiger tamed’). It also prioritized grants in 14 narrow areas — ones in which either large global markets exist, or in which Irish companies are competitive. These include marine renewable energy, smart grids, medical devices and computing. The effect has been to asphyxiate the many areas of fundamental science — including astrophysics, particle physics and areas of the life sciences — that have been deprived of funding, several researchers in Ireland told Nature. “The current policies are having a very significant detrimental effect on the health and viability of the Irish scientific ecosystem,” says Kevin Mitchell, a geneticist who studies the basis of neurological disorders at Trinity College Dublin. “Research that cannot be shoehorned into one of the 14 prioritized areas has been ineligible for most funding,” he says.’ That’s another fine mess Sean Sherlock has gotten us into :(

    (tags: sean-sherlock fail ireland research government funding grants science tcd kevin-mitchell life-sciences nature)

  • Mars One finalist Dr. Joseph Roche rips into the project

    So, here are the facts as we understand them: Mars One has almost no money. Mars One has no contracts with private aerospace suppliers who are building technology for future deep-space missions. Mars One has no TV production partner. Mars One has no publicly known investment partnerships with major brands. Mars One has no plans for a training facility where its candidates would prepare themselves. Mars One’s candidates have been vetted by a single person, in a 10-minute Skype interview. “My nightmare about it is that people continue to support it and give it money and attention, and it then gets to the point where it inevitably falls on its face,” said Roche. If, as a result, “people lose faith in NASA and possibly even in scientists, then that’s the polar opposite of what I’m about. If I was somehow linked to something that could do damage to the public perception of science, that is my nightmare scenario.”

    (tags: science space mars-one tcd joseph-roche nasa mars exploration scams)

Posted in Uncategorized | Comments closed

Links for 2015-03-17

Posted in Uncategorized | Comments closed

Links for 2015-03-13

  • demonstration of the importance of server-side request timeouts

    from MongoDB, but similar issues often apply in many other TCP/HTTP-based systems

    (tags: tcp http requests timeout mongodb reliability safety)

  • Heka

    an open source stream processing software system developed by Mozilla. Heka is a “Swiss Army Knife” type tool for data processing, useful for a wide variety of different tasks, such as: Loading and parsing log files from a file system. Accepting statsd type metrics data for aggregation and forwarding to upstream time series data stores such as graphite or InfluxDB. Launching external processes to gather operational data from the local system. Performing real time analysis, graphing, and anomaly detection on any data flowing through the Heka pipeline. Shipping data from one location to another via the use of an external transport (such as AMQP) or directly (via TCP). Delivering processed data to one or more persistent data stores.
    Via feylya on twitter. Looks potentially nifty

    (tags: heka mozilla monitoring metrics via:feylya ops statsd graphite stream-processing)

Posted in Uncategorized | Comments closed

Links for 2015-03-12

Posted in Uncategorized | Comments closed

Links for 2015-03-11

Posted in Uncategorized | Comments closed

Links for 2015-03-10

  • Epsilon Interactive breach the Fukushima of the Email Industry (CAUCE)

    Upon gaining access to an ESP, the criminals then steal subscriber data (PII such as names, addresses, telephone numbers and email addresses, and in one case, Vehicle Identification Numbers). They then use ESPs’ mailing facility to send spam; to monetize their illicit acquisition, the criminals have spammed ads for fake Adobe Acrobat and Skype software. On March 30, the Epsilon Interactive division of Alliance Data Marketing (ADS on NASDAQ) suffered a massive breach that upped the ante, substantially.  Email lists of at least eight financial institutions were stolen.  Thus far, puzzlingly, Epsilon has refused to release the names  of compromised clients. [...] The obvious issue at hand is the ability of the thieves to now undertake targeted spear-phishing problem as critically serious as it could possibly be.

    (tags: cauce epsilon-interactive esp email pii data-protection spear-phishing phishing identity-theft security ads)

  • In Ukraine, Tomorrow’s Drone War Is Alive Today

    Drones, hackerspaces and crowdfunding:

    The most sophisticated UAV that has come out of the Ukrainian side since the start of the conflict is called the PD-1 from developer Igor Korolenko. It has a wingspan of nearly 10 feet, a five-hour flight time, carries electro-optical and infrared sensors as well as a video camera that broadcasts on a 128 bit encrypted channel. Its most important feature is the autopilot software that allows the drone to return home in the event that the global positioning system link is jammed or lost. Drone-based intelligence gathering is often depicted as risk-free compared to manned aircraft or human intelligence gathering, but, says Korolenko, if the drone isn’t secure or the signature is too obvious, the human coasts can be very, very high. “Russian military sometimes track locations of ground control stations,” he wrote Defense One in an email. “Therefore UAV squads have to follow certain security measures – to relocate frequently, to move out antennas and work from shelter, etc. As far as I know, two members of UAV squads were killed from mortar attacks after [their] positions were tracked by Russian electronic warfare equipment.”
    (via bldgblog)

    (tags: via:bldgblog war drones uav future ukraine russia tech aircraft pd-1 crowdfunding)

  • Javascript Acid Machine

    a 303 and an 808 in your browser. this is deadly

    (tags: acid 303 music javascript hacks via:hn techno)

Posted in Uncategorized | Comments closed

Links for 2015-03-09

  • Ubuntu To Officially Switch To systemd Next Monday – Slashdot

    Jesus. This is going to be the biggest shitfest in the history of Linux…

    (tags: linux slashdot ubuntu systemd init unix ops)

  • uselessd

    A project to reduce systemd to a base initd, process supervisor and transactional dependency system, while minimizing intrusiveness and isolationism. Basically, it’s systemd with the superfluous stuff cut out, a (relatively) coherent idea of what it wants to be, support for non-glibc platforms and an approach that aims to minimize complicated design. uselessd is still in its early stages and it is not recommended for regular use or system integration.
    This may be the best option to evade the horrors of systemd.

    (tags: init linux systemd unix ops uselessd)

  • Japan’s Robot Dogs Get Funerals as Sony Looks Away

    in July 2014, [Sony's] repairs [of Aibo robot dogs] stopped and owners were left to look elsewhere for help. The Sony stiff has led not only to the formation of support groups–where Aibo enthusiasts can share tips and help each other with repairs–but has fed the bionic pet vet industry. “The people who have them feel their presence and personality,” Nobuyuki Narimatsu, director of A-Fun, a repair company for robot dogs, told AFP. “So we think that somehow, they really have souls.” While concerted repair efforts have kept many an Aibo alive, a shortage of spare parts means that some of their lives have come to an end.

    (tags: sony aibo robots japan dogs pets weird future badiotday iot gadgets)

  • “Cuckoo Filter: Practically Better Than Bloom”

    ‘We propose a new data structure called the cuckoo filter that can replace Bloom filters for approximate set membership tests. Cuckoo filters support adding and removing items dynamically while achieving even higher performance than Bloom filters. For applications that store many items and target moderately low false positive rates, cuckoo filters have lower space overhead than space-optimized Bloom filters. Our experimental results also show that cuckoo filters outperform previous data structures that extend Bloom filters to support deletions substantially in both time and space.’

    (tags: algorithms paper bloom-filters cuckoo-filters cuckoo-hashing data-structures false-positives big-data probabilistic hashing set-membership approximation)

  • Amazing cutting from Vanity Fair, 1896, for International Women’s Day

    “The sisters make a pretty picture on the platform ; but it is not women of their type who need to assert themselves over Man. However, it amuses them–and others ; and I doubt if the tyrant has much to fear from their little arrows.” Constance Markievicz was one of those sisters, and the other was Eva Gore-Booth.

    (tags: markievicz history ireland sligo vanity-fair 19th-century dismissal sexism iwd women)

  • Anatomy of a Hack

    Authy doesn’t come off well here: ‘Authy should have been harder to break. It’s an app, like Authenticator, and it never left Davis’ phone. But Eve simply reset the app on her phone using a address and a new confirmation code, again sent by a voice call. A few minutes after 3AM, the Authy account moved under Eve’s control.’

    (tags: authy security hacking mfa authentication google apps exploits)

  • Ask the Decoder: Did I sign up for a global sleep study?

    How meaningful is this corporate data science, anyway? Given the tech-savvy people in the Bay Area, Jawbone likely had a very dense sample of Jawbone wearers to draw from for its Napa earthquake analysis. That allowed it to look at proximity to the epicenter of the earthquake from location information. Jawbone boasts its sample population of roughly “1 million Up wearers who track their sleep using Up by Jawbone.” But when looking into patterns county by county in the U.S., Jawbone states, it takes certain statistical liberties to show granularity while accounting for places where there may not be many Jawbone users. So while Jawbone data can show us interesting things about sleep patterns across a very large population, we have to remember how selective that population is. Jawbone wearers are people who can afford a $129 wearable fitness gadget and the smartphone or computer to interact with the output from the device. Jawbone is sharing what it learns with the public, but think of all the public health interests or other third parties that might be interested in other research questions from a large scale data set. Yet this data is not collected with scientific processes and controls and is not treated with the rigor and scrutiny that a scientific study requires. Jawbone and other fitness trackers don’t give us the option to use their devices while opting out of contributing to the anonymous data sets they publish. Maybe that ought to change.

    (tags: jawbone privacy data-protection anonymization aggregation data medicine health earthquakes statistics iot wearables)

  • Pinterest’s highly-available configuration service

    Stored on S3, update notifications pushed to clients via Zookeeper

    (tags: s3 zookeeper ha pinterest config storage)

  • A Journey into Microservices | Hailo Tech Blog

    Excellent three-parter from Hailo, describing their RabbitMQ+Go-based microservices architecture. Very impressive!

    (tags: hailo go microservices rabbitmq amqp architecture blogs)

  • soundcloud/lhm

    The Large Hadron Migrator is a tool to perform live database migrations in a Rails app without locking.

    The basic idea is to perform the migration online while the system is live, without locking the table. In contrast to OAK and the facebook tool, we only use a copy table and triggers. The Large Hadron is a test driven Ruby solution which can easily be dropped into an ActiveRecord or DataMapper migration. It presumes a single auto incremented numerical primary key called id as per the Rails convention. Unlike the twitter solution, it does not require the presence of an indexed updated_at column.

    (tags: migrations database sql ops mysql rails ruby lhm soundcloud activerecord)

  • Biased Locking in HotSpot (David Dice’s Weblog)

    This is pretty nuts. If biased locking in the HotSpot JVM is causing performance issues, it can be turned off:

    You can avoid biased locking on a per-object basis by calling System.identityHashCode(o). If the object is already biased, assigning an identity hashCode will result in revocation, otherwise, the assignment of a hashCode() will make the object ineligible for subsequent biased locking.

    (tags: hashcode jvm java biased-locking locking mutex synchronization locks performance)

Posted in Uncategorized | Comments closed