Post-brexit post-mortem from Nicholas Cohen in the grauniad:
The Vote Leave campaign followed the tactics of the sleazy columnist to the letter. First, it came out with the big, bold solution: leave. Then it dismissed all who raised well-founded worries with “the country is sick of experts”. Then, like Johnson the journalist, it lied.
The prime minister evidently thought that the whole debate could be cleanly started and finished in a matter of months. His Eton contemporary Boris Johnson – and, really, can you believe that the political story of the last four months has effectively been a catastrophic contest between two people who went to the same exclusive school? – opportunistically embraced the cause of Brexit in much the same spirit. What they had not figured out was that a diffuse, scattershot popular anger had not yet decisively found a powerful enough outlet, but that the staging of a referendum and the cohering of the leave cause would deliver exactly that. Ukip were held back by both the first-past-the-post electoral system, and the polarising qualities of Farage, but the coalition for Brexit effectively neutralised both. And so it came to pass: the cause of leaving the EU, for so long the preserve of cranks and chancers, attracted a share of the popular vote for which any modern political party would give its eye teeth.
More trial-by-algorithm horrors:
Company officials say the algorithm’s results are backed by research, but they are tight-lipped about its details. They do acknowledge that men and women receive different assessments, as do juveniles, but the factors considered and the weight given to each are kept secret. “The key to our product is the algorithms, and they’re proprietary,” said Jeffrey Harmon, Northpointe’s general manager. “We’ve created them, and we don’t release them because it’s certainly a core piece of our business. It’s not about looking at the algorithms. It’s about looking at the outcomes.” That secrecy is at the heart of Mr. Loomis’s lawsuit. His lawyer, Michael D. Rosenberg, who declined to be interviewed because of the pending appeal, argued that Mr. Loomis should be able to review the algorithm and make arguments about its validity as part of his defense. He also challenges the use of different scales for each sex. The Compas system, Mr. Rosenberg wrote in his brief, “is full of holes and violates the requirement that a sentence be individualized.”
Appearing like trenches dragged into the earth, sunken lanes, also called hollow-ways or holloways, are centuries-old thoroughfares worn down by the traffic of time. They’re one of the few examples of human-made infrastructure still serving its original purpose, although many who walk through holloways don’t realize they’re retracing ancient steps.
So, there you have it: Blocking is necessary, except it is not. Safeguards need to be implemented, except they don’t need to be. This approach is legal, except it isn’t. The text is based on the Child Exploitation Directive, except it isn’t. Is this really how we are going to create credible legislation on terrorism?
After studying other e-voting systems around the world, the team was particularly alarmed by the Estonian I-voting system. It has serious design weaknesses that are exacerbated by weak operational management. It has been built on assumptions which are outdated and do not reflect the contemporary reality of state-level attacks and sophisticated cybercrime. These problems stem from fundamental architectural problems that cannot be resolved with quick fixes or interim steps. While we believe e-government has many promising uses, the Estonian I-voting system carries grave risks — elections could be stolen, disrupted, or cast into disrepute. In light of these problems, our urgent recommendation is that to maintain the integrity of the Estonian electoral process, use of the Estonian I-voting system should be immediately discontinued.
Reducing service memory usage from 500MB to 105MB:
We found two specific techniques to be the most beneficial: turning off one of the two JIT compilers enabled by default (the “C2” compiler), and using a 32-bit, rather than a 64-bit, JVM.
from Dr Mark Humphrys in DCU:
A collection of bits and pieces of Internet history. Focusing somewhat (but not exclusively) on: (a) the 1980s, when I first started using the Internet, and: (b) Ireland.
I need to get in touch about the early days of the Irish web!
an online home for stories from Ireland – stories about the country’s long and convoluted relationship with information technology. It aims to gather information on the most significant aspects of this relationship, to compile archives on the selected themes, and to store the assembled records for the benefit of future generations.
This site is a companion effort to the techarchives website, except it is less well-researched, and is primarily a personal view of the development of the Internet in Ireland by your humble author, Niall Murphy.
An old post about Y!’s acquisition of Summly, an iPhone app which uses NLP to summarise news stories. This is an excellent point about modern tech startups:
[Summly] licensed the core engine from another company. They are the quintessential bolt-on engineers, taking a Japanese bike engine, slapping together a badly constructed frame aligned solely by eyeballs, and laying down a marketing blitz. That’s why the story sells. “You, too, can do it.” But do you want to? [...] it’s critical to keep tabs on the ratio known as “glue versus thought.” Sure, both imply progress and both are necessary. But the former is eminently mundane, replaceable, and outsource-able. The latter is typically what gives a company its edge, what is generally regarded as a competitive advantage. So, what is Yahoo signaling to the world? “We value glue more than thought.”
on the history of Irish cuisine — mostly milk and butter, and notably “bog butter”:
And the Irish didn’t like their butter just one way: from the 12th century on, there are records of butter flavored with onion and garlic, and local traditions of burying butter in bogs. Originally, it’s thought that bog butter began as a good storage system, but after a time, buried bog butter came to be valued for its uniquely boggy flavor.
Paypal will no longer handle payments if the user’s address includes the word “Isis”:
That these place names exist won’t be a surprise to anyone familiar with English limnology – the study of rivers and inland waters. As Wikipedia helpfully tells us, “The Isis is the name given to the part of the River Thames above Iffley Lock which flows through the university city of Oxford”. In at least one local primary school I’m familiar with, the classes are called Windrush, Cherwell, Isis and Thames. [...] Now PayPal has decided that they are not prepared to facilitate payments for goods to be delivered to an address which includes the word “Isis”. An Isis street resident ran into some unexpected difficulties when attempting to purchase a small quantity of haberdashery on the internet with the aid of a PayPal account. The transaction would not process. In puzzlement she eventually got irritated enough to brave the 24/7 customer support telephone tag labyrinth. The short version of the response from the eventual real person she managed to get through to was that PayPal have blacklisted addresses which include the name “Isis”. They will not process payments for goods to be delivered to an Isis related address, whatever state of privileged respectability the residents of such properties may have earned or inherited in their lifetimes to this point.One has to wonder if this also brings the risk of adding the user to a secret list, somewhere. Trial by algorithm.
Oh thank god, there’s a “get out of jail” card before they destroy the global economy to appease the eurosceptics.
On the day after a vote for Brexit, the UK will still be a member state of the EU. All the legislation which gives effect to EU law will still be in place. Nothing as a matter of law changes in any way just because of a vote to Leave. What will make all the legal difference is not a decision to leave by UK voters in a non-binding advisory vote, but the decision of the prime minister on how to react before making any Article 50 notification. And what the prime minister will do politically after a referendum vote for Brexit is, at the moment, as unknown as the result of the result of the referendum itself.
comparison-shopping site for Irish car insurance. recommended by some random Broadsheet commenter, worth a try next time this comes up
Apple have announced they plan to use it; Google use a DP algorithm called RAPPOR in Chrome usage statistics. In summary: “novel privacy technology that allows inferring statistics about populations while preserving the privacy of individual users”.
The Department of Education has issued a new circular accepting it cannot defund the education of children whose parents do not want their kid’s data to be in POD [the privacy-infringing database of all Irish primary-school children]. They’ll only accept a written request as the basis of that refusal, however. So, here’s one you can use that meets the requirements. Send or give it to your school.
Three, the mobile carrier, has begun warming up for a network-level ad blocking trial. It will become one of the first mobile carriers worldwide—and certainly in the UK—to try blocking ads before they are squirted over the network to the consumer, rather than attempting to hide or block ads locally on the device, which can cost both bandwidth and battery life. The ad blocking trial, which will affect both mobile websites and apps, will take place during a 24-hour period sometime between June 13 and 20. Three says it will contact customers and ask them to sign up for the trial, presumably via the online customer portal. It isn’t clear how large the trial will be. Technologically, the network-level ad blocking will be powered by Shine. Due to the nature of the beast—the constant tussle between ad publishers and ad blockers—Shine doesn’t like to talk about its tech in much detail. It sounds like Shine uses deep packet inspection and machine learning to find packets that contain ads, and then replaces or removes them in such a way that it doesn’t break the layout of the website or app.
R.I.Pienaar talks about the conventions he uses when containerising; looks like a decent approach.
‘ClickHouse manages extremely large volumes of data in a stable and sustainable manner. It currently powers Yandex.Metrica, world’s second largest web analytics platform, with over 13 trillion database records and over 20 billion events a day, generating customized reports on-the-fly, directly from non-aggregated data. This system was successfully implemented at CERN’s LHCb experiment to store and process metadata on 10bn events with over 1000 attributes per event registered in 2011.’ Yandex-tastic, but still looks really interesting
Creating a read replica in another region also creates an Aurora cluster in the region. This cluster can contain up to 15 more read replicas, with very low replication lag (typically less than 20 ms) within the region (between regions, latency will vary based on the distance between the source and target). You can use this model to duplicate your cluster and read replica setup across regions for disaster recovery. In the event of a regional disruption, you can promote the cross-region replica to be the master. This will allow you to minimize downtime for your cross-region application. This feature applies to unencrypted Aurora clusters.
good intro to some Airflow concepts
great how-to for practical scanner fuzz testing
The Garda Síochána has proposed to expand its surveillance on Irish citizens by swelling the amount of data it collects on them through an increase in its CCTV and ANPR set-ups, and will also introduce facial and body-in-a-crowd biometrics technologies. [...] The use of Automated Facial Recognition (AFR) technology is fairly troubled in the UK, with the independent biometrics commissioner warning the government that it was risking inviting a legal challenge back in March. It is no less of an issue in Ireland, where the Data Protection Commissioner (DPC) audited Facebook in 2011 and 2012, and scolded the Zuckerborg over its use of facial recognition technology.
“Here,” by Richard McGuire. Amazing piece of comic art from 1989
What happened today? We still don’t really know, but it seems we found a first potentially malicious collision — that is, the first “nonacademic” case. Enrico found two keys sharing the 9F6C6333 short ID, apparently belonging to the same person (as would be the case of Asheesh, mentioned above). After contacting Gustavo, though, he does not know about the second — That is, it can be clearly regarded as an impersonation attempt. Besides, what gave away this attempt are the signatures it has: Both keys are signed by what appears to be the same three keys: B29B232A, F2C850CA and 789038F2. Those three keys are not (yet?) uploaded to the keyservers, though… But we can expect them to appear at any point in the future. We don’t know who is behind this, or what his purpose is. We just know this looks very evil. Now, don’t panic: Gustavo’s key is safe. Same for his certifiers, Marga, Agustín and Maxy. It’s just a 32-bit collision. So, in principle, the only parties that could be cheated to trust the attacker are humans, right? Nope. Enrico tested on the PGP pathfinder & key statistics service, a keyserver that finds trust paths between any two arbitrary keys in the strong set. Surprise: The pathfinder works on the short key IDs, even when supplied full fingerprints. So, it turns out I have three faked trust paths into our impostor.
The IWF in the spotlight…
The blacklist operated by the IWF effectively amounts to censorship. Not only are the blacklist and notices sent to members of the IWF kept secret, but there is no requirement to notify website owners when their site has been added to the blacklist. Even where statutory rules do exist with respect to notice and take-down procedures (namely, the Terrorism Act 2006 and the Defamation (Operators of Websites) Regulations 2013), the provisions are not so concerned with safeguards for the protection of freedom of expression, as with offering an exemption from liability for ISPs.
Worryingly-optimistic communications about CoreOS’ recently-announced distributed storage system. I had similar thoughts, but Jeff Darcy is actually an expert on this stuff so he’s way more worth listening to on the topic ;)
Adobe was fined 8,000 euros, Punica 9,000 euros and Unilever 11,000 euros. The regulator said they had put in place alternative legal mechanisms for transferring data to the United States following the fine. “The fact that the companies have eventually implemented a legal basis for the transfer had to be taken into account in a favorable way for the calculation of the fines,” said Johannes Caspar, the Hamburg Commissioner for Data Protection. “For future infringements, stricter measures have to be applied.”
systemd needs to stop breaking shit
Nearly-open wifi (easily-cracked weak WPA PSK), and a 6-byte string to disable the car alarm, discovered via replay attack. Massive fail
set up to boot into a full-screen Chromium window on boot. This means if you’re using your Pi to power an information display, you won’t need to go through the process of disabling screen savers, editing display size, and forcing full-screen mode on your own. All you need to do is install FullPageOS on an SD card, then edit a TXT file to include your Wi-Fi network info and the URL you want it to load up.
‘There is a popular belief in neuroscience that we are primarily data limited, that producing large, multimodal, and complex datasets will, enabled by data analysis algorithms, lead to fundamental insights into the way the brain processes information. Microprocessors are among those artificial information processing systems that are both complex and that we understand at all levels, from the overall logical flow, via logical gates, to the dynamics of transistors. Here we take a simulated classical microprocessor as a model organism, and use our ability to perform arbitrary experiments on it to see if popular data analysis methods from neuroscience can elucidate the way it processes information. We show that the approaches reveal interesting structure in the data but do not meaningfully describe the hierarchy of information processing in the processor. This suggests that current approaches in neuroscience may fall short of producing meaningful models of the brain.’ via Bryan O’Sullivan.
65% of parliamentary emails are routed via Dublin or the Netherlands, so liable to access via Tempora; NSA’s Prism program gives access to all Microsoft Office 365 docs; and MessageLabs, the anti-spam scanning system in use, has a GCHQ backdoor program called Haruspex, allegedly.
‘centrally-planned object and thread pools’ for java. ‘In the default JVM thread pools, once a thread is created it will only be retired when it hasn’t performed a task in the last minute. In practice, this means that there are as many threads as the peak historical number of concurrent tasks handled by the pool, forever. These thread pools are also poorly instrumented, making it difficult to tune their latency or throughput. Dirigiste provides a fast, richly instrumented version of a java.util.concurrent.ExecutorService, and provides a means to feed that instrumentation into a control mechanism that can grow or shrink the pool as needed. Default implementations that optimize the pool size for thread utilization are provided. It also provides an object pool mechanism that uses a similar feedback mechanism to resize itself, and is significantly simpler than the Apache Commons object pool implementation.’ Great metric support, too.
new Jenkins UX. looks great
good history on the crapfest that is DST
Anecdotal evidence has suggested simulator sickness is less intense when games contain fixed visual reference objects – such as a racecar’s dashboard or an airplane’s cockpit – located within the user’s field of view. “But you can’t have a cockpit in every VR simulation,” Whittinghill said. His research team was studying the problem when undergraduate student Bradley Ziegler suggested inserting the image of a virtual human nose in the center of the video display. “It was a stroke of genius,” said Whittinghill, who teaches video game design. “You are constantly seeing your own nose. You tune it out, but it’s still there, perhaps giving you a frame of reference to help ground you.” The researchers have discovered that the virtual nose, or “nasum virtualis,” reduces simulator sickness when inserted into popular games.
Interesting new collections lib for Java 6+; generates Map-like and Set-like collections at runtime based on the contract annotations you desire. Fat (20MB) library-based implementation also available
ugh, so dodgy
Basically, use a Lambda to put all instances from an ASG into the ELB, then remove the old ASG
‘Tired of copy/pasting Dockerfiles around? Not sure about best practices for Dockerfiles or Docker entry points? This tool lets you Dockerize your applications using best practices to define your Dockerfile and Docker entry point files.’ The best practices in question are defined here: https://github.com/docker-library/official-images#review-guidelines
backward compatible replacement for Dockerfile. Yes, you can take any Dockerfile, rename it to Rockerfile and use rocker build instead of docker build. … Rocker aims to solve the following use cases, which are painful with plain Docker: Mount reusable volumes on build stage, so dependency management tools may use cache between builds. Share ssh keys with build (for pulling private repos, etc.), while not leaving them in the resulting image. Build and run application in different images, be able to easily pass an artifact from one image to another, ideally have this logic in a single Dockerfile. Tag/Push images right from Dockerfiles. Pass variables from shell build command so they can be substituted to a Dockerfile. And more. These are the most critical issues that were blocking our adoption of Docker at Grammarly. The most challenging part is caching. While implementing those features seems to be not a big deal, it’s not trivial to do that just by utilising Docker’s image cache (the one that docker build does). Actually, it is the main reason why those features are still not in Docker. With Rocker we achieve this by introducing a set of trade-offs. Search this page for “trade-off” to find out more details.
Sadly (because I want a “holodeck” as much as the next red-blooded geek) – I don’t think it’s possible to make a VR system that both delivers the experience that everyone wants – and doesn’t make a sizeable proportion of the population so sick that they’ll never want to do it again. For the people who can stomach the display – my major concern is that the US Navy studies show that there is some disorientation that might persist long after finishing your game…so driving a car while “under the influence” of post-VR disorientation is probably as dangerous as drunk-driving. If these devices are in pretty much every home – then there are huge problems in store for the industry in terms of product liability. There have been plenty of warnings from the flight simulation industry – there are no excuses for not reading the Wikipedia article on the subject. If people are driving “under the influence” and the VR companies didn’t warn them about that – then they’re in deep trouble. IMHO, these consumer-grade VR devices should be carefully studied and if they do cause possible driving impairment, they should be banned until such time as the problems can be fixed…which may very well be “never”. Sorry to be the bearer of bad news.(via Tony Finch)
good data! Mostly because of element locations it seems….
Wow. Massive, massive algorithm fail.
n the morning of May 12, LinkedIn, the networking site devoted to making professionals “more productive and successful,” emailed scores of my contacts and told them I’m a professional racist. It was one of those updates that LinkedIn regularly sends its users, algorithmically assembled missives about their connections’ appearances in the media. This one had the innocent-sounding subject, “News About William Johnson,” but once my connections clicked in, they saw a small photo of my grinning face, right above the headline “Trump put white nationalist on list of delegates.” [.....] It turns out that when LinkedIn sends these update emails, people actually read them. So I was getting upset. Not only am I not a Nazi, I’m a Jewish socialist with family members who were imprisoned in concentration camps during World War II. Why was LinkedIn trolling me?
omgwtfbbq. 1: User reports that their gnome session leaks processes; 2: systemd modifies default session behaviour to kill all processes, including screen/tmux; 3: _everyone_ complains because they break 30 years of UNIX process semantics, then 4: they request that tmux/screen hack their shit to workaround their brokenness. Get fucked, systemd. This is the kind of shit that would finally drive me to BSDland
French Foodie in Dublin writes and vlogs about the Dordogne Valley, good foodie tips
via James Kelleher on Twitter: “‘Mierenneuker’ — Dutch slang for someone who pays (too much) attention to detail, literally ‘ant-fucker’.”; and in German, ‘Korinthenkacker’, “raisin-shitter”.
Systemd breaks UNIX behaviour which has been standard practice for 30 years:
It is now indeed the case that any background processes that were still running are killed automatically when the user logs out of a session, whether it was a desktop session, a VT session, or when you SSHed into a machine. Now you can no longer expect a long running background processes to continue after logging out. I believe this breaks the expectations of many users. For example, you can no longer start a screen or tmux session, log out, and expect to come back to it.
Geofencing used for evil:
What Flynn realized is that he could use [ad targeting] to infer that a woman might be seeking an abortion, and to target her for ads from anti-choice groups [using geofenced advertising]. “We can reach every Planned Parenthood in the U.S.,” he wrote in a PowerPoint display sent to potential clients in February. The Powerpoint included a slide titled “Targets for Pro-Life,” in which Flynn said he could also reach abortion clinics, hospitals, doctors’ offices, colleges, and high schools in the United States and Canada, and then “[d]rill down to age and sex.” “We can gather a tremendous amount of information from the [smartphone] ID,” he wrote. “Some of the break outs include: Gender, age, race, pet owners, Honda owners, online purchases and much more.” Flynn explained that he would then use that data to send anti-choice ads to women “while they’re at the clinic.”
Rapid Fire is a special event we started hosting at our own in-person CTFs in 2014. The idea is pretty simple: Create several CTF challenges that can be solved in a few minutes each. Set up the challenges on 4 identical computers with some basic tools. Mirror the player’s screens so the audience can watch their actions. Whoever solves the most challenges the fastest wins. This event is interesting for a number of reasons: the players are under intense pressure, as everything they do is being watched by several people; the audience can watch several different approaches to the same problems; and people can follow along fairly easily with what is going on with the challenges.With e-sports-style video!
Twitter are open sourcing their Storm replacement, and moving it to an independent open source foundation
If it’s illegal to write clean room implementations of APIs, then no one has clean hands. The now-shelved open source project Apache Harmony, like Android, reimplemented Java SE, and tech giant IBM contributed code to that project. Oracle itself built its business off a proprietary implementation of SQL, which was created by IBM. The proposition “Reimplementations of APIs are infringements” creates a recursive rabbit hole of liability that spans across the industry. Even the very 37 Java APIs at issue in this trial contain reimplementations of other APIs. Google witness Joshua Bloch—who, while at Sun Microsystems, wrote many of the Java APIs—testified that specific Java APIs are reimplementations of other APIs from Perl 5 and the C programming language.
GitLab continue to out-innovate Github, which is just wanking around with breaking the UI these days
‘The algorithm of Lamport timestamps is a simple algorithm used to determine the order of events in a distributed computer system. As different nodes or processes will typically not be perfectly synchronized, this algorithm is used to provide a partial ordering of events with minimal overhead, and conceptually provide a starting point for the more advanced vector clock method. They are named after their creator, Leslie Lamport.’ See also vector clocks (which I think would be generally preferable nowadays).
‘Police believe that as many as 100 people, none of whom have been apprehended, worked together using forged credit cards containing account details illegally obtained from a bank in South Africa. The culprits used the fake cards at 1,400 convenience store automated teller machines on the morning of 15 May, according to police. Each made a single withdrawal of 100,000 yen – the maximum allowed by the cash machines.’ 1,600 forged/stolen credit card credentials from a single bank, then a synchronised attack made possible by the eventually-consistent ledger model of ATM accounting. (via William Gibson)
Automated DMCA takedowns used to fraudulently censor online content.
In fact, no copyright infringement had occurred at all. Instead, something weirder had happened. At some point after Narey posted her comments on Mumsnet, someone had copied the entire text of one of her posts and pasted it, verbatim, to a spammy blog titled “Home Improvement Tips and Tricks”. The post, headlined “Buildteam interior designers” was backdated to September 14 2015, three months before Narey had written it, and was signed by a “Douglas Bush” of South Bend, Indiana. The website was registered to someone quite different, though: Muhammed Ashraf, from Faisalabad, Pakistan. Quite why Douglas Bush or Muhammed Ashraf would be reviewing a builder based in Clapham is not explained in “his” post. BuildTeam says it has no idea why Narey’s review was reposted, but that it had nothing to do with it. “At no material times have we any knowledge of why this false DCMA take down was filed, nor have we contracted any reputation management firms, or any individual or a group to take such action on our behalf. Finally, and in conjunction to the above, we have never spoken with a ‘Douglas Bush,’ or a ‘Muhammed Ashraf.’”
This totally matches my own preconceptions ;)
When we at Datawire tried to actually use Lambda for a real-world HTTP-based microservice [...], we found some uncool things that make Lambda not yet ready for the world we live in: Lambda is a building block, not a tool; Lambda is not well documented; Lambda is terrible at error handling Lung skips these uncool things, which makes sense because they’d make the tutorial collapse under its own weight, but you can’t skip them if you want to work in the real world. (Note that if you’re using Lambda for event handling within the AWS world, your life will be easier. But the really interesting case in the microservice world is Lambda and HTTP.)
holy crap, this is dystopian:
The first time Paul Zilly heard of his score — and realized how much was riding on it — was during his sentencing hearing on Feb. 15, 2013, in court in Barron County, Wisconsin. Zilly had been convicted of stealing a push lawnmower and some tools. The prosecutor recommended a year in county jail and follow-up supervision that could help Zilly with “staying on the right path.” His lawyer agreed to a plea deal. But Judge James Babler had seen Zilly’s scores. Northpointe’s software had rated Zilly as a high risk for future violent crime and a medium risk for general recidivism. “When I look at the risk assessment,” Babler said in court, “it is about as bad as it could be.” Then Babler overturned the plea deal that had been agreed on by the prosecution and defense and imposed two years in state prison and three years of supervision.
‘Regarding [John] Carpenter: We all talk about inequalities in film. We can add a huge one: Genre inequality. Horror will always be punk rock!’
Nigeria’s scrabble team are kicking ass with short-word strats.
“ ‘What would the robot do?’ is now the key question in Scrabble,” said Mr. Fatsis. Often, he said, the robot plays five letters: “There are inefficiencies in the game that you can exploit by having a mastery of those intermediate-length words.”
Today in nose-leech news — the paper!
Principal Findings: A new genus and species of leech from Perú was found feeding from the nasopharynx of humans. Unlike any other leech previously described, this new taxon has but a single jaw with very large teeth. Phylogenetic analyses of nuclear and mitochondrial genes using parsimony and Bayesian inference demonstrate that the new species belongs among a larger, global clade of leeches, all of which feed from the mucosal surfaces of mammals. Conclusions: This new species, found feeding from the upper respiratory tract of humans in Perú, clarifies an expansion of the family Praobdellidae to include the new species Tyrannobdella rex n. gen. n.sp., along with others in the genera Dinobdella, Myxobdella, Praobdella and Pintobdella. Moreover, the results clarify a single evolutionary origin of a group of leeches that specializes on mucous membranes, thus, posing a distinct threat to human health.
This is an eye-opener:
A former bicycle thief has revealed the tricks of the trade in an interview, which clearly and shockingly shows the extent that thieves will go to in order to steal a bike. He talks about the motivations behind the theft, the tools used to crack locks and how the bikes were moved around and sold for a significant sum. He also gives tips on how to prevent your bike from being stolen. [...] ‘Don’t be fooled by Kryptonite locks, they’re not as tough as made out to be. Also D-bars with tubular locks, never use them, they’re the most easy to pick with a little tool. It’s small and discreet, no noise and it looks like you are just unlocking your bike. With the bolt cutters we would go out on high performance motorbikes, two men on a bike.’
Of the dozens of Trump pages seemingly run by click-farms, just one responded to our request for an interview, though the anonymous operators of the Trumpians fan page declined to provide the name of their company, citing the “volatility of Trump haters.” Trump’s Facebook page is the only one of over 100 the company runs that’s dedicated to an individual politician. “The other [candidates] don’t have any value from a merchandise perspective ,” the operator said by Facebook Messenger.
“How we use Parquet for tons of metrics data”. good preso from Datadog on their S3/Parquet setup
Excellent advice on capacity planning and queueing theory, in the context of Hystrix. Should I use a single thread pool for all dependency callouts, or independent thread pools for each one?
‘The database of Irish nonprofits’. Excellent stuff!
‘of all the red light violations [filmed by red light cameras at Blackhall Place and Con Colbert Road by the RPA in 2011,] approximately 15% were committed by cyclists, with almost 85% committed by motor vehicles.’
RIP. “Big Dead Place” is a fantastic document of “M*A*S*H on ice”, as the London Times called it, and one of my favourite books. See also http://feralhouse.com/nick-johnson-rip/ for another eulogy from his publishers
Gradle plugin that allows easy integration with the infer static analyzer
The Language Creation Society filed an amicus brief claiming that Klingon is a real language and therefore not subject to copyright. To reiterate: the fandom of Star Trek elevated a language invented in 1984 by Marc Okrand for Star Trek III: The Search for Spock to the point it is taught in colleges and spoken as a living language. So it isn’t Star Trek anymore: it is real. [...] the entire legal brief is impossible to reprint due to limits in our non-Klingon font system, but even the motion includes Klingon-translated passages that accuse Paramount of being “arrogant” and “pathetic”.
This is quite significant — scientific proof that austerity/social engineering policies cause higher mortality rates:
Researchers found that the historic effect of overcrowding was an important factor and highlighted the strategies of local government, which prioritised the regeneration of the city centre over investment in the cities housing schemes as having a significant impact on the health of Glaswegians. Data shows that Glasgow authorities spent far less on housing repairs, leaving people’s homes poorly maintained and subject to damp. David Walsh, of the Glasgow Centre for Population Health, said that their work proved that poor health had political causes and could not simply be attributed to individual lifestyle choices.
Very DataDog-oriented, but some decent tips on monitorable metrics here
“The G part stands for GNU?” Alsup asked in disbelief. “Yes,” said Schwartz on the stand. “That doesn’t make any sense,” said the 71-year-old Clinton appointee.
Wow, these look amazing:
The IBM 1401 and Alan Turing’s Pilot ACE (shown below) are among the computers featured in the series by photographer Docubyte and production studio Ink.
non-proliferation? what’s that?
Kodak’s purpose for the reactor wasn’t sinister: they used it to check materials for impurities as well as neutron radiography testing. The reactor, a Californium Neutron Flux multiplier (CFX) was acquired in 1974 and loaded with three and a half pounds of enriched uranium plates placed around a californium-252 core. The reactor was installed in a closely guarded, two-foot-thick concrete walled underground bunker in the company’s headquarters, where it was fed tests using a pneumatic system. According to the company, no employees were ever in contact with the reactor. Apparently, it was operated by atomic fairies and unicorns.
sounds like a decent party starter:
This puckery drink is prepared with rum and fresh mint like a classic mojito, but New Orleans chef John Besh makes it holiday-worthy by topping it with a splash of Champagne.
I’ve made a variant on this, good cava cocktail
variant on the French 75 with lime juice in place of lemon
What the hell, Virgin?
Section 12: Use of Virtual Private Network (VPN) As stated above, the Virgin Media Services are for residential use only and we do not support the use of VPN. If we find you are using VPN we may instruct you to stop using it and you must comply with this request. This is in order to prevent problems with our network and other Internet users.
Virgin Media/UPC seem to have silently deployed an IPv6 “carrier-grade NAT” setup called “DS-Lite” — ie. all customers now get just a routable IPv6 address, and share a small pool of IPv4 NATs. This breaks a multitude of useful services, including UDP IPSec VPNs it seems
omg. Sean “Irish SOPA” Sherlock dealing with the important issues once again — in this case the bloody “Unified Patent Court”
In his 1962 book, The Image: A Guide to Pseudo-Events in America, former Librarian of Congress Daniel J. Boorstin describes a world where our ability to technologically shape reality is so sophisticated, it overcomes reality itself. “We risk being the first people in history,” he writes, “to have been able to make their illusions so vivid, so persuasive, so ‘realistic’ that they can live in them.”
“.richardli”. TLDs are now officially beyond a joke
Chock-full of excellent build/test ideas from LMAX’s Continuous Delivery setup. Lots of good ideas to steal
China’s Internet censors are capricious and impossible to predict — but this isn’t because China’s censors are incompetent, rather, they’re tapping into one of the most powerful forms of conditioning, the uncertainty born of intermittent reinforcement. [...] As C Custer writes at Tech in Asia, this caprice is by design: by not specifying a set of hard and fast rules, but rather the constant risk of being taken down for crossing some invisible line, China’s censors inspire risk-aversion in people who rely on the net to be heard or earn their livings. It’s what Singaporeans call “out of bounds,” the unspecified realm of things you mustn’t, shouldn’t or won’t want to enter.
These are a great selection. Gonna be doing one of these every weekend if possible, now that the 2 year old can just about handle it ;)
command line utility that performs an HTML element selection on HTML content passed to the stdin. Using css selectors that everybody knows. Since input comes from stdin and output is sent to stdout, it can easily be used inside traditional UNIX pipelines to extract content from webpages and html files. tq provides extra formating options such as json-encoding or newlines squashing, so it can play nicely with everyones favourite command line tooling.
some amazingly terrible product decisions here. Deleting local copies of unreleased WAV files — on the assumption that the user will simply listen to them streamed down from Apple Music — that is astonishingly bad, and it’s amazing they didn’t consider the “freelance composer” use case at all. (via Tony Finch)
Purpose-built in 1898, the telephone exchange in Temple Bar was Dublin’s first automatic telephone exchange. Much like its newer neighbor, Internet House, it stood as a technological beacon shining through the luddite fog. With this in mind the Irish Citizen Army targeted the Telephone Exchange in 1916 as one of the communication hubs for the island. While many of us grew up learning of a history of ‘blood sacrifice’ and the futility of the Easter Rising, the truth is that the attack was meticulously planned both militarily and logistically. Sixty communication points around Dublin were hit in an effort to cut off all contact between British military forces within Ireland and to the ‘mainland’. The hope being that reserves and reinforcements would be delayed or misinformed.[...] Unfortunately for the rebels they could not take the Temple Bar exchange. A failure that would prove disastrous.
as Paul McDonnell noted: this one line tells you everything you need to know about DCC’s ability to enforce the rules: ‘in some of the bags inspected previously issued litter fines were found’. Pathetic
This conceptual collection consists of eight 6:1 scale versions of classic LEGO bricks, each fully functional in one way or the other. Including eight matching photo montages, a homage to the box cover art for the classic “Legoland Space” line. Hultén – “Like most people, I was raised by Lego. For this project, I chose to work with a set of decorated bricks from the iconic 79-87 “Legoland Space” line. These were bricks that would trigger my imagination as a child. 25 years have passed, and they still trigger”ERMAHGERD (faints)
interesting, although they punt to Ceph for storage and miss out the chance to make a CRDT
I am honestly amazed the US banking system still works this way, after over a decade of rampant identity theft:
I cannot count the number of times I’ve freely given out my routing and account numbers—in emails, in webforms, in paperwork. This is because it’s necessary for other people to know my routing number and account number in order for them to send me money. But apparently, with that same information, they can also snatch money straight from my account. What kind of insane system is this? There’s two factor authentication, there’s one factor authentication, and then there’s this, which I think I can call zero factor authentication.
Cropping, scaling, and resizing images on the fly, for free, with GAE. Great service, wish AWS had something similar
App Engine API has a very useful function to extract a magic URL for serving the images when uploaded into the Cloud Storage. get_serving_url() returns a URL that serves the image in a format that allows dynamic resizing and cropping, so you don’t need to store different image sizes on the server. Images are served with low latency from a highly optimized, cookieless infrastructure.
Oh man. This is so sad:
Soriano, who had travelled to Ireland from Bogota via Panama and Paris, told customs officials that a red bag he was carrying contained a gift for banking officials which would facilitate the transfer of a $2.3m inheritance from a long-lost relative he had never heard of until recently. He was very co-operative with the officials and agreed to allow them x-ray and examine the bag. It was found to contain 1.86kg of cocaine in three packets. Sgt Finnegan said gardaí were initially sceptical that Soriano could have fallen for the scam but, as interviews went on, they became aware that there were underlying issues. Gardaí found documentation that Soriano had printed out about other phishing scams. He said that he knew they were scams but he was lonely and would respond to them for “a little bit of fun”. Sgt Finnegan said that, despite this, he remained adamant that the inheritance was still due to be claimed.Bizarrely not the first prominent surgeon to fall victim to 419 scammers.
The Wikimedia Foundation told me last month that it has been aware of people using Wikipedia Zero for file sharing for about a year, and says that there are no plans to pull out of any countries because of piracy. But that hasn’t stopped rogue Wiki users from suggesting it anyway, and members of the task force have gotten Wikimedia Bangladesh to plead with the pirates to stop contributing to an “increasingly negative perception of Bangladesh in many different sectors.”
from Peter Bourgon. Looks like a good list of what to do and what to avoid
NetHogs is a small ‘net top’ tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.
The presence of a first-class cabin, and having to walk through it to get to economy, is a triggering factor for “air rage” incidents:
As lead researcher Katherine DeCelles explained to Gizmodo, airplanes are like a miniature version of class-based society. “It’s a small world of the greater society that we live in, though one that’s greatly concentrated,” she said. Traveling by plane is stressful enough, but DeCelles believes that seating inequality on airplanes often serves as “the straw that breaks the camel’s back,” and that air rage can be partly explained and understood through the lens of social inequality.
Some good advice on Docker metadata/config from Gareth Rushgrove
Ooh, this is a great plan. :applause:
Enabling GIFEE — Google Infrastructure for Everyone Else — is a primary mission at CoreOS, and open source is key to that goal. [....] Prometheus was initially created to handle monitoring and alerting in modern microservice architectures. It steadily grew to fit the wider idea of cloud native infrastructure. Though it was not intentional in the original design, Prometheus and Kubernetes conveniently share the key concept of identifying entities by labels, making the semantics of monitoring Kubernetes clusters simple. As we discussed previously on this blog, Prometheus metrics formed the basis of our analysis of Kubernetes scheduler performance, and led directly to improvements in that code. Metrics are essential not just to keep systems running, but also to analyze and improve application behavior. All things considered, Prometheus was an obvious choice for the next open source project CoreOS wanted to support and improve with internal developers committed to the code base.
This is a great idea. I miss eating out, and this is why:
Throughout our three-hour meal, babies cried, mothers nursed, toddlers shrieked and farro grains flew, but the atmosphere was surprisingly leisurely. There was no reason to be self-conscious about a crying-nursing-dancing child because everyone knew every other parent was in the same boat. Or would be in a few seconds. So we relaxed and ate. This is not fine dining as I once knew it, and that’s O.K. That’s what date night is for. But my daughter got her first lesson in how to behave at a fancy restaurant. And I got to finish a delicious meal while it was still warm, toddler in tow.
Why do so many startups fail? Why are all the hosts on CouchSurfing male? Are we going to be tweeting for the rest of our lives? Why do Silicon Valley billionaires choose average-looking wives? What makes a startup ecosystem thrive? What do people plan to do once they’re over 35? Is an income of $160K enough to survive? What kind of car does Mark Zuckerberg drive? Are the real estate prices in Palo Alto crazy? Do welfare programs make poor people lazy? What are some of the biggest lies ever told? How do I explain Bitcoin to a 6-year-old? Why is Powdered Alcohol not successful so far? How does UberX handle vomiting in the car? Is being worth $10 million considered ‘rich’? What can be causing my upper lip to twitch? Why has crowdfunding not worked for me? Is it worth pre-ordering a Tesla Model 3? How is Clinkle different from Venmo and Square? Can karma, sometimes, be unfair? Why are successful entrepreneurs stereotypically jerks? Which Silicon Valley company has the best intern perks? What looks easy until you actually try it? How did your excretions change under a full Soylent diet? What are alternatives to online dating? Is living in small apartments debilitating? Why don’t more entrepreneurs focus on solving world hunger? What do you regret not doing when you were younger?
Bug in the “veth” driver skips TCP checksums. Reminder: app-level checksums are important
good tips from Camille Fournier
local landmark and significant chunk of Dublin history. I like this one:
Another odd thing was that people from Dublin had to be buried before noon. This was due to the fact that many funerals stopping at the gate would end up so late in the pub the gates would be closed. A number of times the sextant would open up in the morning to find a coffin or two aganst the gates. For years I thought this was made up but it turns out to be true. A friend had a copy of the cemetary bye laws from (I think) around 1908 and it was in there. I think the rule was if you lived within 7 miles of the GPO you had to be buried before 12 noon.
Results: We obtained 20?882 survey responses (94?606 preferences) from 27 EU member countries. Respondents recognized the benefits of storing electronic health information, with 75.5%, 63.9%, and 58.9% agreeing that storage was important for improving treatment quality, preventing epidemics, and reducing delays, respectively. Concerns about different levels of access by third parties were expressed by 48.9% to 60.6% of respondents. On average, compared to devices or systems that only store basic health status information, respondents preferred devices that also store identification data (coefficient/relative preference 95% CI?=?0.04 [0.00-0.08], P?=?0.034) and information on lifelong health conditions (coefficient?=?0.13 [0.08 to 0.18], P?< ?0.001), but there was no evidence of this for devices with information on sensitive health conditions such as mental and sexual health and addictions (coefficient?=??0.03 [?0.09 to 0.02], P?=?0.24). Respondents were averse to their immediate family (coefficient?=??0.05 [?0.05 to ?0.01], P?=?0.011) and home care nurses (coefficient?=??0.06 [?0.11 to ?0.02], P?=?0.004) viewing this data, and strongly averse to health insurance companies (coefficient?=??0.43 [?0.52 to 0.34], P?0.001), private sector pharmaceutical companies (coefficient?=??0.82 [?0.99 to ?0.64], P?0.001), and academic researchers (coefficient?=??0.53 [?0.66 to ?0.40], P?0.001) viewing the data. Conclusions: Storing more detailed electronic health data was generally preferred, but respondents were averse to wider access to and sharing of this information. When developing frameworks for the use of electronic health data, policy makers should consider approaches that both highlight the benefits to the individual and minimize the perception of privacy risks.Via Antoin.
Michael “evertype” Everson in the news!
man, I wish I had this 30 years ago. now I know what stuff I need to get to make my occasional solders less of a PITA
“SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions’ back-offices, PCs or workstations connected to their local interface to the SWIFT network,” the group warned customers on Monday in a notice seen by Reuters.Ouch. They seem to be indicating that they’re all phishing/impersonation-based attacks.
I have two cyborg implants. One is in my hand, and it lets my unlock phones and doors by waving at them. The other is in my uterus, and it lets me control my own fertility.
Amazing deep dive into the graphic design of 1980s sci-fi classic, Alien, in particular Ron Cobb’s_Semiotic Standard For All Commercial Trans-Stellar Utility Lifter And Heavy Element Transport Spacecraft_ and its application aboard the Weylan-Yutani Nostromo
As I’ll explain, messenger apps’ apparent success in fulfilling such a surprising array of tasks does not owe to the triumph of “conversational UI.” What they’ve achieved can be much more instructively framed as an adept exploitation of Silicon Valley phone OS makers’ growing failure to fully serve users’ needs, particularly in other parts of the world. Chat apps have responded by evolving into “meta-platforms.” Many of the platform-like aspects they’ve taken on to plaster over gaps in the OS actually have little to do with the core chat functionality. Not only is “conversational UI” a red herring, but as we look more closely, we’ll even see places where conversational UI has breached its limits and broken down.
Great writeup of a practical pen test. Those crappy proprietary appliances that get set up “so the CEO can read his email on the road” etc. are always a weak spot
EC up to its old anti-competitive tricks:
The European Commission is surprisingly coy about what exactly ['open'] means in this context. It is only on the penultimate page of the ICT Standardisation Priorities document that we finally read the following key piece of information: “ICT standardisation requires a balanced IPR [intellectual property rights] policy, based on FRAND licensing terms.” It’s no surprise that the Commission was trying to keep that particular detail quiet, because FRAND licensing—the acronym stands for “fair, reasonable, and non-discriminatory”—is incompatible with open source, which will therefore find itself excluded from much of the EU’s grand new Digital Single Market strategy. That’s hardly a “balanced IPR policy.”
Great, great post from Amilia St. John, responding to the offensive sexist crap spewed by her father, Alex St. John
The history of this is fascinating:
Today’s pirate libraries have their roots in the work of Russian academics to digitize texts in the 1990s. Scholars in that part of the world had long had a thriving practice of passing literature and scientific information underground, in opposition to government censorship—part of the samizdat culture, in which banned documents were copied and passed hand to hand through illicit channels. Those first digital collections were passed freely around, but when their creators started running into problems with copyright, their collections “retreated from the public view,” writes Balázs Bodó, a piracy researcher based at the University of Amsterdam. “The text collections were far too valuable to simply delete,” he writes, and instead migrated to “closed, membership-only FTP servers.” [....] There’s always been osmosis within the academic community of copyrighted materials from people with access to scholar without. “Much of the life of a research academic in Kazakhstan or Iran or Malaysia involves this informal diffusion of materials across the gated walls of the top universities,” he says.