Links for 2015-02-27

Posted in Uncategorized | 1 Response

Links for 2015-02-26

  • JClarity’s Illuminate

    Performance-diagnosis-as-a-service. Cool.

    Users download and install an Illuminate Daemon using a simple installer which starts up a small stand alone Java process. The Daemon sits quietly unless it is asked to start gathering SLA data and/or to trigger a diagnosis. Users can set SLA’s via the dashboard and can opt to collect latency measurements of their transactions manually (using our library) or by asking Illuminate to automatically instrument their code (Servlet and JDBC based transactions are currently supported). SLA latency data for transactions is collected on a short cycle. When the moving average of latency measurements goes above the SLA value (e.g. 150ms), a diagnosis is triggered. The diagnosis is very quick, gathering key data from O/S, JVM(s), virtualisation and other areas of the system. The data is then run through the machine learned algorithm which will quickly narrow down the possible causes and gather a little extra data if needed. Once Illuminate has determined the root cause of the performance problem, the diagnosis report is sent back to the dashboard and an alert is sent to the user. That alert contains a link to the result of the diagnosis which the user can share with colleagues. Illuminate has all sorts of backoff strategies to ensure that users don’t get too many alerts of the same type in rapid succession!

    (tags: illuminate jclarity java jvm scala latency gc tuning performance)

  • grpc.io

    Binary message marshalling, client/server stubs generated by an IDL compiler, bidirectional binary protocol. CORBA is back from the dead! Intro blog post: http://googledevelopers.blogspot.ie/2015/02/introducing-grpc-new-open-source-http2.html Relevant: Steve Vinoski’s commentary on protobuf-rpc back in 2008: http://steve.vinoski.net/blog/2008/07/13/protocol-buffers-leaky-rpc/

    (tags: http rpc http2 netty grpc google corba idl messaging)

Posted in Uncategorized | 3 Responses

Links for 2015-02-25

Posted in Uncategorized | Leave a comment

Links for 2015-02-24

Posted in Uncategorized | Leave a comment

Links for 2015-02-23

Posted in Uncategorized | 2 Responses

Links for 2015-02-22

Posted in Uncategorized | Leave a comment

Links for 2015-02-20

  • 2015-02-19 GCE outage

    40 minutes of multi-zone network outage for majority of instances. ‘The internal software system which programs GCE’s virtual network for VM egress traffic stopped issuing updated routing information. The cause of this interruption is still under active investigation. Cached route information provided a defense in depth against missing updates, but GCE VM egress traffic started to be dropped as the cached routes expired.’ I wonder if Google Pimms fired the alarms for this ;)

    (tags: google outages gce networking routing pimms multi-az cloud)

  • Listen to a song made from data lost during MP3 conversion

    Ryan McGuire, a PhD student in Composition and Computer Technologies at the University of Virginia Center for Computer Music, has created the project The Ghost In The MP3 [....] For his first trick, McGuire took Suzanne Vega’s ‘Tom’s Diner’ and drained it into a vaporous piece titled ‘moDernisT.” McGuire chose the track he explains on his site because it was famously used as one of the main controls in the listening tests used to develop the MP3 algorithm.

    (tags: mp3 music suzanne-vega compression)

Posted in Uncategorized | Leave a comment

Links for 2015-02-19

  • pcp2graphite

    A gateway script, now included in PCP

    (tags: pcp2graphite pcp graphite ops metrics system)

  • Performance Co-Pilot

    System performance metrics framework, plugged by Netflix, open-source for ages

    (tags: open-source pcp performance system metrics ops red-hat netflix)

  • Superfish: A History Of Malware Complaints And International Surveillance – Forbes

    Superfish, founded and led by former Intel employee and ex-surveillance boffin Adi Pinhas, has been criticised by users the world over since its inception in 2006.

    (tags: superfish lenovo privacy surveillance ads java windows mac firefox pups ssl tls ad-injection komodia)

  • The Superfish certificate has been cracked, exposing Lenovo users to attack | The Verge

    The cracked certificate exposes Lenovo users to man-in-the-middle attacks, similar to those opened up by Heartbleed. Armed with this password and the right software, a coffee shop owner could potentially spy on any Lenovo user on her network, collecting any passwords that were entered during the session. The evil barista could also insert malware into the data stream at will, disguised as a software update or a trusted site.
    Amazingly stupid.

    (tags: superfish inept ca ssl tls lenovo mitm security)

  • Police have asked Dropcam for video from people’s home cameras — Fusion

    “Like any responsible father, Hugh Morrison had installed cameras in every room in the flat,” is the opening line of Intrusion, a 2012 novel set in the near future. Originally installed so that Hugh and his wife can keep an eye on their kids, the Internet-connected cameras wind up being used later in the novel by police who tap into the feeds to monitor the couple chatting on their couch when they are suspected of anti-societal behavior. As with so many sci-fi scenarios, the novel’s vision was prophetic. People are increasingly putting small Internet-connected cameras into their homes. And law enforcement officials are using the cameras to collect evidence about them.

    (tags: privacy dropcam cameras surveillance law-enforcement)

  • Extracting the SuperFish certificate

    not exactly the most challenging reverse I’ve ever seen ;)

    (tags: reverse-engineering security crypto hacking tls ssl superfish lenovo)

  • The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle

    Holy shit. Gemalto totally rooted.

    With [Gemalto's] stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt. [...] According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto.

    (tags: encryption security crypto nsa gchq gemalto smartcards sim-cards privacy surveillance spying)

  • One year of InfluxDB and the road to 1.0

    half of the [Monitorama] attendees were employees and entrepreneurs at monitoring, metrics, DevOps, and server analytics companies. Most of them had a story about how their metrics API was their key intellectual property that took them years to develop. The other half of the attendees were developers at larger organizations that were rolling their own DevOps stack from a collection of open source tools. Almost all of them were creating a “time series database” with a bunch of web services code on top of some other database or just using Graphite. When everyone is repeating the same work, it’s not key intellectual property or a differentiator, it’s a barrier to entry. Not only that, it’s something that is hindering innovation in this space since everyone has to spend their first year or two getting to the point where they can start building something real. It’s like building a web company in 1998. You have to spend millions of dollars and a year building infrastructure, racking servers, and getting everything ready before you could run the application. Monitoring and analytics applications should not be like this.

    (tags: graphite monitoring metrics tsd time-series analytics influxdb open-source)

  • Sysdig Cloud’s JMX Metrics

    Sysdig Cloud users have the ability to view and analyze Java Management Extensions (JMX) metrics out of the box with no additional configuration or setup required.

    (tags: sysdig jmx java jvm)

  • Will the madness never end? Komodia SSL certificates are EVERYWHERE

    I think that at this point it is safe to assume that any SSL interception product sold by Komodia or based on the Komodia SDK is going to be using the same method. What does this mean? Well, this means that those dodgy certificates aren’t limited to Lenovo laptops sold over a specific date range. It means that anyone who has come into contact with a Komodia product, or who has had some sort of Parental Control software installed on their computer should probably check to see if they are affected.

    (tags: komodia via:jgc ssl lenovo parental-control censorware mitm)

Posted in Uncategorized | Leave a comment

Links for 2015-02-18

Posted in Uncategorized | Leave a comment

Links for 2015-02-17

Posted in Uncategorized | Leave a comment

Links for 2015-02-16

Posted in Uncategorized | Leave a comment

Links for 2015-02-13

  • Slack’s coming to Dublin

    Butterfield insists that Slack improves on the basic messaging functionality offered by its predecessors. The company plans to expand from 100 employees to 250 this year, open an office in Dublin, and launch a version that supports large companies with multiple teams.

    (tags: slack messaging chat dublin ireland jobs tech)

  • yahoo/kafka-manager

    A tool for managing Apache Kafka. It supports the following : Manage multiple clusters; Easy inspection of cluster state (topics, brokers, replica distribution, partition distribution); Run preferred replica election; Generate partition assignments (based on current state of cluster); Run reassignment of partition (based on generated assignments)

    (tags: yahoo kafka ops tools)

  • Vaurien, the Chaos TCP Proxy — Vaurien 1.8 documentation

    Vaurien is basically a Chaos Monkey for your TCP connections. Vaurien acts as a proxy between your application and any backend. You can use it in your functional tests or even on a real deployment through the command-line. Vaurien is a TCP proxy that simply reads data sent to it and pass it to a backend, and vice-versa. It has built-in protocols: TCP, HTTP, Redis & Memcache. The TCP protocol is the default one and just sucks data on both sides and pass it along. Having higher-level protocols is mandatory in some cases, when Vaurien needs to read a specific amount of data in the sockets, or when you need to be aware of the kind of response you’re waiting for, and so on. Vaurien also has behaviors. A behavior is a class that’s going to be invoked everytime Vaurien proxies a request. That’s how you can impact the behavior of the proxy. For instance, adding a delay or degrading the response can be implemented in a behavior. Both protocols and behaviors are plugins, allowing you to extend Vaurien by adding new ones. Last (but not least), Vaurien provides a couple of APIs you can use to change the behavior of the proxy live. That’s handy when you are doing functional tests against your server: you can for instance start to add big delays and see how your web application reacts.

    (tags: proxy tcp vaurien chaos-monkey testing functional-testing failures sockets redis memcache http)

  • Embed-able Computers are a Thing. — February 12, 2015

    ‘If it works, a copy of Burgertime for DOS is now in your browser, clickable from my entry. If it doesn’t… well, no Burgertime for you. (Unless you visit the page.) There’s a “share this” link in the new archive.org interface for sharing these in-browser emulations in web pages, weblogs and who knows what else.’

    (tags: sharing embeds html javascript emulation msdos burgertime games archive.org)

  • China’s Internet Censors Now Have Their Own Theme Song, And It Is Glorious – China Real Time Report – WSJ

    According to a report posted Thursday to the website of the state-run China Youth Daily, the Cyberspace Administration of China choral group this week unveiled a new song, “Cyberspace Spirit,” glorifying the cleanliness and clarity of China’s uniquely managed Internet. The song, an orchestral march built around a chorus that proclaims China’s ambition to become an “Internet power,” opens with lyrics describing celestial bodies keeping careful watch over the sky. From there, the lyrics conjure more vivid imagery, comparing the Internet to “a beam of incorruptible sunlight” that unites “the powers of life from all creation.”

    (tags: china great-firewall censorship music songs cyberspace-spirit omgwtfbbq)

Posted in Uncategorized | Comments closed

Links for 2015-02-12

Posted in Uncategorized | Comments closed

Links for 2015-02-11

  • Automating Tinder with Eigenfaces

    While my friends were getting sucked into “swiping” all day on their phones with Tinder, I eventually got fed up and designed a piece of software that automates everything on Tinder.
    This is awesome. (via waxy)

    (tags: via:waxy tinder eigenfaces machine-learning k-nearest-neighbour algorithms automation ai)

  • RateLimitedLogger

    Our latest open source release from Swrve Labs: an Apache-licensed, SLF4J-compatible, simple, fluent API for rate-limited logging in Java: ‘A RateLimitedLog object tracks the rate of log message emission, imposes an internal rate limit, and will efficiently suppress logging if this is exceeded. When a log is suppressed, at the end of the limit period, another log message is output indicating how many log lines were suppressed. This style of rate limiting is the same as the one used by UNIX syslog; this means it should be comprehensible, easy to predict, and familiar to many users, unlike more complex adaptive rate limits.’ We’ve been using this in production for months — it’s pretty nifty ;) Never fear your logs again!

    (tags: logs logging coding java open-source swrve slf4j rate-limiting libraries)

Posted in Uncategorized | Comments closed

Links for 2015-02-10

Posted in Uncategorized | Comments closed

Links for 2015-02-09

Posted in Uncategorized | Comments closed

Links for 2015-02-08

Posted in Uncategorized | Comments closed

Links for 2015-02-06

Posted in Uncategorized | Comments closed

Links for 2015-02-05

Posted in Uncategorized | Comments closed

Links for 2015-02-03

Posted in Uncategorized | Comments closed

Links for 2015-02-02

  • A Quiet Defense of Patterns

    Marc Brooker: ‘When it comes to building working software in the long term, the emotional pursuit of craft is not as important as the human pursuit of teamwork, or the intellectual pursuit of correctness. Patterns is one of the most powerful ideas we have. The critics may be right that it devalues the craft, but we would all do well to remember that the craft of software is a means, not an end.’

    (tags: marc-brooker design-patterns coding software teamwork)

  • One Hundred Miles of Solitude

    Via Walter, the best description of the appeal of Minecraft I’ve read:

    Minecraft is exceptionally good at intrinsic narrative. It recognises, preserves and rewards everything you do. It presses you to play frontiersman. A Minecraft world ends up dotted with torchlit paths, menhirs, landmarks, emergency caches. Here’s the hole where you dug stone for your first house. Here’s the causeway you built from your spawn point to a handy woodland. Here’s the crater in the landscape where the exploding monster took out you and your wheatfield at once. And, of course, here’s your enormous castle above a waterfall. There’s no utility in building anything bigger than a hut, but the temptations of architecture are irresistible. Minecraft isn’t so much a world generator as a screenshot-generator and a war-story generator. This is what will get the game the bulk of its critical attention, and deservedly so. That’s why I want to call attention to the extrinsic narrative. It’s minimal, implicit,  accidental and very powerful. It’s this: you wake alone beside an endless sea in a pristine, infinite wilderness. The world is yours. You can literally sculpt mountains, with time and effort. You’ll die and be reborn on the beach where you woke first. You’ll walk across the world forever and never see another face. You can build a whole empire of roads and palaces and beacon towers, and the population of that empire will only ever be you. When you leave, your towers will stand empty forever. I haven’t seen that surfaced in a game before. It’s strong wine.

    (tags: minecraft narrative gaming games story)

  • Backstage Blog – Prometheus: Monitoring at SoundCloud – SoundCloud Developers

    whoa, this is pretty excellent. The major improvement over a graphite-based system would be the multi-dimensional tagging of metrics, which we currently have to do by simply expanding the graphite metric’s name to encompass all those dimensions and use searching at query time, inefficiently.

    (tags: monitoring soundcloud prometheus metrics service-metrics graphite alerting)

  • ‘Prometheus instrumentation library for JVM applications’

    Good example of a clean java OSS release, from Soundcloud. will be copying bits of this myself soon…

    (tags: prometheus java libraries oss github sonatype maven releases)

  • Google Java Style

    A good set of basic, controversy-free guidelines for clean java code style

    (tags: style java google coding guidelines formatting coding-standards)

  • A Brief History of NSA Backdoors

    from 1946 to present

    (tags: nsa security backdoors sigint actel dual_ec_drbg crypto-ag crypto)

  • Study: You Can’t Change an Anti-Vaxxer’s Mind

    According to a major new study in the journal ‘Pediatrics’, trying to [persuade anti-vaxxers to vaccinate] may actually make the problem worse. The paper tested the effectiveness of four separate pro-vaccine messages, three of which were based very closely on how the Centers for Disease Control and Prevention (CDC) itself talks about vaccines. The results can only be called grim: Not a single one of the messages was successful when it came to increasing parents’ professed intent to vaccinate their children. And in several cases the messages actually backfired, either increasing the ill-founded belief that vaccines cause autism or even, in one case, apparently reducing parents’ intent to vaccinate.

    (tags: vaccination health measles mmr autism facts via:mrneutron stupidity cdc papers vaccines)

  • Coining “Dysguria”

    “dysaguria” is the perfect noun, and “dysagurian” is the perfect adjective, to describe the eponymous company in Dave Eggers’ The Circle. It’s not in the same league as Orwell, or Huxley, or Bradbury, or Burgess. But it does raise very important questions about what could possibly go wrong if one company controlled all the world’s information. In the novel, the company operates according to the motto “all that happens must be known”; and one of its bosses, Eamon Bailey, encourages everywoman employee Mae Holland to live an always-on (clear, transparent) life according the maxims “secrets are lies”, “sharing is caring”, and “privacy is theft”. Eggers’s debts to dystopian fiction are apparent. But, whereas writers like Orwell, Huxley, Bradbury, and Burgess were concerned with totalitarian states, Eggers is concerned with a totalitarian company. However, the noun “dystopia” and the adjective “dystopian” – perfect though they are for the terror of military/security authoritarianism in 1984, or Brave new World, or Farenheit 451, or A Clockwork Orange – do not to my mind encapsulate the nightmare of industrial/corporate tyranny in The Circle. On the other hand, “dysaguria” as a noun and “dysagurian” as an adjective, in my view really do capture the essence of that “frightening company”.

    (tags: dysaguria dystopia future sf authoritarianism surveillance the-circle google facebook)

  • A NetHack bot ascends!

    Via negatendo: ‘I would like to share my excitement about the fact that after almost a year of development, an instance of my NetHack bot has finally managed to ascend a game for the first time without human interventions, wizard mode cheats or bones stuffing, and did so at the public server at acehack.de.’ The bot is written in Clojure. Apparently ‘pudding farming’ did the trick…

    (tags: clojure via:negatendo pudding-farming games nethack bots)

Posted in Uncategorized | Comments closed

Links for 2015-01-31

Posted in Uncategorized | Comments closed

Links for 2015-01-30

  • H.P. Lovecat

    Because there exists no method known to man, more terribly suited to expose the cosmic meaningless of existence than pairing the words of H.P. Lovecraft with seemingly delightful and charming pictures of adorable kittens.

    (tags: lovecraft cthulhu horror funny kittens cats images gif)

  • 8 gdb tricks you should know (Ksplice Blog)

    These are very good — bookmarking for the next time I’m using gdb, probably about 3 years from now

    (tags: c debugging gdb c++ tips coding)

  • EFF’s Game Plan for Ending Global Mass Surveillance

    For years, we’ve been working on a strategy to end mass surveillance of digital communications of innocent people worldwide. Today we’re laying out the plan, so you can understand how all the pieces fit together—that is, how U.S. advocacy and policy efforts connect to the international fight and vice versa. Decide for yourself where you can get involved to make the biggest difference. This plan isn’t for the next two weeks or three months. It’s a multi-year battle that may need to be revised many times as we better understand the tools and authorities of entities engaged in mass surveillance and as more disclosures by whistleblowers help shine light on surveillance abuses.

    (tags: eff privacy nsa surveillance gchq law policy us-politics)

  • No POD

    This group aims to consolidate opposition, give clear information and support letter writing and information awareness against the Dept. of Education’s Primary Online Database.

    (tags: pod ireland privacy data-protection children kids schools)

  • Apple Pay suffering fraud problems

    Fraud in Apple Pay will in time, come to be managed – but the fact that easily available PII can waylay best in class protection should give us all pause.

    (tags: fraud apple apple-pay pii identity-theft)

  • Excellent example of failed “anonymisation” of a dataset

    Fred Logue notes how this failed Mayo TD Michelle Mulherin:

    From recent reports it mow appears that the Department of Education is discussing anonymisation of the Primary Online Database with the Data Protection Commissioner. Well someone should ask Mayo TD Michelle Mulherin how anonymisation is working for her. The Sunday Times reports that Ms Mulherin was the only TD in the Irish parliament on the dates when expensive phone calls were made to a mobile number in Kenya. The details of the calls were released under the Freedom of Information Act in an “anonymised” database. While it must be said the fact that Ms Mulherin was the only TD present on those occasions does not prove she made the calls – the reporting in the press is now raising the possibility that it was her. From a data protection point of view this is a perfect example of the difficulty with anonymisation. Data protection rules apply to personal data which is defined as data relating to a living individual who is or can be identified from the data or from the data in conjunction with other information. Anonymisation is often cited as a means for processing data outside the scope of data protection law but as Ms Mulherin has discovered individuals can be identified using supposedly anonymised data when analysed in conjunction with other data. In the case of the mysterious calls to Kenya even though the released information was “anonymised” to protect the privacy of public representatives, the phone log used in combination with the attendance record of public representatives and information on social media was sufficient to identify individuals and at least raise evidence of association between individuals and certain phone calls. While this may be well and good in terms of accounting for abuses of the phone service it also has worrying implications for the ability of public representatives to conduct their business in private. The bottom line is that anonymisation is very difficult if not impossible as Ms Mulherin has learned to her cost. It certainly is a lot more complex than simply removing names and other identifying features from a single dataset. The more data that there is and the more diverse the sources the greater the risk that individuals can be identified from supposedly anonymised datasets.

    (tags: data anonymisation fred-logue ireland michelle-mulherin tds kenya data-protection privacy)

Posted in Uncategorized | Comments closed

Links for 2015-01-29

Posted in Uncategorized | Comments closed

Links for 2015-01-27

Posted in Uncategorized | Comments closed

Links for 2015-01-26

Posted in Uncategorized | Comments closed

Links for 2015-01-25

Posted in Uncategorized | Comments closed

Links for 2015-01-24

  • How to Catch a Terrorist – The New Yorker

    This is spot on —

    By flooding the system with false positives, big-data approaches to counterterrorism might actually make it harder to identify real terrorists before they act. Two years before the Boston Marathon bombing, Tamerlan Tsarnaev, the older of the two brothers alleged to have committed the attack, was assessed by the city’s Joint Terrorism Task Force. They determined that he was not a threat. This was one of about a thousand assessments that the Boston J.T.T.F. conducted that year, a number that had nearly doubled in the previous two years, according to the Boston F.B.I. As of 2013, the Justice Department has trained nearly three hundred thousand law-enforcement officers in how to file “suspicious-activity reports.” In 2010, a central database held about three thousand of these reports; by 2012 it had grown to almost twenty-eight thousand. “The bigger haystack makes it harder to find the needle,” Sensenbrenner told me. Thomas Drake, a former N.S.A. executive and whistle-blower who has become one of the agency’s most vocal critics, told me, “If you target everything, there’s no target.”

    (tags: terrorism false-positives filtering detection jttf nsa fbi surveillance gchq)

  • Politwoops

    ‘All deleted tweets from politicians’. Great idea

    (tags: delete twitter politics politicians ireland social-media news)

  • Zoë Keating on getting a shitty deal from Google’s new Music Key licensing

    The Youtube music service was introduced to me as a win win and they don’t understand why I don’t see it that way. “We are trying to create a new revenue stream on top of the platform that exists today.” A lot of people in the music industry talk about Google as evil. I don’t think they are evil. I think they, like other tech companies, are just idealistic in a way that works best for them. I think this because I used to be one of them. The people who work at Google, Facebook, etc can’t imagine how everything they make is not, like, totally awesome. If it’s not awesome for you it’s because you just don’t understand it yet and you’ll come around. They can’t imagine scenarios outside their reality and that is how they inadvertently unleash things like the algorithmic cruelty of Facebook’s yearly review (which showed me a picture I had posted after a doctor told me my husband had 6-8 weeks to live).

    (tags: google business music youtube zoe-keating music-key licensing tech)

  • Smash the Engine

    Jacobin Magazine on the revolutionary political allegory in “Snowpiercer”: ‘If Snowpiercer had merely told the tale of an oppressed working class rising up to seize power from an evil overlord, it would already have been an improvement over most of the political messages in mainstream cinema. There are all sorts of nice touches in its portrayal of a declining capitalism that can maintain its ideological legitimacy even when it literally has no more bullets in its guns. But the story Bong tells goes beyond that. It’s about the limitations of a revolution which merely takes over the existing social machinery rather than attempting to transcend it. ‘

    (tags: dystopia revolution snowpiercer movies marxism sf politics)

  • Debunking The Dangerous “If You Have Nothing To Hide, You Have Nothing To Fear”

    A great resource bookmark from Falkvinge.

    There are at least four good reasons to reject this argument solidly and uncompromisingly: The rules may change, it’s not you who determine if you’re guilty, laws must be broken for society to progress, and privacy is a basic human need.

    (tags: nsa politics privacy security surveillance gchq rick-falkvinge society)

Posted in Uncategorized | Comments closed

Links for 2015-01-23

Posted in Uncategorized | Comments closed

Links for 2015-01-20

Posted in Uncategorized | Comments closed

Links for 2015-01-19

  • carbon-c-relay

    A much better carbon-relay, written in C rather than Python. Linking as we’ve been using it in production for quite a while with no problems.

    The main reason to build a replacement is performance and configurability. Carbon is single threaded, and sending metrics to multiple consistent-hash clusters requires chaining of relays. This project provides a multithreaded relay which can address multiple targets and clusters for each and every metric based on pattern matches.

    (tags: graphite carbon c python ops metrics)

  • Surveillance of social media not way to fight terrorism – Minister

    Blanket surveillance of social media is not the solution to combating terrorism and the rights of the individual to privacy must be protected, Data Protection Minister Dara Murphy said on Monday. [He] said Ireland and the European Union must protect the privacy rights of individuals on social media. “Freedom of expression, freedom of movement, and the protection of privacy are core tenets of the European Union, which must be upheld.”

    (tags: dara-murphy data-protection privacy surveillance europe eu ireland social-media)

Posted in Uncategorized | Comments closed

Links for 2015-01-18

  • Amazing comment from a random sysadmin who’s been targeted by the NSA

    ‘Here’s a story for you. I’m not a party to any of this. I’ve done nothing wrong, I’ve never been suspected of doing anything wrong, and I don’t know anyone who has done anything wrong. I don’t even mean that in the sense of “I pissed off the wrong people but technically haven’t been charged.” I mean that I am a vanilla, average, 9-5 working man of no interest to anybody. My geographical location is an accident of my birth. Even still, I wasn’t accidentally born in a high-conflict area, and my government is not at war. I’m a sysadmin at a legitimate ISP and my job is to keep the internet up and running smoothly. This agency has stalked me in my personal life, undermined my ability to trust my friends attempting to connect with me on LinkedIn, and infected my family’s computer. They did this because they wanted to bypass legal channels and spy on a customer who pays for services from my employer. Wait, no, they wanted the ability to potentially spy on future customers. Actually, that is still not accurate – they wanted to spy on everybody in case there was a potentially bad person interacting with a customer. After seeing their complete disregard for anybody else, their immense resources, and their extremely sophisticated exploits and backdoors – knowing they will stop at nothing, and knowing that I was personally targeted – I’ll be damned if I can ever trust any electronic device I own ever again. You all rationalize this by telling me that it “isn’t surprising”, and that I don’t live in the [USA,UK] and therefore I have no rights. I just have one question. Are you people even human?’

    (tags: nsa via:ioerror privacy spying surveillance linkedin sysadmins gchq security)

  • DRI’s Unchanged Position on Eircode

    ‘Broadly, they are satisfied with what we are doing’ versus: ‘We have deep concerns about the Eircode initiative… We want to state clearly that we are not at all ‘satisfied’ with the postcode that has been designed or the implementation proposals.’

    (tags: dri ireland eircode postcodes privacy data-protection quotes misrepresentation)

Posted in Uncategorized | Comments closed

Links for 2015-01-17

  • Misogyny in the Valley

    The young women interns [in one story in this post] worked in a very different way. As I explored their notes, I noticed that ideas were expanded upon, not abandoned. Challenges were identified, but the male language so often heard in Silicon Valley conference rooms – “Well, let me tell you what the problem with that idea is….” – was not in the room.  These young women, without men to define the “appropriate business behavior,” used different behaviors and came up with a startling and valuable solution. They showed many of the values that exist outside of dominance-based leadership: strategic thinking, intuition, nurturing and relationship building, values-based decision-making and acceptance of other’s input. Women need space to be themselves at work. Until people who have created their success by worshipping at the temple of male behavior, like Sheryl Sandberg, learn to value alternate behaviors, the working world will remain a foreign and hostile culture to women. And if we do not continuously work to build corporate cultures where there is room for other behaviors, women will be cast from or abandoned in a world not of our making, where we continuously “just do not fit in,” but where we still must go to earn our livings.

    (tags: sexism misogyny silicon-valley tech work sheryl-sandberg business collaboration)

  • Are you better off running your big-data batch system off your laptop?

    Heh, nice trolling.

    Here are two helpful guidelines (for largely disjoint populations): If you are going to use a big data system for yourself, see if it is faster than your laptop. If you are going to build a big data system for others, see that it is faster than my laptop. [...] We think everyone should have to do this, because it leads to better systems and better research.

    (tags: graph coding hadoop spark giraph graph-processing hardware scalability big-data batch algorithms pagerank)

  • BBC uses RIPA terrorism laws to catch TV licence fee dodgers in Northern Ireland

    Give them the power, they’ll use that power. ‘A document obtained under Freedom of Information legislation confirms the BBC’s use of RIPA in Northern Ireland. It states: “The BBC may, in certain circumstances, authorise under the Regulation of Investigatory Powers Act 2000 and Regulation of Investigatory Powers (British Broadcasting Corporation) Order 2001 the lawful use of detection equipment to detect unlicensed use of television receivers… the BBC has used detection authorised under this legislation in Northern Ireland.”‘

    (tags: ripa privacy bbc tv license-fee uk northern-ireland law scope-creep)

  • Australia tries to ban crypto research – by ACCIDENT • The Register

    Researchers are warned off [discussing] 512-bits-plus key lengths, systems “designed or modified to perform cryptanalytic functions, or “designed or modified to use ‘quantum cryptography’”. [....] “an email to a fellow academic could land you a 10 year prison sentence”.
    https://twitter.com/_miw/status/556023024009224192 notes ‘the DSGL 5A002 defines it as >512bit RSA, >512bit DH, >112 bit ECC and >56 bit symmetric ciphers; weak as fuck i say.’

    (tags: law australia crime crypto ecc rsa stupidity fail)

Posted in Uncategorized | Comments closed

Links for 2015-01-16

  • A Case Study of Toyota Unintended Acceleration and Software Safety

    I drive a Toyota, and this is scary stuff. Critical software systems need to be coded with care, and this isn’t it — they don’t even have a bug tracking system!

    Investigations into potential causes of Unintended Acceleration (UA) for Toyota vehicles have made news several times in the past few years. Some blame has been placed on floor mats and sticky throttle pedals. But, a jury trial verdict was based on expert opinions that defects in Toyota’s Electronic Throttle Control System (ETCS) software and safety architecture caused a fatal mishap.  This talk will outline key events in the still-ongoing Toyota UA litigation process, and pull together the technical issues that were discovered by NASA and other experts. The results paint a picture that should inform future designers of safety critical software in automobiles and other systems.

    (tags: toyota safety realtime coding etcs throttle-control nasa code-review embedded)

Posted in Uncategorized | Comments closed

Links for 2015-01-15

  • Group warns of postcode project dangers | Irish Examiner

    “We have spoken to the National Consumer Agency, logistics companies and Digital Rights Ireland, with which we have had an indepth conversation to see if there is anything in the proposal that might be considered to have an impact on anyone’s privacy. Broadly, they are satisfied with what we are doing,” [Patricia Cronin, head of the Department of Communications’ postcodes division] told the committee. However in his letter, [DRI's] O’Lachtnain said the group “want to state clearly that we are not at all ‘satisfied’ with the postcode that has been designed or the implementation proposals”.
    Some nerve!

    (tags: dri nca privacy patricia-cronin goverment postcodes eircode dpc ireland)

Posted in Uncategorized | Comments closed

Links for 2015-01-14

  • Of Course 23andMe’s Plan Has Been to Sell Your Genetic Data All Along

    Today, 23andMe announced what Forbes reports is only the first of ten deals with big biotech companies: Genentech will pay up to $60 million for access to 23andMe’s data to study Parkinson’s. You think 23andMe was about selling fun DNA spit tests for $99 a pop? Nope, it’s been about selling your data all along.

    (tags: testing ethics dna genentech 23andme parkinsons diseases health privacy)

  • Facette

    Really nice time series dashboarding app. Might consider replacing graphitus with this…

    (tags: time-series data visualisation graphs ops dashboards facette)

  • Getting good cancer care through 3D printing

    This is pretty incredible.

    Balzer downloaded a free software program called InVesalius, developed by a research center in Brazil to convert MRI and CT scan data to 3D images. He used it to create a 3D volume rendering from Scott’s DICOM images, which allowed him to look at the tumor from any angle. Then he uploaded the files to Sketchfab and shared them with neurosurgeons around the country in the hope of finding one who was willing to try a new type of procedure. Perhaps unsurprisingly, he found the doctor he was looking for at UPMC, where Scott had her thyroid removed. A neurosurgeon there agreed to consider a minimally invasive operation in which he would access the tumor through Scott’s left eyelid and remove it using a micro drill. Balzer had adapted the volume renderings for 3D printing and produced a few full-size models of the front section of Scott’s skull on his MakerBot. To help the surgeon vet his micro drilling idea and plan the procedure, Balzer packed up one of the models and shipped it off to Pittsburgh.

    (tags: diy surgery health cancer tumours medicine 3d-printing 3d scanning mri dicom)

Posted in Uncategorized | Comments closed

Links for 2015-01-13

Posted in Uncategorized | Comments closed

Links for 2015-01-12

Posted in Uncategorized | Comments closed

Links for 2015-01-11

Posted in Uncategorized | Comments closed

Links for 2015-01-10

Posted in Uncategorized | Comments closed