Archives

Lessons in website security anti-patterns by Tesco : Troy Hunt, an Aussie software architect working on a .Net security product called ASafaWeb, does a great job extensively deconstructing Tesco’s appalling website security on their shopping site. In the process, he gets this wonderful tweet from their customer-care account: “@troyhunt Let me assure you that all customer passwords are stored securely & in line with industry standards across online retailers.” As he says, this is a clear demonstration that Tesco is in the first stage of the four stages of competence — “unconscious incompetence”: “The individual does not understand or know how to do something and does not necessarily recognise the deficit.” ( http://en.wikipedia.org/wiki/Four_stages_of_competence )
(tags: tesco security passwords web http https ssl funny dot-net shopping uk customer-care)

Accident: Ryanair B738 and American B763 at Barcelona on Apr 14th 2011 : An accident report concerning a Ryanair flight.

An American Airlines Boeing 767-300, registration N366AA performing flight AA-67 from Barcelona,SP (Spain) to New York JFK, NY (USA), had taxied to the holding point runway 25L and was holding short of the runway. A Ryanair Boeing 737-800, registration EI-EKB performing flight FR-8136 from Barcelona,SP (Spain) to Ibiza,SP (Spain) with 169 passengers and 6 crew, was taxiing along Barcelona’s taxiway K for departure from runway 25L and was maneouvering to pass behind the Boeing 767-300. A number of passengers on board of the Boeing 737-800 observed the right hand wing of the aircraft contact the tailplane of the Boeing 767-300 and rose out of their seats attracting the attention of a flight attendant. A passenger told the flight attendant, that their aircraft had hit the aircraft besides them. The flight attendant contacted the purser, who instructed her to contact the flight deck, she contacted the flight deck and informed the captain that passengers had seen their aircraft had hit another aircraft. The captain responded however everything was fine and she continued with the takeoff about 2 minutes after the Boeing 767. Immediately after departure the passengers insisted the flight was not safe and they had collided with another aircraft, one of the passengers identified himself as an engineer. The flight attendant told the engineer that the captain had been informed and had told everything was fine. No further information was forwarded to the flight deck. After landing in Ibiza, while disembarking, the passengers again spoke up claiming the flight had been unsafe. During the turnaround the flight attendant informed the purser that one of the passengers observing the collision was an engineer. Neither approached the flight crew however. Following the return flight FR-8137 the purser talked to the captain and informed her that one of the passengers observing the collision was an engineer. In the following it was identified that the right hand winglet of the Boeing 737-800 had received damage, the Boeing 767-300 was found with damage to the left hand stabilizer following landing in New York.

CIAIAC report : The official report on that Ryanair/AA collision in Barcelona in July 2011, on pages 211-255.
(tags: collisions safety travel air ryanair)

Practical machine learning tricks from the KDD 2011 best industry paper : Wow, this is a fantastic paper. It’s a Google paper on detecting scam/spam ads using machine learning — but not just that, it’s how to build out such a classifier to production scale, and make it operationally resilient, and, indeed, operable. I’ve come across a few of these ideas before, and I’m happy to say I might have reinvented a few (particularly around the feature space), but all of them together make extremely good sense. If I wind up working on large-scale classification again, this is the first paper I’ll go back to. Great info! (via Toby diPasquale.)
(tags: classification via:codeslinger training machine-learning google ops kdd best-practices anti-spam classifiers ensemble map-reduce)