Prodigy software patents invoked in suit against GroupOn. Patent troll mode activated :( (via Paul Graham)
yay, DRM. “It is important that you transfer your purchased NOOK Books to ensure access”
Keep in mind that it took from the dawn of the industrial age until last October to reach the first 1.0 degree Celsius, and we’ve come as much as an extra 0.4 degrees further in just the last five months. Even accounting for the margin of error associated with these preliminary datasets, that means it’s virtually certain that February handily beat the record set just last month for the most anomalously warm month ever recorded. That’s stunning.eek.
Mannix Flynn makes a persuasive case to preserve the last remaining Magdalene Laundry still standing:
Memory is something that fights an eternal battle with the passage of time and forgetfulness. Time is a great healer for those who can heal and those who are offered healing. There is no healing here. Time stands still like a festering wound in a well-to-do suburb as somebody attempts to erase a grave and mortal wrong. The McAleese report, the Justice for the Magdalenes, the hundreds of women still alive and their families should know of this place. Should be present here to witness what can only be witnessed by them. So that they can understand what’s lost, what cannot be given. What was taken from them for generations.
The latest SSL security hole. ‘DROWN shows that merely supporting SSLv2 is a threat to modern servers and clients. It allows an attacker to decrypt modern TLS connections between up-to-date clients and servers by sending probes to a server that supports SSLv2 and uses the same private key.’
Excellent drawing books from Chris Judge and his brother Andrew. gotta get this: ‘WELCOME TO DOODLETOWN, the home of the Doodles. It is a very nice town, except for one SMALL problem. Everything is half drawn with bits and pieces missing! The Doodles are going to need YOUR help. So grab a pen or a pencil and help finish the adventure!’
Excellent explanation of PR-STV and the Irish voting system. Don’t be a Plumper! (via John O’Shea)
“Our concern is that if we lose the case more countries across Europe or elsewhere are going to be concerned about having their data in Ireland, ” Mr Smith said, after testifying before the House judiciary committee. Asked what would happen to its Irish unit if the company loses the case or doesn’t convince Congress to pass updated legislation governing cross-border data held by American companies, the Microsoft executive said: “We’ll certainly face a new set of risks that we don’t face today.” He added that the issue could be resolved by an executive order by the White House or through international negotiations between the Irish Government or the European Union and the US.
At the Bitcoin workshop in Barbados, Malte Möser will present our solution to the Bitcoin private key management problem. Specifically, our paper describes a way to create vaults, special accounts whose keys can be neutralized if they fall into the hands of attackers. Vaults are Bitcoin’s decentralized version of you calling your bank to report a stolen credit card — it renders the attacker’s transactions null and void. And here’s the interesting part: in so doing, vaults demotivate key theft in the first place. An attacker who knows that he will not be able to get away with theft is less likely to attack in the first place, compared to current Bitcoin attackers who are guaranteed that their hacking efforts will be handsomely rewarded.
Maglev is Google’s network load balancer. It is a large distributed software system that runs on commodity Linux servers. Unlike traditional hardware network load balancers, it does not require a specialized physical rack deployment, and its capacity can be easily adjusted by adding or removing servers. Network routers distribute packets evenly to the Maglev machines via Equal Cost Multipath (ECMP); each Maglev machine then matches the packets to their corresponding services and spreads them evenly to the service endpoints. To accommodate high and ever-increasing traffic, Maglev is specifically optimized for packet processing performance. A single Maglev machine is able to saturate a 10Gbps link with small packets. Maglev is also equipped with consistent hashing and connection tracking features, to minimize the negative impact of unexpected faults and failures on connection-oriented protocols. Maglev has been serving Google’s traffic since 2008. It has sustained the rapid global growth of Google services, and it also provides network load balancing for Google Cloud Platform.Something we argued for quite a lot in Amazon, back in the day….
BrewDog releases their beer recipes for free. so cool! ‘So here it is. The keys to our kingdom. Every single BrewDog recipe, ever. So copy them, tear them to pieces, bastardise them, adapt them, but most of all, enjoy them. They are well travelled but with plenty of miles still left on the clock. Just remember to share your brews, and share your results. Sharing is caring.’
Good for science fans, not so hot for real tennis fans.
The former real tennis court building close to the concert hall’s north wing would be used for temporary and visiting exhibitors, with a tunnel connecting it to the science centre. The National Children’s Science Centre is due to open in late 2018 and will also be known as the Exploration Station, said Dr Danny O’Hare, founding president of Dublin City University and chairman of the Exploration Station board since 2006.
holy crap. Nissan expose a public API authenticated _solely_ using the car’s VIN — which is more or less public info; the API allows turning on/off AC, grabbing driving history, etc.
eBay’s software LB, supporting URL matching, comparable to haproxy, built using Netty and Scala. Used in their QA infrastructure it seems
Ugh. This is a security nightmare. Nice work Foscam…
Imagine buying an internet-enabled surveillance camera, network attached storage device, or home automation gizmo, only to find that it secretly and constantly phones home to a vast peer-to-peer (P2P) network run by the Chinese manufacturer of the hardware. Now imagine that the geek gear you bought doesn’t actually let you block this P2P communication without some serious networking expertise or hardware surgery that few users would attempt. This is the nightmare “Internet of Things” (IoT) scenario for any system administrator: The IP cameras that you bought to secure your physical space suddenly turn into a vast cloud network designed to share your pictures and videos far and wide. The best part? It’s all plug-and-play, no configuration necessary!
Death by Random Forest: this project is a horrible misapplication of machine learning. Truly appalling, when a false positive means death:
The NSA evaluates the SKYNET program using a subset of 100,000 randomly selected people (identified by their MSIDN/MSI pairs of their mobile phones), and a a known group of seven terrorists. The NSA then trained the learning algorithm by feeding it six of the terrorists and tasking SKYNET to find the seventh. This data provides the percentages for false positives in the slide above. “First, there are very few ‘known terrorists’ to use to train and test the model,” Ball said. “If they are using the same records to train the model as they are using to test the model, their assessment of the fit is completely bullshit. The usual practice is to hold some of the data out of the training process so that the test includes records the model has never seen before. Without this step, their classification fit assessment is ridiculously optimistic.” The reason is that the 100,000 citizens were selected at random, while the seven terrorists are from a known cluster. Under the random selection of a tiny subset of less than 0.1 percent of the total population, the density of the social graph of the citizens is massively reduced, while the “terrorist” cluster remains strongly interconnected. Scientifically-sound statistical analysis would have required the NSA to mix the terrorists into the population set before random selection of a subset—but this is not practical due to their tiny number. This may sound like a mere academic problem, but, Ball said, is in fact highly damaging to the quality of the results, and thus ultimately to the accuracy of the classification and assassination of people as “terrorists.” A quality evaluation is especially important in this case, as the random forest method is known to overfit its training sets, producing results that are overly optimistic. The NSA’s analysis thus does not provide a good indicator of the quality of the method.
UK open data success story, via Tony Finch:
This LIDAR data bonanza has proved particularly helpful to archaeologists seeking to map Roman roads that have been ‘lost’, some for thousands of years. Their discoveries are giving clues to a neglected chapter in the history of Roman Britain: the roads built to help Rome’s legions conquer and control northern England.
Also known as “Graduate Student Descent”, a common approach to hyperparameter tuning in machine learning — ie. get an intern to sit there tweaking parameters until they find something approximating optimal performance
Valentine’s Day cards for you and yours, from one of cinema’s true visionaries. How do you communicate the depth of your desire? Say it with Cronenberg Valentines.
Let’s see how long this lasts:
Today Sauce Labs is proud to open-source isign. isign can take an iOS app that was authorized to run only on one developer’s phone, and transform it so it can run on another developer’s phone. This is not a hack around Apple’s security. We figured out how Apple’s code signing works and re-implemented it in Python. So now you can use our isign utility anywhere – even on Linux!
‘Indonesia’s government has demanded that instant messaging apps remove stickers featuring same-sex couples, in the latest high-profile attempt to discourage visible homosexuality in the socially conservative country.’ (via fuzzix)
Apple outlaws third-party repairs with vague TouchID-related justifications:
Freelance photographer and self-confessed Apple addict Antonio Olmos says this happened to his phone a few weeks ago after he upgraded his software. Olmos had previously had his handset repaired while on an assignment for the Guardian in Macedonia. “I was in the Balkans covering the refugee crisis in September when I dropped my phone. Because I desperately needed it for work I got it fixed at a local shop, as there are no Apple stores in Macedonia. They repaired the screen and home button, and it worked perfectly.” He says he thought no more about it, until he was sent the standard notification by Apple inviting him to install the latest software. He accepted the upgrade, but within seconds the phone was displaying “error 53” and was, in effect, dead.Now that is scummy.
good roundup of real-world clock skew links
A critique of the “Redlock” locking algorithm from Redis by Martin Kleppman. antirez responds here: http://antirez.com/news/101
looks reasonably usable, although EMR’s crappy UI is still an issue
Awesome post from Dan Luu with data from Google:
The cause [of some mystery widespread 250ms hangs] was kernel throttling of the CPU for processes that went beyond their usage quota. To enforce the quota, the kernel puts all of the relevant threads to sleep until the next multiple of a quarter second. When the quarter-second hand of the clock rolls around, it wakes up all the threads, and if those threads are still using too much CPU, the threads get put back to sleep for another quarter second. The phase change out of this mode happens when, by happenstance, there aren’t too many requests in a quarter second interval and the kernel stops throttling the threads. After finding the cause, an engineer found that this was happening on 25% of disk servers at Google, for an average of half an hour a day, with periods of high latency as long as 23 hours. This had been happening for three years. Dick Sites says that fixing this bug paid for his salary for a decade. This is another bug where traditional sampling profilers would have had a hard time. The key insight was that the slowdowns were correlated and machine wide, which isn’t something you can see in a profile.
Looks like GCM now offers a way to determine if a message got delivered, via the GCM diagnostics console
I can confirm, there is a help forum from the “deutsche telekom”, they say there is a feature called MEC (it’s mainly for setting phone parameters to match their network), active on all their SIM cards, which is not correctly handled by any of the OnePlus Devices (one, two, x) so it writes constantly to flash memory, killing it arround 100.000 writes which is 3-6 weeks.(via Mike Walsh on the Irish tech slack)
As the economist Emily Oster pointed out in her 2013 book Expecting Better, there is also no “proven safe” level of Tylenol or caffeine, and yet both are fine in moderation during pregnancy. Oster pored through reams of research on alcohol and pregnancy for her book and concluded that there is simply no scientific evidence that light drinking during pregnancy impacts a baby’s health. (In one frequently cited 2001 study that suggested light drinking in pregnancy increases the chances of a child displaying aggressive behaviors, the drinkers were also significantly likelier to have taken cocaine during pregnancy.)My wife also followed the paper trail on this issue in the past. In the papers from which these recommendations were derived, the level of drinking at which any effects were observed in babies was when women consumed at least *9 units every day* for the entire pregnancy. That’s an entire bottle of wine, daily!
‘“Spam emails are a large proportion of emails seen in SIGINT [signals intelligence],” reads part of a dense document from the Snowden archive, published by Boing Boing on Tuesday. “GCHQ would like to reduce the impact of spam emails on data storage, processing and analysis.”’ (circa 2011). Steganography, anyone? (via Tony Finch)
‘Lawyers for [a Hungarian news] site said the comments concerned had been taken down as soon as they were flagged. They said making their clients liable for everything readers posted “would have serious adverse repercussions for freedom of expression and democratic openness in the age of Internet”. The ECHR agreed. “Although offensive and vulgar, the incriminated comments did not constitute clearly unlawful speech; and they certainly did not amount to hate speech or incitement to violence,” the judges wrote.’
quine.zip, quine.gz, and quine.tar.gz. Here’s what happens when you mail it through bad AV software: https://twitter.com/FioraAeterna/status/694655296707297281
Great article by Geoff “bldgblog” Manaugh on the ruins of the Nike air-to-air missile emplacements dotted around California. I had absolutely no idea that these — the 1958-era Nike-Hercules missiles, at least — carried 30-kiloton nuclear warheads, intended to be detonated at 50,000 feet *above* the cities they were defending, in order to destroy in-flight bomber formations. Nuclear war was truly bananas.
This is an excellent essay from Cory Doctorow on mass surveillance in the post-Snowden era, and the difference between HUMINT and SIGINT. So much good stuff, including this (new to me) cite for, “Goodhart’s law”, on secrecy as it affects adversarial classification:
The problem with this is that once you accept this framing, and note the happy coincidence that your paymasters just happen to have found a way to spy on everyone, the conclusion is obvious: just mine all of the data, from everyone to everyone, and use an algorithm to figure out who’s guilty. The bad guys have a Modus Operandi, as anyone who’s watched a cop show knows. Find the MO, turn it into a data fingerprint, and you can just sort the firehose’s output into ”terrorist-ish” and ”unterrorist-ish.” Once you accept this premise, then it’s equally obvious that the whole methodology has to be kept from scrutiny. If you’re depending on three ”tells” as indicators of terrorist planning, the terrorists will figure out how to plan their attacks without doing those three things. This even has a name: Goodhart’s law. “When a measure becomes a target, it ceases to be a good measure.” Google started out by gauging a web page’s importance by counting the number of links they could find to it. This worked well before they told people what they were doing. Once getting a page ranked by Google became important, unscrupulous people set up dummy sites (“link-farms”) with lots of links pointing at their pages.
‘Anderson encourages his readers to forward telemarketers to the robot, and is happy to send them recordings of the ensuing conversations. His instructions are below if you’d like to give it a shot.’
The only possible deal that is immediately available is where the European Commission agrees a politically expeditious but legally untenable deal, creating a time bomb rather than a durable deal, to the benefit of no one. In absence of reforms before an agreement, individuals’ fundamental rights would remain under threat.
interactive menu selection for the UNIX command line
It seems git’s default behavior in many situations is — despite communicating objectID by content-addressable hashes which should be sufficient to assure some integrity — it may not actually bother to *check* them. Yes, even when receiving objects from other repos. So, enabling these configuration parameters may “slow down” your git operations. The return is actually noticing if someone ships you a bogus object. Everyone should enable these.
Good explanation and scipy code for the birthday paradox and hash collisions
sync up with the Apple product cycle when you’re buying new hardware
After evaluating a number of platforms, including existing open source projects, we were unable to find one that met all of our needs and decided to set about developing a robust and scalable load balancing platform. The requirements were not exactly complex – we needed the ability to handle traffic for unicast and anycast VIPs, perform load balancing with NAT and DSR (also known as DR), and perform adequate health checks against the backends. Above all we wanted a platform that allowed for ease of management, including automated deployment of configuration changes. One of the two existing platforms was built upon Linux LVS, which provided the necessary load balancing at the network level. This was known to work successfully and we opted to retain this for the new platform. Several design decisions were made early on in the project — the first of these was to use the Go programming language, since it provided an incredibly powerful way to implement concurrency (goroutines and channels), along with easy interprocess communication (net/rpc). The second was to implement a modular multi-process architecture. The third was to simply abort and terminate a process if we ended up in an unknown state, which would ideally allow for failover and/or self-recovery.
cut out and keep PNG for many occasions! “Why is Redis talking to MongoDB?”
Good description of this key feature of decent serialization formats
At the time, many of us citizens thought the State was being craven in the face of the EU but it is now clear that Trichet’s ECB was prepared to let the Irish banks go to the wall, prompting a new bank run in 2010. This is like a hostage situation. The ECB was saying to the Irish government: you managed in September 2008 to prevent a bank run with the guarantee (which should always have been temporary and conditional) but now we are going to threaten you with another bank run – because we are still funding your banks and you must pay all the bondholders and add the cost to the national debt of the country. So the implicit threat was: “We will close the banks, cause a bank run and you will be left to pick up the pieces politically, socially and economically.”
Wow, the deployment thing is pretty hacky
‘# TEMPORARY, I HOPE HOPE HOPE’
Bookmarking so I can follow my own link from https://pinboard.in/u:jmason/t:post-mortems/
SOUND THE POUTINE KLAXON
Dropwizard for Go, basically:
a distributed programming toolkit for building microservices in large organizations. We solve common problems in distributed systems, so you can focus on your business logic.
bookmarking for future use
“Bang Bang”, new fancy deli on Leinster Road North
OMG, this is hilarious. High drama among the arch-druids (via Lisa Carey)
‘In his essay on Income Inequality, Paul Graham credited me for pre-publication feedback. Because he didn’t do much with my comments, I thought I’d publish them here.’ … ‘Mostly, I think you are picking a fight with people who would mostly agree with you, and ignoring the real arguments about what inequality means and why it matters.’
Analysis showed Jack and the Beanstalk was rooted in a group of stories classified as The Boy Who Stole Ogre’s Treasure, and could be traced back to when eastern and western Indo-European languages split – more than 5,000 years ago. Beauty and the Beast and Rumpelstiltskin to be about 4,000 years old. A folk tale called The Smith and the Devil was estimated to date back 6,000 years to the bronze age. The study employed phylogenetic analysis, which was developed to investigate evolutionary relationships between species, and used a tree of Indo-European languages to trace the descent of shared tales on it, to see how far they could be demonstrated to go back in time. Tehrani said: “We find it pretty remarkable these stories have survived without being written. They have been told since before even English, French and Italian existed. They were probably told in an extinct Indo-European language.”
probably totally dodgy where the Oyster rules are concerned, but still pretty damn cool
handy — search Netflix in all regions, then show where the show/movie is available. Probably going to be less handy from now on now that Netflix is blocking region-spoofing
This is full of good points.
Without having a distinct SORT KEY for a geographically distinct area, a postcode is of no real benefit to any type of transport firm or agency. To take one example, Eircode have used the same sort key, F92, for Arranmore (Donegal’s largest inhabited island) and the north western Donegal mainland. Cill Rónáin, Inis Mór, the largest of the Aran Islands, has the same sort key H91, as Connemara and Galway City. Galway city and the Aran Islands may be in a relatively small geographical area, but keen eyes may have noticed that the Aran Islands are separated from the mainland by a small section of the Atlantic Ocean. Sort codes which ignore clear and obvious boundaries, like seas or oceans, need to be redesigned. In two seconds a [UK] website could tell a Hebridean that his delivery will take 4 days at a cost of fifty quid by using the first three characters of the postcode. The Eircode-using Irish equivalent website would need to lookup a large database to tell an Arranmore resident the cost and time for delivery – and they’d need the full exact code. Any mistake made here, and your estimated delivery time, and cost for delivery will be wrong.
Very nifty — autodeploys free wildcard certs to ELBs and Cloudfront. HN discussion thread is pretty good: https://news.ycombinator.com/item?id=10947186
Eric Brandwine details the internal workings of Amazon VPC
Bryan Cantrill gives unikernels a 10-point dismissal. This is great
Excellent flowchart of how to fix common git screwups (via ITC slack)
Karlin Lillington in the Irish Times, going through journos for a shortcut:
All the hand-wringing from journalists, unions and media companies – even politicians and ministers – over the GSOC’s accessing of journalist’s call records? Oh, please. What wilful ignorance, mixed with blatant hypocrisy. Where have you all been for the past decade and a half, as successive Irish governments and ministers for justice supported and then rammed through legislation for mandatory call data retention for one of the longest periods in the world, with some of the weakest legal constraints and oversight?
Good plug for emrfs for encryption
Good explanation of why RSUs are becoming increasingly common
Amazon Echo sends your WiFi password to Amazon. No option to disable. Trust us it’s in an “encrypted file”
ah, <3 the 'batter
This is absolutely appalling. IP law gone mad:
DNC Parks & Resorts at Yosemite, Inc (a division of one of the largest privately owned companies in the world) used to have the concessions to operate various businesses around Yosemite National Park. Now that they’ve been fired, they’re using some decidedly dubious trademark to force the Park Service to change the names of buildings and locations that have stood for as much as a century, including some that have been designated national landmarks. The Parks Service has caved to these requests as it readies the park for its centennial celebration. It will not only change the names of publicly owned landmarks — such as the Ahwahnee hotel, Yosemite Lodge, the Wawona Hotel, Curry Village, and Badger Pass ski area — it will also have to change all its signs, maps and guidebooks.
‘THE DRAGNET: How a man accused of million-dollar fraud uncovered a never before seen, secret surveillance device’
Online chart maker for CSV and Excel data; make charts and dashboards online. One really nice feature is that charts made this way get permalinks, and can be easily inlined as PNGs or HTML5 divs. (See https://www.vividcortex.com/blog/analyzing-sparks-mpp-scalability-with-the-usl for an example.)
Patents ruin everything, CRISPR edition
Nchan is a scalable, flexible pub/sub server for the modern web, built as a module for the Nginx web server. It can be configured as a standalone server, or as a shim between your application and tens, thousands, or millions of live subscribers. It can buffer messages in memory, on-disk, or via Redis. All connections are handled asynchronously and distributed among any number of worker processes. It can also scale to many nginx server instances with Redis. Messages are published to channels with HTTP POST requests or websockets, and subscribed also through websockets, long-polling, EventSource (SSE), old-fashioned interval polling, and more. Each subscriber can listen to up to 255 channels per connection, and can be optionally authenticated via a custom application url. An events meta channel is also available for debugging.Also now supports HTTP/2. This used to be called the Nginx HTTP Push Module, and I used it with great results in that form. This is the way to do HTTP push in all its forms….
A great theory!
I don’t have contact information for Hiroko Okuda, but I am positive that the track she is referring to [as the source of the Casiotone MT-40 "rock" preset] is “Hang Onto Yourself” by David Bowie.
A very US-oriented, but still useful, reference for all the aspects of stock options, RSUs, and other forms of equity compensation
shock horror, Docker-SDN layers have terrible performance. Still pretty lousy perf impacts from basic Docker containerization, presumably without “–net=host” (which is apparently vital)