ramblings about spam, scalability, software development, the web

• Peter Flynn caused the first 404

  Now that’s a great bit of web trivia :) “[UCC’s] first webmaster was the first person to ever break a link on the web, when he moved the location of a webpage on UCC’s servers without telling TimBL. Such a change resulted in the need to error-handle such an occurrence, and the 404 was born”

  (tags: 404 history http web peter-flynn ucc irish-web trivia)

• Credit reference agency Equifax fined for security breach

  The ICO fines Equifax £500K, the maximum amount possible under the old Data Protection Act (via Privacy Kit)

  (tags: via:privacy-kit ico equifax privacy data-protection uk penalties law)

• Muting some magic keywords fixes the Twitter timeline

  Apparently, turning off some of the shittier recent features:

  Muting suggest_recycled_tweet_inline and suggest_activity_tweet actually has fixed my timeline. It’s all chronological and there are barely any “x and y liked” tweets.

  (tags: twitter feature-creep muting hacks)

• Kebab-Case

  TIL! In other words spelling identifiers-like-this, Lisp style

  (tags: kebab-case case lisp identifiers coding terminology)

• Cindy Sridharan on Twitter: NanoLog by Ousterhout et al.

  – just formatting a log typically takes on the order of 1µs! – nanolog achieves high throughput by shifting work out of runtime hot path into compilation + post-execution phases

  Basically records symbolic form of logs, and uses a post-processor after the fact to generate readable text.

  (tags: logging ops coding performance)

• Surprisingly Little Evidence for the Accepted Wisdom About Teeth – The New York Times

  Turns out there is little evidence for many dental practices:

  A systematic review in 2011 concluded that, in adults, toothbrushing with flossing versus toothbrushing alone most likely reduced gingivitis, or inflammation of the gums. But there was really weak evidence that it reduced plaque in the short term. There was no evidence that it reduced cavities. That’s pretty much what we learned recently.

  (tags: teeth dentistry dental health medicine statistics science)

• Google spent $60 million on building Content ID

  That’s how much it costs to build a not-particularly-accurate UGC copyright filter:

  Google’s new report takes aim at this claim. It asserts that Content ID is a highly effective solution, with over 98 percent of copyright management on YouTube happening through Content ID, and just 2 percent coming from humans filing copyright removal notices. Google also says the music industry opts to monetize more than 95 percent of its copyright claims, meaning they leave the videos up on the service. It claims a whopping half of the music industry’s YouTube revenue comes from fan content — covers, remixes, dance versions, etc. — claimed via Content ID. The report also puts a hard figure on how much Google has spent so far on Content ID: $60 million.

  (tags: filtering copyright eu article-13 copyfight content-id google web ugc)

• A definitive blood test for post-infectious irritable bowel syndrome?: Expert Review of Gastroenterology & Hepatology: Vol 10, No 11

  Very interesting! This paper and the one at https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0126438 discuss the increasing evidence that some kinds of IBS may be caused by post-infection autoimmune activity triggered by a gastroenteritis infection — this matches the thing which put me on a restricted diet a few years ago.

  (tags: digestion ibs medicine health diet fodmap gastroenteritis papers)

• Notes on some artefacts

  Five or six years ago, around the time most people seemed to be spending almost all of their time on the internet, I began to notice a particular kind of online phenomenon, one that I did not have a terminology for. I started to call these moments “artefacts”, borrowing a term from photography that describes the machine-created distortions and ghosts that corrupt digital imagery. “An unintended alteration in data” is one definition, but this new kind of “artefact” was expanding beyond sporadic instances and becoming a persistent sub-theme in discourse at large. The result was a type of semiotic collapse, one that first found its fullest expression in the absurdity of the 2016 presidential campaign, when news stories fabricated in Macedonia found a wider reach than The Washington Post. Countermeasures to interference in the coming 2018 congressional election look ineffectual, perhaps deliberately so.

  (tags: artefacts fake-news bots weird 2018 trump politics)

• The British Airways Breach: How Magecart Claimed 380,000 Victims

  very detailed and pretty fiendish

  (tags: analysis security attacks magecart british-airways web javascript)

• UIDAI’s Aadhaar Software Hacked, ID Database Compromised, Experts Confirm

  The authenticity of the data stored in India’s controversial Aadhaar identity database, which contains the biometrics and personal information of over 1 billion Indians, has been compromised by a software patch that disables critical security features of the software used to enrol new Aadhaar users, a three month-long investigation by HuffPost India reveals. The patch—freely available for as little as Rs 2,500 (around $35)— allows unauthorised persons, based anywhere in the world, to generate Aadhaar numbers at will, and is still in widespread use. This has significant implications for national security at a time when the Indian government has sought to make Aadhaar numbers the gold standard for citizen identification, and mandatory for everything from using a mobile phone to accessing a bank account.

  (tags: security aadhaar identity india privacy databases data-privacy)

• Troy Hunt: The Effectiveness of Publicly Shaming Bad Security

  Now I don’t know how much of this change was due to my public shaming of their security posture, maybe they were going to get their act together afterward anyway. Who knows. However, what I do know for sure is that I got this DM from someone not long after that post got media attention (reproduced with their permission): Hi Troy, I just want to say thanks for your blog post on the Natwest HTTPS issue you found that the BBC picked up on. I head up the SEO team at a Media agency for a different bank and was hitting my head against a wall trying to communicate this exact thing to them after they too had a non secure public site separate from their online banking. The quote the BBC must have asked from them prompted the change to happen overnight, something their WebDev team assured me would cost hundreds of thousands of pounds and at least a year to implement! I was hitting my head against the desk for 6 months before that so a virtual handshake of thanks from my behalf! Thanks!

  (tags: business internet security social-media shame troy-hunt bad-press spin shaming)

• Software as Craft: software delivery and open source in a Cloud & Enterprise world

  Niall Murphy sends this on:

  Microsoft is very pleased to welcome Maggie Pint and Dr. Nicole Forsgren to our new campus, to talk about open source and the deep connections between how software is written, and how successful it is. For those of you who are not aware, Maggie Pint is a software engineering lead in Azure’s Production Infrastructure Engineering (PIE) organization. Maggie’s team works on improving the engineering systems experience for Microsoft’s web-focused developers. She co-ordinates open source and inner source education and execution through Azure PIE. Outside of her day job, Maggie maintains the popular Moment.js JavaScript library, and is the JS Foundation’s delegate to TC39, the standards committee for JavaScript. She is passionate about dogs, coffee, the JavaScript language, and helping others live open source values in their day-to-day work. Dr. Nicole Forsgren is the co-founder and Chief Scientist of the DevOps Research and Assessment joint venture with Jez Humble and Gene Kim, also well-known leaders in the DevOps community. She is best known as a co-author of Accelerate: The Science of Lean Software and DevOps and lead investigator for the largest-scale DevOps studies undertaken to date. She is also member of the ACM Queue editorial board, a research affiliate for a number of universities, and earned her PhD in Management Information Systems from the University of Arizona. This event comprises two public technical talks, with an intended audience of a few hundred software and systems professionals, including technical managers and SREs.

  (tags: software coding open-source microsoft maggie-pint nicole-forsgren azure)

• gRPC On HTTP/2: Engineering A Robust, High Performance Protocol

  Decent writeup on how gRPC uses HTTP/2 efficiently

  (tags: http2 grpc rpc networking http tcp protocols)

• ‘The Internet of Garbage’ by Sarah Jeong

  Sarah Jeong’s 2015 book is now free: ‘I think The Internet of Garbage still provides a useful framework to begin to talk about our new dystopia, and it continues to be surprisingly relevant in many ways. But I wrote the book with a tone of optimism I did not feel even at the time, hoping that by reaching the well-meaning policy teams across Silicon Valley, I might be able to spark change for the better. Not only did that change never quite solidify, but the coordinated, orchestrated harassment campaigns of Gamergate that I very briefly touch on in Chapter Two have since overtaken our national political and cultural conversations. These twisted knots of lies, deflection, and rage are not just some weird and terrible online garbage. They shadow executive orders, court rulings, even the newly appointed judiciary. They will haunt us for years to come. We are all victims of fraud in the marketplace of ideas. I hope that in the very near future, I will be putting out a second edition of The Internet of Garbage. In that future edition, I hope to grapple with advertising incentives, engagement traps, international propaganda wars, the American crisis in free speech coinciding with the rise of platform power, and search engine optimization as the new paradigm of speech. In the meantime, I am putting out The Internet of Garbage 1.5 as an interim edition. I wish it were more helpful in our present reality. But as imperfect a tool as it is, I figure we all need as much help as we can get. ‘

  (tags: dystopia fake-news internet spam harrassment abuse twitter gamergate politics books free to-read)

• Science Europe – cOAlition S

  cOAlition S signals the commitment to implement, by 1 January 2020, the necessary measures to fulfil its main principle: “By 2020 scientific publications that result from research funded by public grants provided by participating national and European research councils and funding bodies, must be published in compliant Open Access Journals or on compliant Open Access Platforms.” The 11 national research funding organisations that form cOAlition S have agreed to implement the 10 principles of Plan S in a coordinated way, together with the European Commission including the ERC. Other research funders from across the world, both public and private, are invited to join cOAlition S.

  I am extremely happy to see SFI on this list! (Via Cathal Garvey)

  (tags: sfi ireland funding science open-access open papers journals via:cathalgarvey)

• Mastodon and the challenges of abuse in a federated system

  Similar to this thread by CJ Silverio, I’m not thinking about this in terms of whether Wil Wheaton or his detractors were right or wrong. Rather, I’m thinking about how this incident demonstrates that a large-scale harassment attack by motivated actors is not only possible in the fediverse, but is arguably easier than in a centralized system like Twitter or Facebook, where automated tools can help moderators to catch dogpiling as it happens. As someone who both administrates and moderates Mastodon instances, and who believes in Mastodon’s mission to make social media a more pleasant and human-centric place, this post is my attempt to define the attack vector and propose strategies to prevent it in the future.

  (tags: mastodon abuse twitter wilw harassment moderation)

• Biohackers Encoded Malware in a Strand of DNA

  a group of researchers from the University of Washington has shown for the first time that it’s possible to encode malicious software into physical strands of DNA, so that when a gene sequencer analyzes it the resulting data becomes a program that corrupts gene-sequencing software and takes control of the underlying computer.

  (tags: hacking malware security sequencing genome biohacking dna)

• Unsupervised machine translation: A novel approach to provide fast, accurate translations for more languages – Facebook Code

  Training an MT model without access to any translation resources at training time (known as unsupervised translation) was the necessary next step. Research we are presenting at EMNLP 2018 outlines our recent accomplishments with that task. Our new approach provides a dramatic improvement over previous state-of-the-art unsupervised approaches and is equivalent to supervised approaches trained with nearly 100,000 reference translations. To give some idea of the level of advancement, an improvement of 1 BLEU point (a common metric for judging the accuracy of MT) is considered a remarkable achievement in this field; our methods showed an improvement of more than 10 BLEU points. This is an important finding for MT in general and especially for the majority of the 6,500 languages in the world for which the pool of available translation training resources is either nonexistent or so small that it cannot be used with existing systems. For low-resource languages, there is now a way to learn to translate between, say, Urdu and English by having access only to text in English and completely unrelated text in Urdu – without having any of the respective translations.

  (tags: unsupervised-learning ml machine-learning ai translation facebook)

• Linocuts by Gail Brodholt

  scenes from London transit infrastructure. There’s a fantastic 1960s vibe off these

  (tags: london tube public-transport prints art gail-brodholt via:mltshp)

• This Music Theory Professor Just Showed How Stupid and Broken Copyright Filters Are – Motherboard

  Kaiser then decided to test Google’s system more fully. He opened a new YouTube account named Labeltest, and began sharing additional examples of copyright-free music. “I quickly received Content ID notifications for copyright-free music by Bartok, Schubert, Puccini, and Wagner,” Kaiser said. “Again and again, YouTube told me that I was violating the copyright of these long-dead composers, despite all of my uploads existing in the public domain.” Google’s Content ID is the result of more than $100 million in investment funds and countless development hours. Yet Kaiser found the system was largely incapable of differentiating between copyrighted music and content in the public domain. And the appeals process that Google has erected to tackle these false claims wasn’t any better.

  (tags: content-id copyright copyright-filtering youtube fail google public-domain ip music filtering bartok schubert wagner puccini)

• Google Online Security Blog: Introducing the Tink cryptographic software library

  Tink aims to provide cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Tink is built on top of existing libraries such as BoringSSL and Java Cryptography Architecture, but includes countermeasures to many weaknesses in these libraries, which were discovered by Project Wycheproof, another project from our team. With Tink, many common cryptographic operations such as data encryption, digital signatures, etc. can be done with only a few lines of code.

  (tags: tink google java c++ boringssl ssl jca crypto)

• Yahoo! are scanning your email contents and selling data to advertisers

  For example: Amazon will no longer mail full receipt text as advertisers were believed to be extracting it

  (tags: yahoo privacy email mail amazon)

• How network clients need to participate in fault tolerance

  Top tips on best practices here:

  Colm’s thread on shuffle sharding reminded me of how important it is that clients participate in fault tolerance, and how frustrated I get when a client library *doesn’t* do this by default in my application. Let’s talk about some best practices!

  Bottom line: use Hystrix :)

  (tags: retries fault-tolerance networking tcp http exponential-backoff ip)

• Surgical team collaborates with McLaren F1 to improve processes

  On the screen was a motor racing grand prix and, as they watched, the two men became aware of the similarities between the handover disciplines from theatre to intensive care and what they were seeing in the pit of a Formula One racing team. From that moment began a collaboration between the leaders of Great Ormond Street’s surgical and intensive care units, first with the McLaren F1 racing team and then with Ferrari’s team chief Jan Todt, technical guru Ross Brawn and, in particular, race technical director Nigel Stepney. They worked together at their home base in Modena, Italy, in the pits of the British Grand Prix and in the Great Ormond Street theatre and intensive care ward. The major restructuring of the patient handover procedure, resulting directly from the input of the F1 pit technicians, will soon be described in two scientific publications. “It is not too early to say that, when we look at the number of critical instances we encounter, they have reduced markedly since we introduced the modified training protocol developed from what we have learned from Formula 1,” said Prof Elliott. The single A4 sheet of paper, which contained the flow diagram of Ferrari’s pit procedure, became several pages of twice that size when Mr Stepney and his colleagues at Ferrari were confronted with the critical transfer from operating theatre to recovery room at Great Ormond Street.

  (tags: collaboration cross-discipline surgery formula-1 mclaren pitstops cardiac)

• Fixing Slow Macbook WIFI Reconnect after sleep – airbag moments

  A command line hack to fix the common Macbook wifi problem where wifi won’t reconnect after opening the lid without a manual reconnect

  (tags: wifi macbooks mbp hardware apple hacks cli sleep)

• Why Love Generative Art?

  Or as jwz put it, a brief history of generative art

  (tags: art generative-art computer-art algorithms graphics via:jwz)

• Russian Trolls Used Vaccine Debate to Sow Discord, Study Finds – The New York Times

  But instead of picking a side, researchers said, the trolls and bots they programmed hurled insults at both pro- and anti-vaccine advocates. Their only intent, the study concluded, seemed to be to raise the level of hostility. “You see this pattern,” said David A. Broniatowski, a computer engineer at George Washington University and lead author of the study, which was published Thursday in the American Journal of Public Health. “On guns, or race, these accounts take opposite sides in lots of debates. They’re about sowing discord.”

  So the Russian strategy is basically more of a “Hail Eris” than a “Hail Mary”?

  (tags: russia trolls discord vaccination health internet)

• spotify/dockerfile-maven: A set of Maven tools for dealing with Dockerfiles

  ‘a Maven plugin and extension which help to seamlessly integrate Docker with Maven. The design goals are: Don’t try to do anything fancy. Dockerfiles are how you build Docker projects; that’s what this plugin uses. They are mandatory. Make the Docker build process integrate with the Maven build process. If you bind the default phases, when you type mvn package, you get a Docker image. When you type mvn deploy, your image gets pushed. Make the goals remember what you are doing. You can type mvn dockerfile:build and later mvn dockerfile:tag and later mvn dockerfile:push without problems. This also eliminates the need for something like mvn dockerfile:build -DalsoPush; instead you can just say mvn dockerfile:build dockerfile:push. Integrate with the Maven build reactor. You can depend on the Docker image of one project in another project, and Maven will build the projects in the correct order. This is useful when you want to run integration tests involving multiple services.’ Looks very nice and well-run — shame it’s Maven instead of Gradle…

  (tags: java docker maven build coding packaging)

• One in five genetics papers contains errors thanks to Microsoft Excel | Science | AAAS

  ‘Autoformatting in Microsoft Excel has caused many a headache — but now, a new study shows that one in five genetics papers in top scientific journals contains errors from the program, The Washington Post reports. The errors often arose when gene names in a spreadsheet were automatically changed to calendar dates or numerical values.’

  (tags: science microsoft excel spreadsheets autoformatting clippy fail papers genetics)

• Filter before you parse: faster analytics on raw data with Sparser

  Super fast JSON parsing. Has some interesting similarities to some code I wrote in SpamAssassin, as it turns out!

  (tags: json parsing performance coding algorithms)

I came across this cocktail in Pals, in Catalonia, in 30 degree heat, a few weeks back — I saw it on the menu at the cafe in the square of the old town, and had to give it a go. It’s incredible. Basically, it’s lager mixed with a lemon granita — like a beer slushy. Nothing is better at thirst quenching on a hot day, and best of all it’s quite low in alcohol so no worries about lorrying into it during the daytime :)

This year at Groovefest, our yearly get together/mini-festival, I got to serve up a few, with great results — they were quite popular. So here’s the recipe!

First off, a day or two in advance, make a batch of lemon granita. I based mine on this recipe which I’ll copy here just in case the original goes away:

Lemon Granita

Serves: about 8

Ingredients:

• 3-4 lemons
• 1L water
• 150g of sugar

Method:

• Zest the lemons and set the zest aside. Juice the lemons until you have 150ml juice (you may not need all of them).

• Add the water and sugar to a large pan and bring to the boil. Reduce to a simmer and cook for 2 minutes, stirring to dissolve the sugar.

• Add the lemon juice and zest, remove from the heat and cover. Set aside to cool for 20 minutes.

• Strain the mixture into 2 containers that will fit in your freezer and leave to cool to room temperature.

• Freeze until the mixture is partially frozen, which should take several hours. (I just left them overnight)

• Remove the granita from the freezer and leave at room temperature until you can break it into chunks with a large spoon or fork.

• Either transfer to a blender or food processor and blitz, or break it up with a fork. It doesn’t need to be perfectly smooth and snowy — a slushy texture is just right for this drink.

• Store in the freezer. Take out 30 minutes before serving and break it up again with a fork.

Clara Con Limón Granizado

To serve: half-fill a half-pint glass with the lemon granita. Pour the beer on top to fill the glass. Stir once or twice to mix. Enjoy!

• The BARR-C:2018 Embedded C Coding Standard

  ‘Barr Group’s Embedded C Coding Standard was developed to minimize bugs in firmware by focusing on practical rules that keep bugs out–while also improving the maintainability and portability of embedded software. The coding standard details a set of guiding principles as well as specific naming conventions and other rules for the use of data types, functions, preprocessor macros, variables and much more. Individual rules that have been demonstrated to reduce or eliminate certain types of bugs are highlighted. In this latest version, BARR-C:2018, the stylistic coding rules have been fully harmonized with MISRA C: 2012, while helping embedded system designers reduce defects in firmware written in C and C++.’

  (tags: embedded c coding standards style-guides misra c++)

• Nosferatu is only viewable today due to piracy

  ‘In 1922 a German court ordered all prints and negatives of Nosferatu destroyed following a copyright dispute with the widow of Bram Stoker. The film only exists today because of piracy. One copy survived and somehow found it’s way to America, where Dracula was already in the public domain. That’s it. That’s the only reason you’ve ever seen the granddaddy of all horror movies.’

  (tags: dracula bram-stoker nosferatu piracy licensing movies history)

• Anatomy of a tabloid Fortnite front page story

  Interesting writeup of how the UK tabloids concoct their scare stories, rustling up “victims” and paying them and their agents fees of thousands of pounds

  (tags: fortnite pokemon-go gaming tabloids uk newspapers truth the-sun games)

• Hacker Finds Hidden ‘God Mode’ on Old VIA C3 x86 CPUs

  Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents. He found one — US8341419 — that mentioned jumping from ring 3 to ring 0 and protecting the machine from exploits of model-specific registers (MSRs), manufacturer-created commands that are often limited to certain chipsets. Domas followed the “trail of breadcrumbs,” as he put it, from one patent to another and figured out that certain VIA chipsets were covered by the patents. Then he collected many old VIA C3 machines and spent weeks fuzzing code. He even built a testing rig consisting of seven Nehemiah-based thin clients hooked up to a power relay that would power-cycle the machines every couple of minutes, because his fuzzing attempts would usually crash the systems. After three weeks, he had 15 GB of log data — and the instructions to flip on the backdoor in the hidden RISC chip.

  (via Nelson)

  (tags: cpu via x86 fuzzing security nehemiah via:nelson)

• How I gained commit access to Homebrew in 30 minutes

  If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it. If I can gain access to commit in 30 minutes, what could a nation state with dedicated resources achieve against a team of 17 volunteers? How many private company networks could be accessed? How many of these could be used to escalate to large scale data breaches? What other package management systems have similar weaknesses? This is my growing concern, and it’s been proven time and time again that package managers, and credential leaks, are a weak point in the security of the internet, and that supply chain attacks are a real and persistent threat. This is not a weakness in Homebrew, but rather a systemic problem in the industry, and one where we need more security research.

  (tags: homebrew github security jenkins credentials scary)

• Fonez – Pre-owned Phones

  Galway-based refurb phone retailer, recommended by co-worker Ciaran where he picked up his Pixel

  (tags: phones ireland shopping mobile)

• ncw/rclone

  “rsync for cloud storage” – Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files

  (tags: backup github sync cloud s3 storage rsync rclone google aws dropbox backblaze yandex onedrive)

• People Think This Whole QAnon Conspiracy Theory Is A Prank On Trump Supporters

  This, if true, is the most gloriously Discordian thing ever.

  “Let us take for granted, for a while, that QAnon started as a prank in order to trigger right-wing weirdos and have a laugh at them. There’s no doubt it has long become something very different. At a certain level it still sounds like a prank. But who’s pulling it on whom?” they [Roberto Bui, Giovanni Cattabriga, and Federico Guglielmi] said.

  (tags: q conspiracy politics trump qanon luther-blissett discordianism wu-ming funny crazy)

• Why JSON isn’t a good configuration language

  solid +1s on these points

  (tags: json configuration languages coding formats)

• Humanitarian OpenStreetMap Team | Fast, Powerful, and Practical: New Technology for Aerial Imagery in Disaster Response

  Aerial imagery can play an important role in disaster response operations, enabling response teams to identify and prioritize hardest-hit areas, conduct damage assessments, and plan response activities. Existing tools make this relatively easy in connected environments; users can browse high-resolution satellite imagery catalogs and download the relevant imagery, and can process drone imagery using online tools. Current solutions don’t work well in disconnected environments, however. Even offline tools lack the storage space and processing power to be effective for addressing large areas. This blog post shows how rugged, portable Amazon Web Services (AWS) servers can be turned into a kit that’s mega-powerful, deployable, and purpose-built for post-disaster imagery operations. This can help humanitarians and government agencies to more accurately and efficiently conduct damage assessments and identify hardest-hit areas, potentially making a real difference in the aftermath of a natural disaster.

  (tags: snowball aws humanitarian emergency-response osm openstreetmap mapping aid disasters)

• Labour HQ used Facebook ads to deceive Jeremy Corbyn during election campaign | News | The Times

  Campaign chiefs at Labour HQ hoodwinked their own leader because they disapproved of some of Corbyn’s left-wing messages. They convinced him they were following his campaign plans by spending just £5,000 on adverts solely designed to be seen by Corbyn, his aides and their favourite journalists, while pouring far more money into adverts with a different message for ordinary voters.

  (tags: advertising politics crazy facebook jeremy-corbyn microtargeting ads uk labour-party)

• 15 Key Takeaways from the Serverless Talk at AWS Startup Day

  Best current practices for AWS Lambda usage. (still pretty messy/hacky/Rube-Goldberg-y from the looks of it tbh)

  (tags: aws lambda serverless ops hacks amazon)

• “Haskell is very simple”

  niftierideology on twitter:

  Haskell is very simple. Everything is composed of Functads which are themselves a Tormund of Gurmoids, usually defined over the Devons. All you have to do is stick one Devon inside a Tormund and it yields Reverse Functads (Actually Functoids) you use to generate Unbound Gurmoids.

  (tags: haskell functors functads tormund-of-gurmoids jargon funny satire coding languages)

• Facebook’s new rules for moderators on dealing with far-right pages are awful

  This is a total shitshow. Facebook needs to sort this out, it is not remotely desirable.

  Facebook: “We allow to call for the creation of white ethno-states.” In other words, Facebook is officially ok with people calling for ethnic cleansing and genocide. The time for Facebook to hire/consult with experts re: the far-right was about three or four years ago. That they now *agree* with the rationale of Alt-Reich rebranding in 2018 shows that this company is simply not fit for purpose. […] t’s quite something that Facebook’s advice to their moderators literally mirrors Nazi propaganda: “Being interested in and caring for one’s kind is not to disparage foreign peoples and races”- Nazi party pamphlet “Why the Aryan Law?” (1934)

  (tags: facebook awful moderation far-right nazis fascism ethnic-cleansing genocide social-media fail)

• How my research on DNA ancestry tests became “fake news”

  I was not surprised to see our research twisted by fake news and satire websites. Conspiracy theories are meant to be just as entertaining as they are convincing. They also provide a way out of confronting reality and reckoning with facts that don’t confirm preexisting worldviews. For white nationalists and racists, if test results showed traces of African American or Jewish ancestry, either the tests did not work, or the results were planted by some ideologically motivated scientists, or the tests were part of a global war against whites. With conspiracy theories, debunking is rarely useful because the individual is often searching for an interpretation that confirms their prior beliefs. As such, DNA conspiracy theories allow white supremacists to plan new escape routes for the traps they laid for themselves long ago. With DNA testing, the one-drop rule—a belief made law in the 1900s that one drop of African blood makes one Black—becomes transmuted genealogically into the one-percent rule, according to which to remain racially white, an individual’s results must show no sign of African or Jewish origin. Through the genealogical lens, American white nationalists consider “one hundred percent European” as good results, which in turn substantiates their “birth right” to the United States as a marker of heredity and conquest.

  (tags: racism science fake-news conspiracy genealogy dna dna-testing)

• Second Wind CPAP

  Second-hand CPAP machines — decent prices here, recommended by @Searcher on FP

  (tags: cpap second-hand appliances)

• Using Kindle Fire’s Parental Controls

  time to set this up I think

  (tags: kindle fire parental-controls devices kids)

• The problems with DynamoDB Auto Scaling and how it might be improved

  ‘Based on these observations, we hypothesize that you can make two modifications to the system to improve its effectiveness: trigger scaling up after 1 threshold breach instead of 5, which is in-line with the mantra of “scale up early, scale down slowly”; trigger scaling activity based on actual request count instead of consumed capacity units, and calculate the new provisioned capacity units using actual request count as well. As part of this experiment, we also prototyped these changes (by hijacking the CloudWatch alarms) to demonstrate their improvement.’

  (tags: dynamodb autoscaling ops scalability aws scaling capacity)

• Summer Fruit Shrub Recipe – NYT Cooking

  as recommended by Nelson — I’ve been meaning to make one

  (tags: shrubs drinks vinegar recipes to-make fruit)

• Evolution of Application Data Caching : From RAM to SSD

  Memcached provides an external storage shim called extstore, that supports storing of data on SSD (I2) and NVMe (I3). extstore is efficient in terms of cost & storage device utilization without compromising the speed and throughput. All the metadata (key & other metadata) is stored in RAM whereas the actual data is stored on flash.

  (tags: memcached netflix services storage memory ssd nvme extstore caching)

• Goodbye Microservices: From 100s of problem children to 1 superstar · Segment Blog

  Super-happy we resisted many of the microservices gospels and dodged this bullet

  (tags: architecture microservices monolith git monorepo)

• Centrifuge: a reliable system for delivering billions of events per day

  Nice scale-up service to solve the multi-tenant, multi-target queueing problem with good customer isolation from Segment

  (tags: queueing architecture dead-letter-queue kafka segment multi-tenant isolation)

• Flight Rights

  ‘This website has been designed to help you, the passenger, understand your rights and entitlements in the event that your air travel plans are disrupted.’ from the Commission for Aviation Regulation. See also thread from Sinead Ryan at https://twitter.com/sinead_ryan/status/1016628694427885568

  (tags: consumer aviation flights ryanair aer-lingus ireland rights flying)

• open source ham radio hardware in the Thai cave rescue

  the Heyphone, a voice radio designed by UK radio ham, John Hey

  (tags: ham-radio heyphone voice radios cave rescue thailand)

• Basho investor to pay up $20m in damages for campaign that put biz on ‘greased slide to failure’ • The Register

  This is disappointing. Basho was very promising.

  An investment fund and its manager have been ordered to pay up $20.3m after “misinformation, threats and combative behaviour” helped put NoSQL database biz Basho on a “greased slide to failure”. As reported by The Register, the once-promising biz, which developed the Riak distributed database, faded away last year amid severe criticisms of the way its major investor, Georgetown Capital Partners, operated. These centred around the control the investment firm and boss Chester Davenport gained over Basho, and how that power was used to block other funders and push out dissenting voices, with the hope of selling the company off fast.

  (tags: basho distcomp riak vc software silicon-valley)

• Scarr

  S3 + Cloudfront + ACM + Route53, automated.

  There are a bunch of free/cheap options for hosting static sites (just html/css/js) out there: github pages, netlify, firebase hosting – but when I want to build a bulletproof static site “for real”, my go-to toolset is S3 for hosting with Cloudfront caching in front of it. I figured that after a few times doing this, I’d automate it. There are a few pre-existing tools for parts of this, but none I could find that did the whole thing from registration through uploading and Cloudfront invalidation.

  (tags: cli acm aws s3 cloudfront route53 static-sites web html hosting)

• Hospitality boom: What’s happening with Dublin’s bars and restaurants?

  Good article with an insider look at what’s going on with venues, bars and restaurants in Dublin:

  They call it “meanwhile use” in property developer shorthand. It’s the market or cafe that slots itself temporarily into a building earmarked for redevelopment. Rent is low and terms are flexible. Cheap space is hewn out of a lull. Cool creative things happen. You don’t need the backing of a private equity fund or a multinational developer to set up a cafe or restaurant. No one is asking for a six-figure sum just to hand you the keys. […] That era has gone. Landlords are back in the driving seat. Between the canals the key money, a once-off upfront payment just to get the keys, is mind-boggling. The pace of new openings seems relentless and “not particularly sustainable”, as one industry insider puts it: how many burritos do you have to sell when you’ve paid €500,000 upfront, before the costs of fitting it out, staffing it and paying the rent?

  (tags: dublin hospitality bars restaurants pubs nightlife landlords property boom key-money)

• Dublin Cargo Bike Rental

  EUR40 per day from the Dutch Bike Shop in Belfield

  (tags: dutch-bikes bakfiets cargo-bikes cycling bikes rental dublin)

• Google Cloud Platform Blog: Introducing Jib

  ‘build Java Docker images better’:

  Jib takes advantage of layering in Docker images and integrates with your build system to optimize Java container image builds in the following ways: Simple – Jib is implemented in Java and runs as part of your Maven or Gradle build. You do not need to maintain a Dockerfile, run a Docker daemon, or even worry about creating a fat JAR with all its dependencies. Since Jib tightly integrates with your Java build, it has access to all the necessary information to package your application. Any variations in your Java build are automatically picked up during subsequent container builds. Fast – Jib takes advantage of image layering and registry caching to achieve fast, incremental builds. It reads your build config, organizes your application into distinct layers (dependencies, resources, classes) and only rebuilds and pushes the layers that have changed. When iterating quickly on a project, Jib can save valuable time on each build by only pushing your changed layers to the registry instead of your whole application. Reproducible – Jib supports building container images declaratively from your Maven and Gradle build metadata, and as such can be configured to create reproducible build images as long as your inputs remain the same.

  (tags: build google java docker maven gradle coding builds jars fat-jars packaging)

• Saving a non-profit six figures a year using Squarespace, Airtable and Glitch.com

  Airtable in particular sounds like a lovely tool for small-scale users

  (tags: serverless airtable google squarespace glitch tools web ops)

• Wifi Design Tips

  PDF with a few good tips on wifi layout, AP placement etc. Also recommended: https://www.youtube.com/watch?v=Adep0SeOjAE&feature=youtu.be&t=17m22s (via irldexter)

  (tags: via:irldexter wifi 802.11 wireless ops networking)

• What I’ve learned from nearly three years of enterprise Wi-Fi at home

  I am happy to note that I’ve grown out of this kind of pain (I think)….

  Do you just want better Wi-Fi in every room? Consider buying a Plume or Amplifi or other similar plug-n-go mesh system. On the other hand, are you a technically proficient network kind of person who wants to build an enterprise-lite configuration at home? Do you dream of VLANs and port profiles and lovingly tweaked firewall rules? Does the idea of crawling around in your attic to ceiling-mount some access points sound like a fun way to kill a weekend? Is your office just too quiet for your liking? Buy some Ubiquiti Unifi gear and enter network nerd nirvana.

  (tags: networking wifi wireless ubiquiti sdn vlans home ops)

• Large breweries ‘pay publicans not to stock smaller companies’ beer, cider’

  Good on Alan Kelly TD for raising the issue — it is clearly happening and is clearly anti-competitive market manipulation by the big brewers.

  He said a pub in Cork he was in recently had 21 taps of which 19 were from one brewing company and that smaller breweries tried to get some of that business. Mr Kelly claimed similar practices were occurring in pubs across all counties and that the statutory body that deals with anti-competitive practices, the Competition and Consumer Protection Commission (CCPC), had received a number of complaints but did not have the resources to deal with the issue. However, Minister of State Pat Breen said “after a robust examination” the CCPC found it did not have grounds to suspect a breach of the law. Mr Kelly said that “the dogs in the street know what is happening here” and that the Minister’s response was insulting to the industry. He said the CCPC would need large resources to investigate the issue and “large amounts of cash and resources are being used, and these practices are happening in large pubs in all cities and towns in Ireland”.

  (tags: ireland brewing beer pubs ccpc anti-competitive business alan-kelly dail)

• React Native: A retrospective from the mobile-engineering team at Udacity

  I think it’s safe to say they didn’t like it

  (tags: react react-native udacity coding javascript android ios)

• airlift/jvmkill

  a simple JVMTI agent that forcibly terminates the JVM when it is unable to allocate memory or create a thread. This is important for reliability purposes: an OutOfMemoryError will often leave the JVM in an inconsistent state. Terminating the JVM will allow it to be restarted by an external process manager.

  This is apparently still useful despite the existence of ‘-XX:ExitOnOutOfMemoryError’ as of java 8, since that may somehow still fail occasionally.

  (tags: oom java reliability uptime memory ops)

• “Stylish” browser extension steals all your internet history | Robert Heaton

  ‘Stylish, the popular CSS userstyle browser extension [collects] complete browser history, including sites scraped from Google results. Instant uninstall.’ (via Andy Baio)

  (tags: privacy browser extensions stylish css history data-protection)

• Dublin Cycling Campaign traffic survey finds twice as many cyclists as car passengers during rush hour

  There are twice as many people cycling as there are people in cars on the quays in Dublin at the morning rush hour, a video survey by the Dublin Cycling Campaign has found.

  This doesn’t surprise me at all — I would be in that number too, except I now avoid the quays as they are too dangerous to cycle on due to the heavy traffic! A segregated cycle route is greatly needed.

  (tags: cycling dublin safety cars driving dublin-cycling-campaign liffey-cycle-route)

• Sundial Generator

  Glowforge laser-cut a sundial, customised for your very own corner of planet Earth

  (tags: sundial sun laser-cutting cool making makers time)

• Nginx tuning tips: TLS/SSL HTTPS – Improved TTFB/latency

  Must do these soon on jmason.org / taint.org et al.

  (tags: nginx http https http2 ops tls security linux)

• ‘Nothing to worry about. The water is fine’: how Flint poisoned its people | News | The Guardian

  The anxiety reverberated all the way to the state capital, Lansing, where Governor Rick Snyder was weeks away from winning reelection. His chief legal counsel, Michael Gadola, wrote in an email: “To anyone who grew up in Flint as I did, the notion that I would be getting my drinking water from the Flint River is downright scary. Too bad the [emergency manager] didn’t ask me what I thought, though I’m sure he heard it from plenty of others. My mom is a city resident. Nice to know she’s drinking water with elevated chlorine levels and fecal coliform … They should try to get back on the Detroit system as a stopgap ASAP before this thing gets too far out of control.”

  (tags: flint michigan bureaucracy water poisoning corrosion poison us-politics environment taxes)

• The iconic _Fountain_ (1917) was not created by Marcel Duchamp

  In 1982 a letter written by Duchamp came to light. Dated 11 April 1917, it was written just a few days after that fateful exhibit. It contains one sentence that should have sent shockwaves through the world of modern art: it reveals the true creator behind Fountain – but it was not Duchamp. Instead he wrote that a female friend using a male alias had sent it in for the New York exhibition. Suddenly a few other things began to make sense. Over time Duchamp had told two different stories of how he had created Fountain, but both turned out to be untrue. An art historian who knew Duchamp admitted that he had never asked him about Fountain, he had published a standard-work on Fountain nevertheless. The place from where Fountain was sent raised more questions. That place was Philadelphia, but Duchamp had been living in New York. Who was living in Philadelphia? Who was this ‘female friend’ that had sent the urinal using a pseudonym that Duchamp mentions? That woman was, as Duchamp wrote, the future. Art history knows her as Elsa von Freytag-Loringhoven. She was a brilliant pioneering New York dada artist, and Duchamp knew her well. This glaring truth has been known for some time in the art world, but each time it has to be acknowledged, it is met with indifference and silence. This article addresses the true authorship of Fountain from the perspective of the latest evidence, collected by several experts. The opinions they voice offer their latest insights.  Their accumulation of evidence strengthens the case to its final conclusion. To attribute Fountain to a woman and not a man has obvious, far-reaching consequences: the history of modern art has to be rewritten. Modern art did not start with a patriarch, but with a matriarch. What power structure in the world of modern art prohibits this truth to become more widely known and generally accepted? Ultimately this is one of the larger questions looming behind the authorship of Fountain. It sheds light on the place and role of the female artist in the world of modern art.

  (tags: elsa-von-freytag-loringhoven marcel-duchamp modern-art history art-history scandals credit art fountain women)

• Cory Doctorow: Zuck’s Empire of Oily Rags

  the sophisticated targeting systems available through Facebook, Google, Twitter, and other Big Tech ad platforms made it easy to find the racist, xenophobic, fearful, angry people who wanted to believe that foreigners were destroying their country while being bankrolled by George Soros. Remember that elections are generally knife-edge affairs, even for politicians who’ve held their seats for decades with slim margins: 60% of the vote is an excellent win. Remember, too, that the winner in most races is “none of the above,” with huge numbers of voters sitting out the election. If even a small number of these non-voters can be motivated to show up at the polls, safe seats can be made contestable. In a tight race, having a cheap way to reach all the latent Klansmen in a district and quietly inform them that Donald J. Trump is their man is a game-changer. Cambridge Analytica are like stage mentalists: they’re doing something labor-intensive and pretending that it’s something supernatural. A stage mentalist will train for years to learn to quickly memorize a deck of cards and then claim that they can name your card thanks to their psychic powers. You never see the unglamorous, unimpressive memorization practice. Cambridge Analytica uses Facebook to find racist jerks and tell them to vote for Trump and then they claim that they’ve discovered a mystical way to get otherwise sensible people to vote for maniacs.

  (tags: facebook politics surveillance cory-doctorow google twitter advertising elections cambridge-analytica racism nazis)

• Dormio: Interfacing with Dreams to Augment Human Creativity — MIT Media Lab

  Using Dormio you fall asleep as you normally would, but the transition into stage 2 sleep is tracked and interrupted. This suspends you in a semi-lucid state where microdreams are inceptable, allowing direction of your dreams. 

  (tags: dreaming dreams science neuroscience brain sleep lucid-dreaming via:fp dormio)

• Facial recognition software is not ready for use by law enforcement | TechCrunch

  This is a pretty amazing op-ed from the CEO of a facial recognition software development company:

  Facial recognition technologies, used in the identification of suspects, negatively affects people of color. To deny this fact would be a lie. And clearly, facial recognition-powered government surveillance is an extraordinary invasion of the privacy of all citizens — and a slippery slope to losing control of our identities altogether. There’s really no “nice” way to acknowledge these things. I’ve been pretty clear about the potential dangers associated with current racial biases in face recognition, and open in my opposition to the use of the technology in law enforcement. As the black chief executive of a software company developing facial recognition services, I have a personal connection to the technology, both culturally and socially. Having the privilege of a comprehensive understanding of how the software works gives me a unique perspective that has shaped my positions about its uses. As a result, I (and my company) have come to believe that the use of commercial facial recognition in law enforcement or in government surveillance of any kind is wrong — and that it opens the door for gross misconduct by the morally corrupt.

  (tags: techcrunch facial-recognition computer-vision machine-learning racism algorithms america)

• Yelp, The Red Hen, And How All Tech Platforms Are Now Pawns In The Culture War

  Though the brigading of review sites and doxxing behavior isn’t exactly new, the speed and coordination is; one consequence of a never-ending information war is that everyone is already well versed in their specific roles. And across the internet, it appears that technology platforms, both big and small, must grapple with the reality that they are now powerful instruments in an increasingly toxic political and cultural battle. After years attempting to dodge notions of bias at all costs, Silicon Valley’s tech platforms are up against a painful reality: They need to expect and prepare for the armies of the culture war and all the uncomfortable policing that inevitably follows. Policing and intervening isn’t just politically tricky for the platforms, it’s also a tacit admission that Big Tech’s utopian ideologies are deeply flawed in practice. Connecting everyone and everything in an instantly accessible way can have terrible consequences that the tech industry still doesn’t seem to be on top of. Silicon Valley frequently demos a future of seamless integration. It’s a future where cross-referencing your calendar with Yelp, Waze, and Uber creates a service that’s greater than the sum of its parts. It’s an appealing vision, but it is increasingly co-opted by its darker counterpart, in which major technology platforms are daisy-chained together to manipulate, abuse, and harass.

  (tags: culture-war technology silicon-valley yelp reviews red-hen dystopia spam doxxing brigading politics)

• AWS Developer Forums: m5.xlarge in us-east-1 has intermittent DNS resolution failures

  likewise for C5 instance types — reportedly still an issue

  (tags: c5 m5 instances ec2 aws amazon ops dns)

• ICE’s Risk Classification Assessment turned into a digital rubber stamp

  If this report is correct, this “statistics-based” risk classification tool is just a cruel joke:

  To conform to Trump’s policies, Reuters has learned, ICE modified a tool officers have been using since 2013 when deciding whether an immigrant should be detained or released on bond. The computer-based Risk Classification Assessment uses statistics to determine an immigrant’s flight risk and danger to society. Previously, the tool automatically recommended either “detain” or “release.” Last year, ICE spokesman Bourke said, the agency removed the “release” recommendation

  (tags: immigration statistics machine-learning rubber-stamping fake-algorithms whitewashing ice us-politics)

• Visa admits 5m payments failed over a broken switch

  “We operate two redundant data centres in the UK, meaning that either one can independently handle 100% of the transactions for Visa in Europe. In normal circumstances, the systems are synchronised and either centre can take over from the other immediately … in this instance, a component with a switch in our primary data centre suffered a very rare partial failure which prevented the backup switch from activating.”

  (tags: visa outages post-mortems fail europe dcs)

• 10-hour Microsoft Azure outage in Europe

  Service availability issue in North Europe Summary of impact: From 17:44 on 19 Jun 2018 to 04:30 UTC on 20 Jun 2018 customers using Azure services in North Europe may have experienced connection failures when attempting to access resources hosted in the region. Customers leveraging a subset of Azure services may have experienced residual impact for a sustained period post-mitigation of the underlying issue. We are communicating with these customers directly in their Management Portal. Preliminary root cause: Engineers identified that an underlying temperature issue in one of the datacenters in the region triggered an infrastructure alert, which in turn caused a structured shutdown of a subset of Storage and Network devices in this location to ensure hardware and data integrity. Mitigation: Engineers addressed the temperature issue, and performed a structured recovery of the affected devices and the affected downstream services.

  The specific services were: ‘Virtual Machines, Storage, SQL Database, Key Vault, App Service, Site Recovery, Automation, Service Bus, Event Hubs, Data Factory, Backup, API management, Log Analytics, Application Insight, Azure Batch Azure Search, Redis Cache, Media Services, IoT Hub, Stream Analytics, Power BI, Azure Monitor, Azure Cosmo DB or Logic Apps in North Europe’. Holy cow

  (tags: microsoft outages fail azure post-mortems cooling-systems datacenters)

• Here’s a list of organizations that are mobilizing to help separated immigrant children | The Texas Tribune

  We’ve compiled a list of organizations that are mobilizing to try and help children that have been separated from their parents at the Texas-Mexico border.

  (tags: texas children immigration family-separations us-politics usa charity)

• Save on your AWS bill with Kubernetes Ingress

  decent into to Kubernetes Ingress and the Ambassador microservices API gateway built on Envoy Proxy

  (tags: envoy proxying kubernetes aws elb load-balancing ingress ambassador ops)

• Is America Ready for a Global Pandemic? – The Atlantic

  The egg-based [vaccine manufacture] system depends on chickens, which are themselves vulnerable to flu. And since viruses can mutate within the eggs, the resulting vaccines don’t always match the strains that are circulating. But vaccine makers have few incentives to use anything else. Switching to a different process would cost billions, and why bother? Flu vaccines are low-margin products, which only about 45 percent of Americans get in a normal year. So when demand soars during a pandemic, the supply is not set to cope. American hospitals, which often operate unnervingly close to full capacity, likewise struggled with the surge of patients. Pediatric units were hit especially hard by H1N1, and staff became exhausted from continuously caring for sick children. Hospitals almost ran out of the life-support units that sustain people whose lungs and hearts start to fail. The health-care system didn’t break, but it came too close for comfort—especially for what turned out to be a training-wheels pandemic. The 2009 H1N1 strain killed merely 0.03 percent of those it infected; by contrast, the 1918 strain had killed 1 to 3 percent, and the H7N9 strain currently circulating in China has a fatality rate of 40 percent. That the U.S. could be so ill-prepared for flu, of all things, should be deeply concerning. The country has a dedicated surveillance web, antiviral drugs, and an infrastructure for making and deploying flu vaccines. None of that exists for the majority of other emerging infectious diseases.

  (tags: vaccines health diseases h1n1 flu pandemics future scary)

• Here’s how you can fight family separation at the border

  Slate’s list of organisations fighting this horrible policy

  (tags: family-separation law immigration us-politics america)

• In America, Naturalized Citizens No Longer Have an Assumption of Permanence | The New Yorker

  Michael Bars, the U.S.C.I.S. spokesman, told the Washington Examiner that the agency is hiring dozens of lawyers for the new task force. The mandate, according to both Cissna and Bars, is to find people who deliberately lied on their citizenship applications, not those who made innocent mistakes. The distinction is fuzzier than one might assume. Back in 1989, I had to make a decision about whether to lie on my citizenship application. At the time, immigration law banned “aliens afflicted with sexual deviation,” among others suffering from “psychopathic personality,” from entry to the United States. I had come to this country as a fourteen-year-old, in 1981, but I had been aware of my “sexual deviation” at the time, and this technically meant that I should not have entered the country. [….] Over the years, the applications for both citizenship and permanent residence have grown ever longer, filling with questions that seem to be designed to be used against the applicant. Question 26 on the green-card application, for example, reads, “Have you EVER committed a crime of any kind (even if you were not arrested, cited, charged with, or tried for that crime)?” … The question does not specify whether it refers to a crime under current U.S. law or the laws of the country in which the crime might have been committed. In the Soviet Union of my youth, it was illegal to possess foreign currency or to spend the night anywhere where you were not registered to live. In more than seventy countries, same-sex sexual activity is still illegal. On closer inspection, just about every naturalized citizen might look like an outlaw, or a liar.

  (tags: law immigration us-politics america citizenship naturalization history)

• A few observations on the bikesharing systems in China

  Mindblowing Twitter thread. The variety of systems, most of which are barely impinging on our systems over here in Ireland!

  (tags: china bikesharing cycling bikes transit public-transit commuting)

• Fibonacci Hashing: The Optimization that the World Forgot (or: a Better Alternative to Integer Modulo)

  Turns out I was wrong. This is a big one. And everyone should be using it. Hash tables should not be prime number sized and they should not use an integer modulo to map hashes into slots. Fibonacci hashing is just better. Yet somehow nobody is using it and lots of big hash tables (including all the big implementations of std::unordered_map) are much slower than they should be because they don’t use Fibonacci Hashing.

  Apparently this is binary multiplicative hashing, and Google’s brotli, webp, and Snappy libs all use a constant derived heuristically from a compression test corpus along the same lines (see comments). (Via Michael Fogleman)

  (tags: algorithms hashing hash fibonacci golden-ratio coding hacks brotli webp snappy hash-tables hashmaps load-distribution)

• Halton sequence

  In statistics, Halton sequences are sequences used to generate points in space for numerical methods such as Monte Carlo simulations. Although these sequences are deterministic, they are of low discrepancy, that is, appear to be random for many purposes. They were first introduced in 1960 and are an example of a quasi-random number sequence.

  (tags: algorithms graphics random randomness coding monte-carlo-simulation number-sequences)

• The best Mario Kart character according to data science

  Unless you’re going all-in on acceleration, it looks like a heavy character is the way to go; the two heaviest character classes (Wario and Donkey Kong) account for 11/15 of the Pareto-optimal configurations.

  Wario/Sports Bike/Slick or Wario/Gold Standard/Slick get the top billing!

  (tags: wario nintendo mario-kart games wii switch)