Links for 2017-07-21

  • awslabs/aws-ec2rescue-linux

    Amazon Web Services Elastic Compute Cloud (EC2) Rescue for Linux is a python-based tool that allows for the automatic diagnosis of common problems found on EC2 Linux instances.
    Most of the modules appear to be log-greppers looking for common kernel issues.

    (tags: ec2 aws kernel linux ec2rl ops)

Posted in Uncategorized | Comments closed

Links for 2017-07-20

Posted in Uncategorized | Comments closed

Links for 2017-07-19

Posted in Uncategorized | Comments closed

Links for 2017-07-17

Posted in Uncategorized | Comments closed

Links for 2017-07-16

Posted in Uncategorized | Comments closed

Links for 2017-07-14

Posted in Uncategorized | Comments closed

Links for 2017-07-13

  • Novartis CAR-T immunotherapy strongly endorsed by FDA advisory panel

    This is very exciting stuff, cytokine release syndrome risks notwithstanding.

    The new treatment is known as CAR-T cell immunotherapy. It works by removing key immune system cells known as T cells from the patient so scientists can genetically modify them to seek out and attack only cancer cells. That’s why some scientists refer to this as a “living drug.” Doctors then infuse millions of the genetically modified T cells back into the patient’s body so they can try to obliterate the cancer cells and hopefully leave healthy tissue unscathed. “It’s truly a paradigm shift,” said Dr. David Lebwohl, who heads the CAR-T Franchise Global Program at the drug company Novartis, which is seeking the FDA’s approval for the treatment. “It represents a new hope for patients.” The drug endorsed by the advisory panel is known as CTL019 or tisagenlecleucel. It was developed to treat children and young adults ages 3 to 25 who have relapsed after undergoing standard treatment for B cell acute lymphoblastic leukemia, which is the most common childhood cancer in the United States. While this blood cell cancer can be highly curable, some patients fail to respond to standard treatments; and a significant proportion of patients experience relapses that don’t respond to follow-up therapies. “There is a major unmet medical need for treatment options” for these patients, Dr. Stephen Hunger, who helped study at the Children’s Hospital of Philadelphia, told the committee. In the main study that the company submitted as evidence in seeking FDA approval, doctors at 25 sites in 11 countries administered the treatment to 88 patients. The patients, ages 3 to 23, had failed standard treatment or experienced relapses and failed to respond to follow-up standard treatment. CTL019 produced remissions in 83 percent of patients, the company told the committee.

    (tags: car-t immunotherapy cancer novartis trials fda drugs t-cells immune-system medicine leukemia ctl019)

  • Chris’s Wiki :: blog/sysadmin/UnderstandingIODNSIssue

    On the ns-a1.io security screwup for the .io CCTLD:

    Using data from glue records instead of looking things up yourself is common but not mandatory, and there are various reasons why a resolver would not do so. Some recursive DNS servers will deliberately try to check glue record information as a security measure; for example, Unbound has the harden-referral-path option (via Tony Finch). Since the original article reported seeing real .io DNS queries being directed to Bryant’s DNS server, we know that a decent number of clients were not using the root zone glue records. Probably a lot more clients were still using the glue records, through.
    (via Tony Finch)

    (tags: via:fanf dns security dot-io cctlds glue-records delegation)

Posted in Uncategorized | Comments closed

Links for 2017-07-12

  • DoppioJVM

    ‘A Java Virtual Machine written in 100% JavaScript.’ Wrapping outbound TCP traffic in websockets, mad stuff

    (tags: jvm java javascript js hacks browser emulation websockets)

  • One Man’s Plan to Make Sure Gene Editing Doesn’t Go Haywire – The Atlantic

    Open science – radical transparency where gene-editing and CRISPR is involved. Sounds great.

    “For gene drive, the closed-door model is morally unacceptable. You don’t have the right to go into your lab and build something that is ineluctably designed to affect entire ecosystems. If it escapes into the wild, it would be expected to spread and affect people’s lives in unknown ways. Doing that in secret denies people a voice.”
    Also this is a little scary:
    in 2015, he was shocked to read a paper, due to be published in … Science, in which Californian researchers had inadvertently created a gene drive in fruit flies, without knowing what gene drives are. They developed it as a research tool for spreading a trait among lab populations, and had no ambitions to alter wild animals. And yet, if any of their insects had escaped, that’s what would have happened.

    (tags: science openness open-source visibility transparency crispr gene-editing mice nantucket gene-drive)

Posted in Uncategorized | Comments closed

Links for 2017-07-11

Posted in Uncategorized | Comments closed

Links for 2017-07-10

Posted in Uncategorized | Comments closed

Links for 2017-07-06

  • The Guardian view on patient data: we need a better approach | Editorial | Opinion | The Guardian

    The use of privacy law to curb the tech giants in this instance, or of competition law in the case of the EU’s dispute with Google, both feel slightly maladapted. They do not address the real worry. It is not enough to say that the algorithms DeepMind develops will benefit patients and save lives. What matters is that they will belong to a private monopoly which developed them using public resources. If software promises to save lives on the scale that drugs now can, big data may be expected to behave as big pharma has done. We are still at the beginning of this revolution and small choices now may turn out to have gigantic consequences later. A long struggle will be needed to avoid a future of digital feudalism. Dame Elizabeth’s report is a welcome start.
    Hear hear.

    (tags: privacy law uk nhs data google deepmind healthcare tech open-source)

  • Why People With Brain Implants Are Afraid to Go Through Automatic Doors

    In 2009, Gary Olhoeft walked into a Best Buy to buy some DVDs. He walked out with his whole body twitching and convulsing. Olhoeft has a brain implant, tiny bits of microelectronic circuitry that deliver electrical impulses to his motor cortex in order to control the debilitating tremors he suffers as a symptom of Parkinson’s disease. It had been working fine. So, what happened when he passed through those double wide doors into consumer electronics paradise? He thinks the theft-prevention system interfered with his implant and turned it off. Olhoeft’s experience isn’t unique. According to the Food and Drug Administration’s MAUDE database of medical device reports, over the past five years there have been at least 374 cases where electromagnetic interference was reportedly a factor in an injury involving medical devices including neural implants, pacemakers and insulin pumps. In those reports, people detailed experiencing problems with their devices when going through airport security, using massagers or simply being near electrical sources like microwaves, cordless drills or “church sound boards.”

    (tags: internet-of-things iot best-buy implants parkinsons-disease emi healthcare devices interference)

  • Undefined Behavior in 2017

    This is an extremely detailed post on the state of dynamic checkers in C/C++ (via the inimitable Marc Brooker):

    Recently we’ve heard a few people imply that problems stemming from undefined behaviors (UB) in C and C++ are largely solved due to ubiquitous availability of dynamic checking tools such as ASan, UBSan, MSan, and TSan. We are here to state the obvious — that, despite the many excellent advances in tooling over the last few years, UB-related problems are far from solved — and to look at the current situation in detail.

    (tags: via:marc-brooker c c++ coding testing debugging dynamic-analysis valgrind asan ubsan tsan)

  • Talos Intelligence review of Nyetya and the M.E.Doc compromise

    Our Threat Intelligence and Interdiction team is concerned that the actor in question burned a significant capability in this attack.  They have now compromised both their backdoor in the M.E.Doc software and their ability to manipulate the server configuration in the update server. In short, the actor has given up the ability to deliver arbitrary code to the 80% of UA businesses that use M.E.Doc as their accounting software, along with any multinational corporations that leveraged the software.  This is a significant loss in operational capability, and the Threat Intelligence and Interdiction team assesses with moderate confidence that it is unlikely that they would have expended this capability without confidence that they now have or can easily obtain similar capability in target networks of highest priority to the threat actor.

    (tags: security malware nyetya notpetya medoc talos ransomware)

  • Use AWS WAF to Mitigate OWASP’s Top 10 Web Application Vulnerabilities

    ‘describes how you can use AWS WAF, a web application firewall, to address the top application security flaws as named by the Open Web Application Security Project (OWASP). Using AWS WAF, you can write rules to match patterns of exploitation attempts in HTTP requests and block requests from reaching your web servers. This whitepaper discusses manifestations of these security vulnerabilities, AWS WAF–based mitigation strategies, and other AWS services or solutions that can help address these threats.’

    (tags: security waf aws http owasp filtering)

  • welcome datacomp

    Some Mac third party keyboards used to (or maybe still do for all I know) have a little feature where if you didn’t type anything for a while they would themselves type ‘welcome datacomp’.
    (via RobS)

    (tags: via:rsynnott funny welcome-datacomp keyboards hardware fail ghost-typing haunted)

  • La història del gran tauró blanc de Tossa de Mar

    Amazing pic and newspaper report regarding a great white shark which washed up on the beach at Tossa de Mar in the Costa Brava in the 1980s

    (tags: tossa-de-mar costa-brava spain sharks nature great-white-shark 1980s history photos wildlife)

Posted in Uncategorized | Comments closed

Links for 2017-07-05

  • Why did Apple, Amazon, Google stocks crash to the same price today?

    Nasdaq said in a statement that “certain third parties improperly propagated test data that was distributed as part of the normal evening test procedures.” “For July 3, 2017, all production data was completed by 5:16 PM as expected per the early close of the markets,” the statement continued. “Any data messages received post 5:16 PM should be deemed as test data and purged from direct data recipient’s databases. UTP (Unlisted Trading Privileges) is asking all third parties to revert to Nasdaq Official Closing Prices effective at 5:16 PM.”

    (tags: testing fail stock-markets nasdaq test-data test production integration-testing test-in-prod)

  • Exactly-once Support in Apache Kafka – Jay Kreps

    If you’re one of the people who think [exactly-once support is impossible], I’d ask you to take an actual look at what we actually know to be possible and impossible, and what has been built in Kafka, and hopefully come to a more informed opinion. So let’s address this in two parts. First, is exactly-once a theoretical impossibility? Second, how does Kafka support it.

    (tags: exactly-once-delivery distributed kafka distcomp jay-kreps coding broadcast)

  • Letters and Liquor

    These are lovely! (via Ben)

    Letters and Liquor illustrates the history of lettering associated with cocktails. From the 1690s to the 1990s, I’ve selected 52 of the most important drinks in the cocktail canon and rendered their names in period-inspired design. I post a new drink each week with history, photos and recipes. Don’t want to miss a single cocktail? Click here for email updates.

    (tags: cocktails text letters typography graphics history booze)

Posted in Uncategorized | Comments closed

Links for 2017-07-03

Posted in Uncategorized | Comments closed

Links for 2017-06-30

  • Don’t Settle For Eventual Consistency

    Quite an argument. Not sure I agree, but worth a bookmark anyway…

    With an AP system, you are giving up consistency, and not really gaining anything in terms of effective availability, the type of availability you really care about.  Some might think you can regain strong consistency in an AP system by using strict quorums (where the number of nodes written + number of nodes read > number of replicas).  Cassandra calls this “tunable consistency”.  However, Kleppmann has shown that even with strict quorums, inconsistencies can result.10  So when choosing (algorithmic) availability over consistency, you are giving up consistency for not much in return, as well as gaining complexity in your clients when they have to deal with inconsistencies.

    (tags: cap-theorem databases storage cap consistency cp ap eventual-consistency)

  • Delivering Billions of Messages Exactly Once · Segment Blog

    holy crap, this is exactly the wrong way to build a massive-scale deduplication system — with a monster random-access “is this random UUID in the db” lookup

    (tags: deduping architecture horror segment messaging kafka)

Posted in Uncategorized | Comments closed

Links for 2017-06-28

  • Mozilla Employee Denied Entry to the United States

    Ugh. every non-USian tech worker’s nightmare. curl developer Daniel Stenberg:

    “I can’t think of a single valid reason why they would deny me travel, so what concerns me is that somehow someone did and then I’m worried that I’ll get trouble fixing that issue,” Stenberg said. “I’m a little worried since border crossings are fairly serious matters and getting trouble to visit the US in the future would be a serious blowback for me, both personally with friends and relatives there, and professionally with conferences and events there.”

    (tags: curl travel mozilla esta us-politics usa immigration flying)

Posted in Uncategorized | Comments closed

Links for 2017-06-27

  • RIPE Atlas Probes

    Interesting! We discussed similar ideas in $prevjob, good to see one hitting production globally.

    RIPE Atlas probes form the backbone of the RIPE Atlas infrastructure. Volunteers all over the world host these small hardware devices that actively measure Internet connectivity through ping, traceroute, DNS, SSL/TLS, NTP and HTTP measurements. This data is collected and aggregated by the RIPE NCC, which makes the data publicly available. Network operators, engineers, researchers and even home users have used this data for a wide range of purposes, from investigating network outages to DNS anycasting to testing IPv6 connectivity. Anyone can apply to host a RIPE Atlas probe. If your application is successful (based on your location), we will ship you a probe free of charge. Hosts simply need to plug their probe into their home (or other) network. Probes are USB-powered and are connected to an Ethernet port on the host’s router or switch. They then automatically and continuously perform active measurements about the Internet’s connectivity, and this data is sent to the RIPE NCC, where it is aggregated and made publicly available. We also use this data to create several Internet maps and data visualisations. [….] The hardware of the first and second generation probes is a Lantronix XPort Pro module with custom powering and housing built around it. The third generation probe is a modified TP-Link wireless router (model TL-MR 3020) with a small USB thumb drive in it, but this probe does not support WiFi.
    (via irldexter)

    (tags: via:irldexter ripe ncc probing active-monitoring networking ping traceroute dns testing http ipv6 anycast hardware devices isps)

  • “BBC English” was invented by a small team in the 1920s & 30s

    Excellent twitter thread:

    Today we speak of “BBC English” as a standard form of the language, but this form had to be invented by a small team in the 1920s & 30s. 1/ It turned out even within the upper-class London accent that became the basis for BBC English, many words had competing pronunciations. 2/ Thus in 1926, the BBC’s first managing director John Reith established an “Advisory Committee on Spoken English” to sort things out. 3/ The committee was chaired by Irish playwright George Bernard Shaw, and also included American essayist Logan Pearsall Smith, 4/ novelist Rose Macaulay, lexicographer (and 4th OED editor) C.T. Onions, art critic Kenneth Clark, journalist Alistair Cooke, 5/ ghost story writer Lady Cynthia Asquith, and evolutionary biologist and eugenicist Julian Huxley. 6/ The 20-person committee held fierce debates, and pronunciations now considered standard were often decided by just a few votes.

    (tags: bbc language english history rp received-pronunciation pronunciation john-reith)

Posted in Uncategorized | Comments closed

Links for 2017-06-26

Posted in Uncategorized | Comments closed

Links for 2017-06-24

Posted in Uncategorized | Comments closed

Links for 2017-06-22

Posted in Uncategorized | Comments closed

Links for 2017-06-21

Posted in Uncategorized | Comments closed

Links for 2017-06-20

Posted in Uncategorized | Comments closed

Links for 2017-06-19

Posted in Uncategorized | Comments closed

Links for 2017-06-16

Posted in Uncategorized | Comments closed

Links for 2017-06-15

  • Screen time guidelines need to be built on evidence, not hype | Science | The Guardian

    An open letter signed by about 100 scientists ‘from different countries and academic fields with research expertise and experience in screen time, child development and evidence-based policy.’

    If the government were to implement guidelines on screen-based technology at this point, as the authors of the letter suggest, this would be on the basis of little to no evidence. This risks the implementation of unnecessary, ineffective or even potentially harmful policies. For guidelines to have a meaningful impact, they need to be grounded in robust research evidence and acknowledge that children’s health and wellbeing is a complex issue affected by many other factors, such as socioeconomic status, relational poverty, and family environment – all of which are likely to be more relevant for children’s health and well-being than screens. For example, there is no consistent evidence that more screen time leads to less outdoor play; if anything the evidence indicates that screen time and physical outdoor activity are unrelated, and reductions in average time spent in outdoor play over time seem to be driven by other factors. Policy efforts to increase outdoor play that focus on screen time are therefore likely to be ineffective.
    (via Damien Mulley)

    (tags: via:damienmulley science children psychology screens screen-time childhood development evidence policy health open-letters)

Posted in Uncategorized | Comments closed

Links for 2017-06-14

Posted in Uncategorized | Comments closed

Links for 2017-06-12

Posted in Uncategorized | Comments closed

Links for 2017-06-09

  • How Turla hackers (ab)used satellites to stay under the radar | Ars Technica

    A very nifty hack. DVB-S broadcasts a subset of unencrypted IP traffic across a 600-mile radius:

    The Turla attackers listen for packets coming from a specific IP address in one of these classes. When certain packets—say, a TCP/IP SYN packet—are identified, the hackers spoof a reply to the source using a conventional Internet line. The legitimate user of the link just ignores the spoofed packet, since it goes to an otherwise unopened port, such as port 80 or 10080. With normal Internet connections, if a packet hits a closed port, the end user will normally send the ISP some indication that something went wrong. But satellite links typically use firewalls that drop packets to closed ports. This allows Turla to stealthily hijack the connections. The hack allowed computers infected with Turla spyware to communicate with Turla C&C servers without disclosing their location. Because the Turla attackers had their own satellite dish receiving the piggybacked signal, they could be anywhere within a 600-mile radius. As a result, researchers were largely stopped from shutting down the operation or gaining clues about who was carrying it out. “It’s probably one of the most effective methods of ensuring their operational security, or that nobody will ever find out the physical location of their command and control server,” Tanase told Ars. “I cannot think of a way of identifying the location of a command server. It can be anywhere in the range of the satellite beam.”

    (tags: turla hacks satellite security dvb dvb-s tcpip command-and-control syn)

Posted in Uncategorized | Comments closed

Links for 2017-06-08

Posted in Uncategorized | Comments closed

Links for 2017-06-07

Posted in Uncategorized | Comments closed

Links for 2017-06-06

Posted in Uncategorized | Comments closed

Links for 2017-06-01

Posted in Uncategorized | Comments closed

Links for 2017-05-31

  • EpiBone Grows New Bones Using Stem Cells

    To grow EpiBone, Tandon explained, scientists take a CT scan of the bone they’ll need to engineer. This helps them create a 3D model. Then, from the model, a 3D printer produces a scaffold (this can be made out of protein and collagen from animal bones or synthetic material). After that, they take stem cells from the patient out of their fat, and those cells are put into the scaffold and then incubated. They regenerate, and form around the bone. This process results in a bone that the body will recognize as the patient’s. The crazy part is that it only takes three weeks to grow a bone that’s personalized to the individual patient.

    (tags: stem-cells epibone bone body healing health medicine 3d-printing)

  • WHAT WENT WRONG IN BRITISH AIRWAYS DATACENTER IN MAY 2017?

    A SPOF UPS. There was a similar AZ-wide outage in one of the Amazon DUB datacenters with a similar root cause, if I recall correctly — supposedly redundant dual UPS systems were in fact interdependent, in that case, and power supply switchover wasn’t clean enough to avoid affecting the servers.

    Minutes later power was restored was resumed in what one source described as “uncontrolled fashion.” Instead of gradual restore, all power was restored at once resulting in a power surge.   BA CEO Cruz told BBC Radio this power surge  caused network hardware to fail. Also server hardware was damaged because of the power surge. It seems as if the UPS was the single point of failure for power feed of the IT equipment in Boadicea House . The Times is reporting that the same UPS was powering both Heathrow based datacenters. Which could be a double single point of failure if true (I doubt it is) The broken network  stopped the exchange of messages between different BA systems and application. Without messaging, there is no exchange of information between various applications. BA is using Progress Software’s Sonic [enterprise service bus].
    (via Tony Finch)

    (tags: postmortems ba airlines outages fail via:fanf datacenters ups power progress esb j2ee)

  • GDPR Advisors and Consultants – Data Compliance Europe

    Simon McGarr’s new consultancy:

    Our consultancy helps our clients understand how EU privacy law applies to their organisations; delivers the practical and concrete steps needed to achieve legal compliance; and helps them manage their continuing obligations after GDPR comes into force. Our structured approach to GDPR provides a long-term data compliance framework to minimise the ongoing risk of potential fines for data protection breaches. Our continuing partnership provides regulator liaison, advisory consultancy, and external Data Protection Officer services.

    (tags: gdpr simon-mcgarr law privacy eu europe data-protection regulation data)

Posted in Uncategorized | Comments closed

Links for 2017-05-29

Posted in Uncategorized | Comments closed

Links for 2017-05-26

Posted in Uncategorized | Comments closed

Links for 2017-05-25

  • ‘I’ve Got Nothing to Hide’ and Other Misunderstandings of Privacy by Daniel J. Solove :: SSRN

    In this short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove examines the nothing to hide argument. When asked about government surveillance and data mining, many people respond by declaring: “I’ve got nothing to hide.” According to the nothing to hide argument, there is no threat to privacy unless the government uncovers unlawful activity, in which case a person has no legitimate justification to claim that it remain private. The nothing to hide argument and its variants are quite prevalent, and thus are worth addressing. In this essay, Solove critiques the nothing to hide argument and exposes its faulty underpinnings.
    Via Fred Logue

    (tags: law philosophy privacy security essay papers daniel-solove surveillance snooping)

  • Enough with the microservices

    Good post!

    Much has been written on the pros and cons of microservices, but unfortunately I’m still seeing them as something being pursued in a cargo cult fashion in the growth-stage startup world. At the risk of rewriting Martin Fowler’s Microservice Premium article, I thought it would be good to write up some thoughts so that I can send them to clients when the topic arises, and hopefully help people avoid some of the mistakes I’ve seen. The mistake of choosing a path towards a given architecture or technology on the basis of so-called best practices articles found online is a costly one, and if I can help a single company avoid it then writing this will have been worth it.

    (tags: architecture design microservices coding devops ops monolith)

Posted in Uncategorized | Comments closed

Links for 2017-05-24

  • Skot Olsen — Blessed Saint Architeuthis

    Classic piece of freaky squid-related art, now purchaseable on giclee for $200! (very tempted)

    Saint Architeuthis is the patron saint of doomed sailors. While the origins of the saint remain unclear, it’s recent history and worship are well documented. Whalers who turned their attention to catching giant squid and sea serpents in the 19th century, began asking Saint Architeuthis for mercy whenever a hunt would go awry, which was fairly frequent. When hunting for such animals, one would sometimes be thrown over board or a boat would sink exposing the men to whatever was in the water at the time. A sailor would ask Saint Architeuthis for the quick and relatively painless death of drowning, rather than the hideous demise of being ripped apart by the beak of the squid or chewed up in the sea serpent’s hideous maw. Often, men would have visions of Saint Architeuthis who would appear before them in the form of a gigantic, yet benevolent squid wearing a bishop’s mitre and carrying tools of the squid hunter’s trade.

    (tags: art squid skot-olsen prints giclees toget weird)

Posted in Uncategorized | Comments closed

Links for 2017-05-23

  • U.S. top court tightens patent suit rules in blow to ‘patent trolls’

    This is excellent news, and a death knell for the East Texas patent troll court (cf https://motherboard.vice.com/en_us/article/the-small-town-judge-who-sees-a-quarter-of-the-nations-patent-cases ):

    The U.S. Supreme Court on Monday tightened rules for where patent lawsuits can be filed in a decision that may make it harder for so-called patent “trolls” to launch sometimes dodgy patent cases in friendly courts, a major irritant for high-tech giants like Apple and Alphabet Inc’s Google. In a decision that upends 27 years of law governing patent infringement cases, the justices sided with beverage flavoring company TC Heartland LLC in its legal battle with food and beverage company Kraft Heinz Co (KHC.O). The justices ruled 8-0 that patent suits can be filed only in courts located in the jurisdiction where the targeted company is incorporated.
    via Brad Fitzgerald

    (tags: via:bradfitz patents swpats east-texas law trolls supreme-court infringement)

Posted in Uncategorized | Comments closed

Links for 2017-05-22

Posted in Uncategorized | Comments closed

Links for 2017-05-20

Posted in Uncategorized | Comments closed

Links for 2017-05-18

  • Spotting a million dollars in your AWS account · Segment Blog

    You can easily split your spend by AWS service per month and call it a day. Ten thousand dollars of EC2, one thousand to S3, five hundred dollars to network traffic, etc. But what’s still missing is a synthesis of which products and engineering teams are dominating your costs.  Then, add in the fact that you may have hundreds of instances and millions of containers that come and go. Soon, what started as simple analysis problem has quickly become unimaginably complex.  In this follow-up post, we’d like to share details on the toolkit we used. Our hope is to offer up a few ideas to help you analyze your AWS spend, no matter whether you’re running only a handful of instances, or tens of thousands.

    (tags: segment money costs billing aws ec2 ecs ops)

Posted in Uncategorized | Comments closed