@KishoreBytes notes: “Helix [is] not well known but widely used at LinkedIn, Airbnb, Pinterest, Uber, Yahoo to build distributed systems. Helix is probably managing hundreds of thousands of servers today!” It is “a generic cluster management framework used for automatic management of partitioned, replicated and distributed resources hosted on a cluster of nodes, [providing] the following features: Automatic assignment of resource/partition to nodes; Node failure detection and recovery; Dynamic addition of Resources; Dynamic addition of nodes to the cluster; Pluggable distributed state machine to manage the state of a resource via state transitions; Automatic load balancing and throttling of transitions” Sounds handy for automatic shard-based scaling. Built on Zookeeper.
[…] a method of cookery practiced by the rural poor in the early to mid 19th century Ireland […] Parboiling or half-roasting rendered a potato that was at once half-cooked and half-raw, with the inner core hard to the bite. Potatoes cooked in this way were called potatoes with the moon (an ghealach) or potatoes with the bone. William Wilde, father of Oscar, describes the practice in some detail in his essay, ‘The Food of the Irish’, which was published in 1854 in the Dublin University Magazine. Here is his explanation of the practice: “the heart of the potato was allowed, by checking the boiling at a particular point, to remain parboiled, hard and waxy; when the rest of the potato has been masticated in the usual manner, this hard lump, about the size of a walnut, was bolted; and in this manner nearly a stone of the root was taken into the stomach of the Irish labourer per diem… it was grounded on a certain knowledge of physiology. “The stomach digested the well boiled farinaceous portion of the potato within the space of a few hours, and that having all been disposed of, the half-boiled lumps remained behind, and a second digestion was commenced to assimilate this portion of food, and convert it into nutritious, life-sustaining material; which latter process lasted some hours longer, and thus the craving of hunger were warded off for five or six hours after the original meal.”
Justin Mason's Weblog Posts
This is a great idea and a good way to approach OSS funding, IMO:
We have seen skilled developers come and go for years, the latter becoming a growing concern. Contributing takes a crazy amount of time and people have family, work and other responsibilities to take care of. Thus when core team contributors are willing to be paid for making Free Software, we have decided that GIMP as a project should encourage such endeavours by putting more emphasis on their funding. There are currently 2 such crowdfunding projects. You can consider these crowdfundings as “official” as can be and completely endorsed by the GIMP project.
Paper in JAMA, mentioned by Daniel Griffin in his COVID-19 Clinical Updates on TWIV. “We compared symptoms compatible with long COVID in children and adolescents reported within 6 months after SARS-CoV-2 serologic testing [… using] a longitudinal cohort study investigating SARS-CoV-2 seroprevalence in 55 randomly selected schools in the canton of Zurich in Switzerland.” Results: 4% — so 1 in 25 — reported at least one symptom lasting more than 3 months after the initial infection date, particularly fatigue, or difficulty concentrating.
There was a “protest” outside the Dail in Dublin yesterday purporting to be “brides-to-be” disappointed at ongoing COVID-19 restrictions on weddings. As this Reddit post notes, however, it seems extremely likely that this “protest” is an astroturfed PR campaign. Sadly the Irish news media were happy to report it straight and gloss over the astroturfing. ‘Nothing I’ve said here will really be a surprise to anyone, and it’s not exactly the Reichstag Fire, but I hope it’s a useful example of just how poorly Irish media serves the audience, and how easily astroturfing is done here. This protest couldn’t muster the hundred or so “real” people they expected to show up, as the padding they’d have needed to look convincing, but others can – and do. Something worth remembering for how our national media covers major, minor, totally or partly fake protests in future, and how protests are organised in the first place. Not all their instigators are as mostly-harmless as Wedding Planners.’
Pretty short list, unfortunately :(
Chrome extension for flexible full text browsing history search. Press f, then space or tab, in the omnibar to start searching your previously visited websites! Every time you visit a website in Chrome, Falcon indexes all the text on the page so that the site can be easily found later. Then, for example, if you type f
mugwort, Falcon will show the websites you visited containing the text “mugwort”! Install from the Chrome store here or get the CRX file!
‘the reason we have been stuck using boron instead of gallium over the past 20 years is that the process of doping silicon with gallium was locked under a patent.’ IP destroying the world now….
Finally, a decent article on the origins of COVID-19 from The Bulletin of the Atomic Scientists, by Ian Lipkin:
Over the past 40 years, I have personally been involved in addressing several: HIV/AIDS, West Nile encephalitis, SARS, MERS, Lujo, Lassa, Nipah, Dandenong, Ebola, Marburg, dengue, monkeypox, Zika, influenza, and COVID-19. Estimates of numbers of unknown viruses lurking in mammals range from 320,000 to 1,000,000. If even 1 percent of them can infect humans or domestic animals, we may be ignorant of thousands of potential threats to human health and food security. In an increasingly interconnected world, diseases that might once have been contained to a region are now global. Accordingly, the international community can have zero tolerance for wildlife markets and wildlife trafficking for food, medicinal, or pet trade purposes. Our current focus in on China. However, trafficking in wildlife is a global threat and should be banned everywhere. It may have contributed to the emergence of HIV/AIDS and to outbreaks of Ebola and Marburg
Wow, this is Proustian —
This repository contains bitmapped fonts from disused operating systems and graphical user interfaces. As operating systems and GUIs have moved on to scalable vector fonts, the bitmap fonts that dominated the 1980s and 1990s languish away in non-obvious and often binary formats that are rapidly falling into obscurity. The main purpose of this repository is to liberate these fonts from their binary shackles, preserving the ancient art of monochrome bitmap typography for human appreciation.
The story of BigPharmia and Novaxia, from Oliver Johnson on Twitter, a nice demo of how log-scale graphs can make interesting patterns in the data clearer
BMJ op-ed from Karl Friston and Anthony Costello:
The UK is an outlier by allowing children to remain unvaccinated at a time when lifting of restrictions will increase covid-19 infection rates. We have heard much about how vaccination is breaking — or weakening — the link between SARS-CoV-2 and the clinical manifestations of covid-19. We consider the nature of this link from the perspective of quantitative modelling — and what it means for risks following exposure to the virus. In brief, it suggests we should shift our focus from mortality to morbidity, particularly in children.
Including a Python script to decode a Green Pass code:
As you can see, 23 year-old Gabriele was vaccinated in February, once, with BioNTech/Pfizer’s Comirnaty. What is not included is the date during which she is considered immune. Those are calculated from the number of shots received and the date of vaccination, as well as the circumstances (going to a restaurant vs. going to work, for example) by the scanner app. Apart from the name/manufacturer of the received vaccine, there is no superfluous data inside, so the QR code is not a privacy nightmare, as some have feared.
Given the increased risk of vaccine-induced thrombosis, the HSE have produced this leaflet to advise young people. IMO it should really include details of Long Covid, although I guess that’s hard to quantify at this stage
Amazing C=64 demo, running on a 1541 disk drive connected directly to the monitor! What an insane hack. I too ran demo code on the 1541 in one of my demos, but the only video output in that case was to flash the LED on the drive in time with the music :) (thanks Craig!)
what does the ONS data tell us with their very large datasets? They looked at 313,000 people aged 2 or over, surveyed in the month to June 6. On July 1 the new data shows 962,000 people in private households in the UK (1.5% of the population) were experiencing self-reported “long COVID” (symptoms persisting for more than four weeks). https://www.ons.gov.uk/peoplepopulationandcommunity/healthandsocialcare/conditionsanddiseases/bulletins/prevalenceofongoingsymptomsfollowingcoronaviruscovid19infectionintheuk/1july2021 856,000 (89.0%) first had (or suspected they had) COVID-19 at least 12 weeks previously, and 385,000 (40.0%) first had (or suspected they had) COVID-19 at least one year previously. They estimate that 13,000 children aged 2-11, 20,000 aged 12-16 and 71,000 aged 17-24 had Long Covid of any duration. Most in these 3 age groups had had symptoms for AT LEAST 12 weeks (10,000, 16000, 65000 respectively). Perhaps most worrying is that the latest UK Long Covid estimate for children aged 12-16 who experience prolonged symptoms for at least ONE YEAR is 0.12% (0.06-0.17) or 1 in 830, with possible but unknown effects on developing brain structure based on recent adult studies.Costello is a member of Independent SAGE and an ex-director of the WHO
Detailed thread from Professor Philip Nolan on Twitter, on the scenario modelling used by NPHET to inform the government on likely COVID-19 infection trajectories; several models are used, including a basic SEIR model and an agent-based model, “where social structures and transmission are simulated in detail at the individual level; these show rapid spread in younger people with transmission into older groups, and highlight uncertainty on the role of children and adolescents”, and the role of super-spreader events. tl;dr: “a variant with a transmission advantage [ie., Delta] can do very significant damage if we let it spread in a partially vaccinated population, the scale of the damage depends on the transmission advantage, and it starts slowly and escalates rapidly.”
“19 March 1991: Three software developers. One desk. No chairs.” — I was there!
arm_freq_min and over_voltage settings do the job
According to one calculation, the heat wave was five standard deviations above expectations, meaning it was an event that should arrive, in the absence of climate change, once every 5,000 years. That’s once since the age of Ancient Egypt. We are experiencing that five-sigma event this year. In British Columbia, it was as hot as it was in Death Valley, California. They called it Death Valley for a reason.
One “important reason”, Rischard said, was the failure of the UK and EU to agree on mutual recognition of database rights. While both have an agreement to recognise copyright protections, that only covers work which is creative in nature. Maps, as a simple factual representation of the world, are not covered by copyright in the same way, but until Brexit were covered by an EU-wide agreement that protected databases where there had been “a substantial investment in obtaining, verifying or presenting the data”. But since Brexit, any database made on or after 1 January 2021 in the UK will not be protected in the EU, and vice versa. Other concerns Rischard listed include the increasing complexity and cost of “banking, finance and using PayPal in the UK”, the inability for the organisation to secure charitable status, and the loss of .eu domains. The increased importance of the EU in matters of tech regulation also played a role: “We could more effectively lobby the EU [and] EU governments and have more of an impact, especially in countries where there is no local chapter,” Rischard wrote.
This is an excellent classification for a particular style of climate denialism: ‘‘Discourses of climate delay’ pervade current debates on climate action. These discourses accept the existence of climate change, but justify inaction or inadequate efforts. In contemporary discussions on what actions should be taken, by whom and how fast, proponents of climate delay would argue for minimal action or action taken by others. They focus attention on the negative social effects of climate policies and raise doubt that mitigation is possible. Here, we outline the common features of climate delay discourses and provide a guide to identifying them. […] * Someone else should take actions first: redirect responsibility * Disruptive change is not necessary: push non-transformative solutions * Change will be disruptive: emphasise the downsides * It’s not possible to mitigate climate change: surrender.’
All looking pretty shite for Western Digital — one of their engineers *removed* the need for authentication on the factory-reset PHP script for the My Book Live devices:
A Western Digital developer created five lines of code to password-protect the reset command. For unknown reasons, the authentication check was [….] commented out as indicated by the double / character at the beginning of each line. […] The discovery raises a vexing question: if the hackers had already obtained full root access by exploiting CVE-2018-18472 [a separate bug], what need did they have for this second security flaw? There’s no clear answer, but based on the evidence available, Abdine has come up with a plausible theory — that one hacker first exploited CVE-2018-18472 and a rival hacker later exploited the other vulnerability in an attempt to wrest control of those already compromised devices.
‘a system-wide profiler, combining multiple sampling profilers to produce unified visualization of what your CPU is spending time on.’ — claims to have little impact on performance of running code, supports Linux, java and Ruby
Ivermectin, in this case, but hydroxychloroquine before that, and other treatments for cancer and so on before that. ‘What seems to really be at work here, in the end, is a political battle, not a medical one. The laetrile wars of the 1970s also launched what’s known as the “health freedom” movement — a libertarian-tinged social tendency that holds Americans should have unrestricted access to alternative treatments—into the spotlight. […] It’s a familiar set of claims, amounting to an assertion that being given the broadest possible platform is the same as being silenced, and that one’s theories being tested is the same as them having been suppressed.’ I think part of the appeal of these drugs is that you can claim that they _are_ a miracle cure, and that they are being suppressed by a conspiracy of silence by Big Pharma. The conspiracy part is a key selling point for the promoters. Interesting phenomenon, though.
Snapchat are fans, using cronet on the Android/iPhone client side. The HN comment thread at https://news.ycombinator.com/item?id=27626394 is also a decent read, some insightful discussion
we determined that calls to time.Now() or time.Since(time.Time) in Golang were taking about 200 times longer on new servers than they were on old servers. We found similar impacts in Python, which lead us to the clocksource. It turns out that in our Grub boot parameters for AL2, we had added clocksource=hpet about two years ago, but all of our servers launched prior to 6/17 had a clocksource of kvm-clock, apparently ignoring the Grub config. Servers launched after 6/17 (with the same AMI, Grub config, everything) were honoring the specified clocksource, which caused our performance issue.
Amazing level of detail on how the Apollo mission control room operated! (plus more from Ken Shirriff at https://twitter.com/kenshirriff/status/1409241533757345792 )
It seems that ‘symptoms vary slightly based on whether you’re fully vaccinated, half vaccinated or unvaccinated.’
Senior executives at a French spyware firm have been indicted for the company’s sale of surveillance software to authoritarian regimes in Libya and Egypt that resulted in the torture and disappearance of dissidents. While high-tech surveillance is a multibillion-dollar industry worldwide, it is rare for companies or individuals to face legal consequences for selling such technologies—even to notorious dictatorships or other dangerous regimes. But charges in the Paris Judicial Court against leaders at Amesys, a surveillance company that later changed its name to Nexa Technology, claim that the sales to Libya and Egypt over the last decade led to the crushing of opposition, torture of dissidents, and other human rights abuses. The former head of Amesys, Philippe Vannier, and three current and former executives at Nexa technologies were indicted for “complicity in acts of torture” for selling spy technology to the Libyan regime. French media report that Nexa president Olivier Bohbot, managing director Renaud Roques, and former president Stéphane Salies face the same charges for surveillance sales to Egypt.
This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set. […] Fully Homomorphic Encryption (FHE) is an emerging data processing paradigm that allows developers to perform transformations on encrypted data. FHE can change the way computations are performed by preserving privacy end-to-end, thereby giving users even greater confidence that their information will remain private and secure.
Matthew Green writes: “This is an amazing paper. It implies (with strong statistical evidence) that the design of a major mobile-data encryption algorithm — used in GPRS data — was deliberately backdoored by its designer.”
Instead of providing full 64-bit security, we show that the initial state of GEA-1 can be recovered from as little as 65 bits of known keystream (with at least 24 bits coming from one frame) in time 240 GEA-1 evaluations and using 44.5 GiB of memory. The attack on GEA-1 is based on an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance. This unusual pattern indicates that the weakness is intentionally hidden to limit the security level to 40 bit by design.
Impressive performance figures from the distributed messaging/streaming platform using NVMe and DCPMM persistent memory devices: ‘Pulsar architecture can accommodate different types of hardware which allows users to balance performance and cost based on required throughput and latency. Pulsar has the capability to adapt to the next generation of storage devices to achieve better performance. We have also seen that persistent memory excels in the race to achieving higher write throughput by maintaining low latency. ‘
there are a few limits you must understand to model properly in DynamoDB. If you’re not aware of them, you can run into a brick wall. But if you understand them and account for them, you remove the element of surprise once your app hits production. Those limits are: The item size limit; The page size limit for Query and Scan operations; and The partition throughput limits. Notice how these limits build on each other. The first is about an individual item, whereas the second is about a collection of items that are read together in a single request. Finally, the partition throughput limit is about the number and size of concurrent requests in a single DynamoDB partition.I just ran into the last one on a pretty massive table we own, so this is worth bookmarking…
The Irish Meteorological Service blog the innards of their current forecasting system, IREPS — lots of juicy technical detail! Apparently it is a HARMONIE-AROME based model configuration: ‘In 2018, Met Éireann developed its first ensemble-based NWP system, known as the Irish Regional Ensemble Prediction System (IREPS). Originally run twice per day, this system produced 11 forecasts (known as members) for weather conditions over the next 36 hours. On April 15th 2020, the IREPS system was upgraded to a 54-hour, 11-member ensemble which is run four times per day.’
‘The Open Source Airtable alternative’ — looks nifty as a quick and easy way to hook up an SQL database to a web-based spreadsheet view
For US soldiers tasked with the custody of nuclear weapons in Europe, the stakes are high. Security protocols are lengthy, detailed and need to be known by heart. To simplify this process, some service members have been using publicly visible flashcard learning apps — inadvertently revealing a multitude of sensitive security protocols about US nuclear weapons and the bases at which they are stored. […] the flashcards studied by soldiers tasked with guarding these devices reveal not just the bases, but even identify the exact shelters with “hot” vaults that likely contain nuclear weapons. They also detail intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have.omgwtf!
I was looking for a decent definition of this over the weekend, and couldn’t find it, so bookmarking for future reference. ‘Greenhouse gas emissions are categorised into three groups or ‘Scopes’ by the most widely-used international accounting tool, the Greenhouse Gas (GHG) Protocol. Scope 1 covers direct emissions from owned or controlled sources. Scope 2 covers indirect emissions from the generation of purchased electricity, steam, heating and cooling consumed by the reporting company. Scope 3 includes all other indirect emissions that occur in a company’s value chain.’
Looks extremely nifty — a global CDN for your code: ‘Fly is a platform for applications that need to run globally. It runs your code close to users and scales compute in cities where your app is busiest. Write your code, package it into a Docker image, deploy it to Fly’s platform and let that do all the work to keep your app snappy.’ Decent pricing, too.
‘Our hypothesis was that after a trauma, patients would have fewer intrusive memories [from post-traumatic stress] if they got to play Tetris as part of a short behavioural intervention while waiting in the hospital Emergency Department,’ says Professor Holmes. ‘Since the game is visually demanding, we wanted to see if it could prevent the intrusive aspects of the traumatic memories from becoming established i.e. by disrupting a process known as memory consolidation.’ The study involved 71 motor vehicle accident victims, of whom half received the intervention (recalled the trauma briefly and then played Tetris) while waiting in the hospital emergency department, and half performed another task, all doing so within six hours of the accident. Results showed that the researchers’ hypothesis was right: those who had played Tetris had fewer intrusive memories of the trauma in total over the week immediately following the accident than the controls. The researchers also found that the intrusive memories diminished more quickly.Amazing! The paper is at https://pubmed.ncbi.nlm.nih.gov/28348380/ ; follow-up trials with more participants are underway.
What the hell. This is incredibly dystopian shit.
They told McDaniel something he could hardly believe: an algorithm built by the Chicago Police Department predicted […] that McDaniel would be involved in a shooting. That he would be a “party to violence,” but it wasn’t clear what side of the barrel he might be on. He could be the shooter, he might get shot. They didn’t know. But the data said he was at risk either way. McDaniel was both a potential victim and a potential perpetrator, and the visitors on his porch treated him as such. A social worker told him that he could help him if he was interested in finding assistance to secure a job, for example, or mental health services. And police were there, too, with a warning: from here on out, the Chicago Police Department would be watching him. The algorithm indicated Robert McDaniel was more likely than 99.9 percent of Chicago’s population to either be shot or to have a shooting connected to him. That made him dangerous, and top brass at the Chicago PD knew it. So McDaniel had better be on his best behavior.tl;dr: police attention and apparently-“suspicious” interactions with cops as a result of the predictive policing listing wound up with him assumed to be a “snitch”, resulting in several attempts on his life. What a mess.
We perform a detailed vertical analysis of application performance atop a range of modern file systems and SSD FTLs. We formalize the “unwritten contract” that clients of SSDs should follow to obtain high performance, and conduct our analysis to uncover application and file system designs that violate the contract. Our analysis, which utilizes a highly detailed SSD simulation underneath traces taken from real workloads and file systems, provides insight into how to better construct applications, file systems, and FTLs to realize robust and sustainable performance.(via Nelson)
Via Keith Dawson:
A large study out of Australia has added to the accumulating evidence that the level of neutralizing antibodies circulating in the blood is highly correlated with protection against symptomatic Covid-19. Ars Technica has a good summary of the research and what it means. It’s known that antibody levels decline with time. This work also gave hints about how long protection against disease might last after natural infection or vaccination — which bears on whether or when we might need a booster shot. The Ars reporter writes: ‘A vaccine with 95% efficacy after the second dose would still have an estimated 77% efficacy 250 days out. And that’s for protection against a symptomatic infection. The protection against severe COVID-19 is much stronger and would likely take far longer to decline… A starting efficacy of 70% would be down to 33% efficacy at 250 days.’ The model the researchers developed was able to predict, with good accuracy, the efficacy a vaccine should show in Phase III trials based on the antibody levels measured in Phase I and II.
Crazy HPC-oriented feature in current AWS offerings: shared memory buffers over EFA:
HPC workloads use algorithms that require parallelization and a low latency communication between the different processes. The two main technologies used for the parallel communications are message-passing with distributed memory and shared memory. Message Passing Interface (MPI) is a message-passing standard used for the communication in a parallel distributed environment. Elastic Fabric Adapter (EFA) enables your MPI applications to use low-latency, inter-node communication. The shared memory paradigm allows multiple processors in the same system to communicate using a memory (RAM) portion that is shared between the processes. This method takes advantage of the high-speed memory bus.
This is very cool. Updating the old “C10K” problem space to C1.2M — the current state of Linux userspace networking — using libreactor and a whole load of up-to-date tweaks. Interesting to note that this scale is feasible to run in Docker (using –network=host, of course).
Scaleway dealing with the storage-driven cryptocurrency:
This cryptocurrency is a few months old, and at Scaleway, we are already witnessing the impact of Chia on all our products, from Object Storage and instances, to dedicated servers. Speculative farmers are forcing their way in to make as much money as possible, as quickly as possible. [….] In order to service as many clients as possible, we have decided that from today: Chia plotting is forbidden on all SSD and NVMe powered instances, dedicated servers, RPN-SAN, BMaaS and Block Storage services. Chia plotting is extremely I/O intensive and destroys most SSDs in under a few weeks Important notice: Chia plotting engages client responsibility according to Section 9 of our contract. We will bill clients for any SSDs and NVMes destroyed due to Chia plotting activities.
To believe that our choices are the restoration of continuity or the breakdown of society paradoxically is to not take the planetary [climate] crisis seriously enough — and that’s terrible, because the unexpected boon of seriousness is awakening to possibility, to the capacities we gain amidst disruption and acceleration. Seen through 20th century eyes, everything is about to get really weird, really fast. But discontinuity is not just danger. Discontinuity means change in our selves and our societies. [….] It is too late to avoid huge losses, enormous suffering. But it is absolutely not too late to limit our losses to those we’ve already set in motion, and to seize our opportunities to build a better human world — indeed, quite possibly a better world than the one we have now.
tl;dr: ‘Don’t use select() anymore in 2021.’ Select(2) on Linux has a limit of 1024 fds
‘Each day, try to do either projects or interrupts, not both. If you’re oncall, don’t try to do projects, and vice versa. People aren’t machines, context switches are really expensive, and usually assumed to be free in process planning. People who are constantly interrupted end up with delayed and sloppy project work, and vice versa (people who have a lot of project work are sloppy at interrupts unless time is carved out for them). Your team’s oncall and interrupt-handling should be structured around funneling interrupts at the people who are supposed to be interrupted. If that’s too much for those people, add more people until it isn’t. “Spreading the load” by assigning items across the entire team randomly is counter-productive.’
Great. Lethal machine learning is now in prod:
Last year in Libya, a Turkish-made autonomous weapon — the STM Kargu-2 drone — may have “hunted down and remotely engaged” retreating soldiers loyal to the Libyan General Khalifa Haftar, according to a recent report by the UN Panel of Experts on Libya. [….] the Kargu-2 signifies something perhaps even more globally significant: a new chapter in autonomous weapons, one in which they are used to fight and kill human beings based on artificial intelligence. The Kargu is a “loitering” drone that can use machine learning-based object classification to select and engage targets, with swarming capabilities in development to allow 20 drones to work together. The UN report calls the Kargu-2 a lethal autonomous weapon. Its maker, STM, touts the weapon’s “anti-personnel” capabilities.
‘Essentials for your daily round’ — a really lovely set of EDC products, and not _too_ crazy expensive….
crikey. Freenode ops resign en masse and move to another service due to a dodgy-sounding “change of management” by some MtGox dude
A modern — working! — replica of the DEC PDP-11/70. Truly a thing of retrocomputing beauty
This is new to me — Thanks to David Mee for the pointer.
‘During WWII, one of Nazi Germany’s most notorious communication codes was broken by a mild mannered librarian and family man from West Limerick, Richard Hayes. His day-job was as Director of the National Library of Ireland – but during wartime, he secretly led a team of cryptanalysts as they worked feverishly on the infamous “Görtz Cipher” – a fiendish Nazi code that had stumped some of the greatest code breaking minds at Bletchley Park, the centre of British wartime cryptography.
But who was Richard Hayes? He was a man of many lives. An academic, an aesthete, a loving father and one of World War Two’s most prolific Nazi Codebreakers.
At the outbreak of WWII, Hayes, being highly regarded for his mathematical and linguistic expertise, was approached by the head of Irish Military Intelligence (G2), Colonel Dan Bryan, with a Top Secret mission. At the behest of Taoiseach Éamon de Valera, Hayes was given an office and three lieutenants to decode wireless messages being covertly transmitted via Morse code from a house in north Dublin owned by the German Embassy. The coded messages posed a huge threat to Irish national security and the wider war effort. As Hayes team worked to break the code, it was all academic until he met his greatest challenge yet. The man who was to be his nemesis, Dr. Herman Görtz, a German agent who parachuted into Ireland in 1940 in full Luftwaffe uniform in an attempt to spy and transmit his own coded messages back to Berlin. […] The events that transpired were a battle of wits between the mild mannered genius librarian and his nemesis, the flamboyant Nazi spy.
Hayes has been referred to by MI5 as Irelands “greatest unsung hero” and the American Office of Strategic Services as “a colossus of a man” yet due to the secret nature of his work he is virtually unheard of in his own country.’
Hayes was our lead code-breaker, director of the National Library of Ireland, and then director of the Chester Beatty Museum; he was the first to discover the German use of microdots to hide secret messages; and MI5 credited him with a “whole series of ciphers that couldn’t have been solved without [his] input”. Quite the polymath!
The book is apparently well worth a read: Code Breaker, by Marc McMenamin, and I can strongly recommend this RTE radio documentary. It’s full of amazing details, such as the process of feeding Hermann Görtz false information while he was in prison, in order to mislead the Nazis.
After the war, he fruitlessly warned the Irish government not to use a “Swedish cipher machine”, presumably one made by Boris Hagelin, who went on to found Crypto AG, which later proved to be providing backdoors in its machines to the CIA and BND.
Quite a towering figure in the history of Irish cryptography and cryptanalysis!
Featuring an interesting dig into the current state of Windows system and network-level diagnostic tools:
netsh trace […] correlates events on the wire with events that happen on the TCP layer, timers, buffer management, socket layer, and even the Windows asyncio subsystem (IOCP).
‘Extract Tables from PDFs – If you’ve ever tried to do anything with data provided to you in PDFs, you know how painful it is — there’s no easy way to copy-and-paste rows of data out of PDF files. Tabula allows you to extract that data into a CSV or Microsoft Excel spreadsheet using a simple, easy-to-use interface. Tabula works on Mac, Windows and Linux.’
Wow, this is not OK — Facebook are massively mistreating these contract workers.
“Every day was a nightmare,” she said, adding that the support given was “insufficient.” Facebook says psychological help is available to all its moderators 24 hours a day, but Isabella claims its wellness coaches are not qualified psychiatrists. “I was seeing the wellness team but didn’t feel I got the support I needed. I can’t say I left work feeling relieved or knowing I could go home and have a good night’s sleep – that’s not possible,” she added. “It would follow me home. I could just be watching TV at home and think back to one of the horrible, really graphic tickets.”“Wellness coaches” are not sufficient — this is exploitation.
Nature paper on the UK contact notification app’s impact on the COVID-19 pandemic:
Here we investigated the impact of the NHS COVID-19 app for England and Wales, from its launch on 24 September 2020 through to the end of December 2020. It was used regularly by approximately 16.5 million users (28% of the total population), and sent approximately 1.7 million exposure notifications: 4.4 per index case consenting to contact tracing. We estimated that the fraction of app-notified individuals subsequently showing symptoms and testing positive (the secondary attack rate, SAR) was 6.0%, comparable to the SAR for manually traced close contacts. We estimated the number of cases averted by the app using two complementary approaches. Modelling based on the notifications and SAR gave 284,000 (108,000-450,000), and statistical comparison of matched neighbouring local authorities gave 594,000 (317,000-914,000). Roughly one case was averted for each case consenting to notification of their contacts. We estimated that for every percentage point increase in app users, the number of cases can be reduced by 0.8% (modelling) or 2.3% (statistical analysis). These findings provide evidence for continued development and deployment of such apps in populations that are awaiting full protection from vaccines.
An extremely long and detailed discussion from Jose-Luis Jimenez of how, exactly, the science of airborne transmission of disease via 5-micron infective droplets wound up wrong, and remained incorrect for much of modern medicine, culminating in the disastrous treatment of COVID-19
This nails the issue with housing in Ireland:
The Government has been called on to do something to stop this. Even Fianna Fáil politicians have come out crying crocodile tears of outrage. But the truth is the investor purchase of housing in Ireland on a major scale is actually Government policy and has been for the last decade. The Government does not actually want you to be able to buy or rent an affordable home. They have created an unaffordable housing system that is focused on delivering housing as an investment asset, not a home.[…] This current crisis has been brewing for a long time. It goes back to the Celtic Tiger days of the late 1990s and early 2000s when the Fianna Fáil-PD Governments encouraged the shift from housing to be treated as a home, to people buying it up as an investment asset. They told people to speculate in the property market and gave tax breaks for landlords to buy a second, or third, home to rent out. These became the ‘buy-to-let’ investors. The banks lent out massively which added fuel to the fire of rising housing prices, and the inevitable crash happened in 2008 and 2009. As their response to the disaster they had created, Fianna Fáil turned to global ‘vulture’ funds to buy up the bad loans and failed housing projects. They set up the ‘bad bank’ NAMA, which went on, under the Fine Gael Government from 2011 to the current day, to sell off (at a discount) huge land banks and billions of euro worth of properties to vulture and real estate investment funds.
Nice walkthrough of rooting and extending a bit of IOT hardware
It’s a depressing read, as ever. Ulster Unionism is a mess, is falling apart, and is vulnerable to being taken over by the paramilitaries:
“Unionism is losing power and control. It needs leaders who have the skill to say, look, we have cards to play and if we are sensible we can save this place. Instead, Arlene said if there was a united Ireland she’d leave. People are left feeling unappeased but it is not a definite thing. It is more a kind of grief or sense they have lost something intangible. It is about shattered dreams.”
“Nuke tweets in one click” —
Don’t like a bad tweet? Block the tweet, its author, and every single person who liked it—in one click.Genius.
Here’s the best bit:
Tesla patched the vulnerabilities with an update pushed out in October 2020, and it has reportedly stopped using ConnMan. Intel was also informed since the company was the original developer of ConnMan, but the researchers said the chipmaker believed it was not its responsibility. The researchers learned that the ConnMan component is widely used in the automotive industry, which could mean that similar attacks can be launched against other vehicles as well. Weinmann and Schmotzle turned to Germany’s national CERT for help in informing potentially impacted vendors, but it’s currently unclear if other manufacturers have taken action in response to the researchers’ findings.Great job, Intel….
Solid paper in PLOS – ‘Validation testing to determine the sensitivity of lateral flow testing for asymptomatic SARS-CoV-2 detection in low prevalence settings: Testing frequency and public health messaging is key’:
Our data show that the Innova LFD can successfully detect SARS-CoV-2 infection in people with a viral titre above approximately 100 viral copies/ml. However, as determined at our site using the ThermoFisher COVID-19 TaqPath assay, it is incapable of detecting infection at comparable PCR Ct values of 30 and over. These levels of infection are indicative of very early or very late stages of infection, and as such, we would strongly recommend that LFD testing is used to screen people at very regular frequency and that a negative result should not be used to determine that someone is free from SARS-CoV-2 infection.IMO ‘very regular frequency’ is the key detail here. Single LFA rapid tests, alone, are not useful as a simple replacement for PCR tests.
If you visit the west of Ireland or Achill, you can still see the traces of booleying today. Fascinating part of Irish rural history:
by the 1800s, it was mostly young people and teenage girls especially who had the job of looking after cows at these seasonal ‘boolies’. This gave rise to a vibrant but now largely forgotten cultural scene in Ireland’s uplands. Oral history collected in the 1930s and 1940s in Connemara, Mayo, Donegal, and the Galtee Mountains makes clear that booleying facilitated the transmission of a lot of important cultural knowledge. One man from Cloch Cheannaola in Donegal states that his mother had learned her songs from other dairymaids in the hills, while another account from Iorras Aintheach in Galway outlines how the girls not only sang but played musical instruments and danced as well. [….] The small degree of independence which young women gained as participants in booleying was sometimes missed later on in life. There is an unmistakeable sense of loss in songs like Na Gamhna Geala and Aililiú na Gamhna, in which married women reminisce about their time looking after cows and calves in the hills.
Hard not to sympathise with this take —
I’ve had to develop a special radar for reading product pages now: a mounting feeling of dread as a promising technology is introduced while I inevitably arrive at the buried lede: it’s more crypto bullshit. Cryptocurrency is the multi-level marketing of the tech world. “Hi! How’ve you been? Long time no see! Oh, I’ve been working on this cool distributed database file store archive thing. We’re doing an ICO next week.” Then I leave. Any technology which is not an (alleged) currency and which incorporates blockchain anyway would always work better without it. There are hundreds, perhaps thousands, of cryptocurrency scams and ponzi schemes trussed up to look like some kind of legitimate offering. Even if the project you’re working on is totally cool and solves all of these problems, there are 100 other projects pretending to be like yours which are ultimately concerned with transferring money from their users to their founders. Which one are investors more likely to invest in? Hint: it’s the one that’s more profitable. Those promises of “we’re different!” are always hollow anyway. Remember the DAO? They wanted to avoid social arbitration entirely for financial contracts, but when the chips are down and their money was walking out the door, they forked the blockchain.
An exhaustive copy of the official Sites and Monuments Record annotated on Google Maps (via ITS Slack)