FEATURED STORY

Four short links: 26 November 2014

Metastable Failures, Static Python Analysis, Material Desktop, and AWS Scale Numbers

  1. Metastable Failure State (Facebook) — very nice story about working together to discover the cause of one of those persistently weird problems.
  2. Bandit — static security analysis of Python code.
  3. Quantum OS — Linux desktop based on Google’s Material Design. UI guidelines fascinate me: users love consistency, designers and brands hate that everything works the same.
  4. Inside AWSEvery day, AWS installs enough server infrastructure to host the entire Amazon e-tailing business from back in 2004, when Amazon the retailer was one-tenth its current size at $7 billion in annual revenue. “What has changed in the last year,” Hamilton asked rhetorically, and then quipped: “We have done it 365 more times.” That is another way of saying that in the past year AWS has added enough capacity to support a $2.55 trillion online retailing operation, should one ever be allowed to exist.
Comment

Copyrightability of Java APIs revisited

Google has asked the U.S. Supreme Court to review the CAFC’s ruling that Oracle's Java APIs are copyrightable.

Editor’s note: this is a forthcoming article for the March 2015 issue of Communications of the ACM (CACM); it is published here with permission.

For more than 20 years, the prevailing view has been that application program interfaces (APIs) are unprotectable elements of copyrighted computer programs. Under this view, programmers are free to reimplement other firms’ APIs in independently written code. Competition and innovation in the software industry has thrived amazingly well in part because of rulings upholding this understanding.

Challenging this view is the Court of Appeals of the Federal Circuit (CAFC) May 2014 decision in Oracle v. Google. The CAFC held that the “structure, sequence, and organization” (SSO) of Oracle’s Java APIs that Google reimplemented in its Android software are protectable expression under copyright law. It reversed a lower court ruling that the Java APIs were not copyrightable.

Google has asked the U.S. Supreme Court to review the CAFC’s ruling. Several amicus curiae (friend of the court) briefs have been filed in support of this effort. Hewlett-Packard, Red Hat, and Yahoo! (PDF) are among these amici (as am I and 77 computer scientists).

The Supreme Court may take the case because the CAFC’s decision is in conflict with other appellate court rulings that exclude APIs from copyright protection.

This article will explain the Oracle and Google theories about the copyrightability of Java APIs and the precedents on which each relies. The stakes in this case could not be higher. Read more…

Comment
Four short links: 25 November 2014

Four short links: 25 November 2014

NSA Playset, Open Access, XSS Framework, and Security Test Cases

  1. Michael Ossman and the NSA Playset — the guy who read the leaked descriptions of the NSA’s toolchest, built them, and open sourced the designs. One device, dubbed TWILIGHTVEGETABLE, is a knock off of an NSA-built GSM cell phone that’s designed to sniff and monitor Internet traffic. The ANT catalog lists it for $15,000; the NSA Playset researchers built one using a USB flash drive, a cheap SDR, and an antenna, for about $50. The most expensive device, a drone that spies on WiFi traffic called PORCUPINEMASQUERADE, costs about $600 to assemble. At Defcon, a complete NSA Playset toolkit was auctioned by the EFF for $2,250.
  2. Gates Foundation Announces World’s Strongest Policy on Open Access Research (Nature) — Once made open, papers must be published under a license that legally allows unrestricted re-use — including for commercial purposes. This might include ‘mining’ the text with computer software to draw conclusions and mix it with other work, distributing translations of the text, or selling republished versions. CC-BY! We believe that published research resulting from our funding should be promptly and broadly disseminated.
  3. Xenotixan advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 4700+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. Xenotix Scripting Engine allows you to create custom test cases and addons over the Xenotix API. It is incorporated with a feature-rich Information Gathering module for target Reconnaissance. The Exploit Framework includes offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
  4. Firing Range — Google’s open source set of web security test cases for scanners.
Comment

Interaction and industrial design team up to serve the IoT

Martin Charlier on design teams, responsibility, and service.

Industrial designers and interaction designers are joining forces to create the best services for Internet of Things (IoT). I sat down with Martin Charlier, a design strategist with a unique distinction of having both interaction and industrial design experience to talk about how the IoT is changing the design landscape, including team dynamics, responsible design, and value-driven design. Charlier is the co-author of the forthcoming Designing Connected Products and a contributor to Designing for Emerging Technologies. For a free download of sample chapters from Designing Connected Products click here.

Team dynamics

Charlier discusses the key ingredients for teams working on a product together and how to achieve a unified vision:

“I think every field needs to know a little bit about others, just a basic understanding of the other side. In some of the most interesting projects I’ve seen, the team was made up of somebody with an industrial design background, somebody doing more technology and somebody doing more interaction and user experience.

“The key, though, to some of the projects I’ve seen was that they started to work together as one team before splitting up into their respective domain areas so that there was a joined vision. I think that’s the most important thing: to come up with a joined vision. I think that’s where interaction design and industrial design, for example, need to think of either sides of the coin.”

Read more…

Comment: 1

Today’s designers are solving business problems

Tom Greever talks about the evolution of experience design and the challenges — and opportunities — facing designers today.

It’s no secret that design is playing a more prominent role within many organizations. Designers are becoming fundamentally linked to the development and success of products and services versus their more historical role polishing the appearance of those products and services. I recently sat down with Tom Greever, UX Director at Bitovi, to talk about the evolution of UX design, challenges that design professionals face today, and some of the keys to the success of the modern UX designer. Greever describes the evolution:

“Traditionally, the only problem we were trying to solve was to make something look better. It was a problem of just aesthetics, but now our designs have to solve for things like ease of use, or conversion, or user engagement. We’re solving business problems. We’re helping businesses achieve their goals through design, and if we can’t do that, then our designs aren’t any good. We’re not creating the right experience. They’re not providing value.”

Read more…

Comments: 2

Signals from Strata + Hadoop World in Barcelona 2014

From the Internet of Things to data-driven fashion, here are key insights from Strata + Hadoop World in Barcelona 2014.

Experts from across the big data world came together for Strata + Hadoop World in Barcelona 2014. We’ve gathered insights from the event below.

#IoTH: The Internet of Things and Humans

“If we could start over with these capabilities we have now, how would we do it differently?” Tim O’Reilly continues to explore data and the Internet of Things through the lens of human empowerment and the ability to “use technology to give people superpowers.”

Read more…

Comment