Introduction to Computational Advertising — slides to a Stanford class on a new “scientific discipline” whose central challenge is to find the best ad to present to a user engaged in a given context, such as querying a search engine (“sponsored search”), reading a web page (“content match”), watching a movie, and IM-ing. “Scientific discipline” makes me gag. You could devise algorithms, measure performance, and write papers about the best way to put carrots up your bottom or the best way to pick pockets, but those still aren’t complex enough activities to be trumpeted as “new scientific disciplines”. (Although I do look forward to reading Stanford’s CBUM126, “Introduction to Carrot Stuffing” lecture notes online). (via Greg Linden)
Timing Attack in Google KeyCzar Library — if you compare strings in the naive way, attackers can figure out whether the first bytes they gave you are correct based on the time the comparison takes. When they get the first bytes correct, then they can work on the next, and so on. This is a common mode of information leakage, and reminds me of my revelation when I began to edit security books: “this stuff is hard”. New programmers are not taught to think like attackers, and the only trope of secure programming that they’re taught is “avoid buffer overflows”. (via Simon Willison)
Climate Wizard — explore historical temperature data as well as the various climate models and see what their predictions look like across the United States. (via Sciblogs)
Contextual Clothing for Naked Transparency (Jon Udell) — notable for this: The Net can be an engine for context assembly, a wonderful phrase I picked up years ago from Jack Ozzie. We used to think that the challenge of social software was to amass as many users as quickly as possible, but the far harder problem to solve is how to help those people contribute to something positive. YouTube comments shows that simply having a lot of users doesn’t make something virtuous.
