Nat Torkington

Nat has chaired the O'Reilly Open Source Convention and other O'Reilly conferences for over a decade. He ran the first web server in New Zealand, co-wrote the best-selling Perl Cookbook, and was one of the founding Radar bloggers. He lives in New Zealand and consults in the Asia-Pacific region.

Four short links: 28 August 2015

Four short links: 28 August 2015

Ad Blockers, Self-Evaluation, Blockchain Podcast, and Mobile Fingerprints

  1. 10 Ad Blocking Extensions Tested for Best PerformanceThis test is about the performance of an ad blocker in terms of how quickly it loads a range of ad blocked pages, the maximum amount of memory it uses, and how much stress it puts on the CPU. µBlock Origin wins for Chrome. (via Nelson Minar)
  2. Staff Evaluation of Me (Karl Fisch) — I also tried the Google Form approach. 0 responses, from which I concluded that nobody had any problems with me and DEFINITELY no conclusions could be drawn about my coworkers creating mail filters to mark my messages as spam.
  3. Blockchain (BBC) — episode on the blockchain that does a good job of staying accurate while being comprehensible. (via Sam Kinsley)
  4. Fingerprints On Mobile Devices: Abusing and Leaking (PDF) — We will analyze the mobile fingerprint authentication and authorization frameworks, and discuss several security pitfalls of the current designs, including: Confused Authorization Attack; Unsecure fingerprint data storage; Trusted fingerprint sensors exposed to the untrusted world; Backdoor of pre-embedding fingerprints.
Comment: 1
Four short links: 27 August 2015

Four short links: 27 August 2015

Chrome as APT, Nature's Mimicry, Information Extraction, and Better 3D Printing

  1. The Advanced Persistent Threat You Have: Google Chrome (PDF) — argues that if you can’t detect and classify Google Chrome’s self-updating behavior, you’re not in a position to know when you’re hit by malware that also downloads and executes code from the net that updates executables and system files.
  2. Things Mimicking Other Things — nifty visual catalog/graph of camouflage and imitation in nature.
  3. MITIE — permissively-licensed (Boost) tools for named entity extraction and binary relation detection as well as tools for training custom extractors and relation detectors.
  4. MultiFab Prints 10 Materials At Once — and uses computer vision to self-calibrate and self-correct, as well as letting users embed objects (e.g., circuit boards) in the print. developed by CSAIL researchers from low-cost, off-the-shelf components that cost a total of $7,000
Comment
Four short links: 26 August 2015

Four short links: 26 August 2015

World SF, Digital Currency Scholarships, Project Management, and Glass 3D Printing

  1. The Apex Book of World SF 4 (Amazon) — if SF invents the future by shaping and directing our imagination, and if you believe that non-American cultures will ascend over time, then it behooves you to sample this collection of SF from beyond the usual. (via Cory Doctorow)
  2. Diversity Scholarships Available — to Digital Consensus 2015, a conference on digital currency. Apply or tell someone who is eligible.
  3. Making Huge Projects Work (Amy Hoy) — the description of her workflow for modest and monster projects was useful to me, and may be to you as well. I think the real question is “where do we get an Alex of our own?” [Note: swearing]
  4. Additive Manufacturing of Optically Transparent Glass (PDF) — yes, a 3D printer that emits glass. Check out the videos on IFL Science.
Comment
Four short links: 25 August 2015

Four short links: 25 August 2015

Microservices Anti-Patterns, Reverse Engineering Course, Graph Language, and Automation Research

  1. Seven Microservices Anti-PatternsOne common mistake people made with SOA was misunderstanding how to achieve the reusability of services. Teams mostly focused on technical cohesion rather than functional regarding reusability. For example, several services functioned as a data access layer (ORM) to expose tables as services; they thought it would be highly reusable. This created an artificial physical layer managed by a horizontal team, which caused delivery dependency. Any service created should be highly autonomous – meaning independent of each other.
  2. CSCI 4974 / 6974 Hardware Reverse Engineering — RPI CS course in reverse engineering.
  3. The Gremlin Graph Traversal Language (Slideshare) — preso on a language for navigating graph data structures, which is part of the Apache TinkerPop (“Open Source Graph Computing”) suite.
  4. Why Are There Still So Many Jobs? The History and Future of Workplace Automation (PDF) — paper about the history of technology and labour. The issue is not that middle-class workers are doomed by automation and technology, but instead that human capital investment must be at the heart of any long-term strategy for producing skills that are complemented by rather than substituted for by technological change. Found via Scott Santens’s comprehensive rebuttal.
Comment
Four short links: 24 August 2015

Four short links: 24 August 2015

Real World Security, Car Hacking, News Designs, and Graphs in Shared Memory

  1. This World of Ours (PDF) — funny and accurate skewering of the modern security researcher. In the real world, threat models are much simpler (see Figure 1). Basically, you’re either dealing with Mossad or not-Mossad. If your adversary is not-Mossad, then you’ll probably be fine if you pick a good password and don’t respond to emails from ChEaPestPAiNPi11s@virus-basket.biz.ru. If your adversary is the Mossad, YOU’RE GONNA DIE AND THERE’S NOTHING THAT YOU CAN DO ABOUT IT. The Mossad is not intimidated by the fact that you employ https://.
  2. Highway to Hack: Why We’re Just at the Beginning of the Auto Hacking Era (Ars Technica) — detailed article covering the state of in-car networks and the security risks therein. (via BoingBoing)
  3. 64 Ways to Think about a News Homepage — design and content ideas.
  4. Ligraa lightweight graph processing framework for shared memory. It is particularly suited for implementing parallel graph traversal algorithms where only a subset of the vertices are processed in an iteration.
Comment
Four short links: 21 August 2015

Four short links: 21 August 2015

Web Experiments, Virtual Time, Reading Postmortem, and Chinese Robot Companies

  1. Doing Science on the Web (Alex Russell) — Minimizing harm to the ecosystem from experiments-gone-wrong […] This illustrates what happens when experiments inadvertently become critical infrastructure. It has happened before. Over, and over, and over again. Imma need therapy for the flashbacks. THE HORROR.
  2. Virtual Time (Adrian Colyer) — applying special relativity to distributed systems. Contains lines like: All messages sent explicitly by user programs have a positive (+) sign; their antimessages have a negative (-) sign. Whenever a process sends a message, what actually happens is that a faithful copy of the message is transmitted to the receiver’s input queue, and a negative copy, the antimessage, is retained in the sender’s output queue for use in case the sender rolls back. Curl up with your intoxicant of choice and prepare to see the colour of infinity.
  3. Lessons Learned from Reading Postmortems — (of the software kind) Except in extreme emergencies, risky code changes are basically never simultaneously pushed out to all machines because of the risk of taking down a service company-wide. But it seems that every company has to learn the hard way that seemingly benign config changes can also cause a company-wide service outage.
  4. 194 Chinese Robot Companies (Robohub) — Overall, 107 Chinese companies are involved in industrial robotics. Many of these new industrial robot makers are producing products that, because of quality, safety, and design regulations, will only be acceptable to the Chinese market. Many interesting numbers about the Chinese robotics biz.
Comment
Four short links: 20 August 2015

Four short links: 20 August 2015

Automata Class, Low-UI Wearables, Broken Science, and Understandable Eigenvectors

  • Stanford Automata — Stanford course covers finite automata, context-free grammars, Turing machines, undecidable problems, and intractable problems (NP-completeness).
  • Oura — very nice wearable, with no UI to worry about. Put it on, and it’s on. (via Fast Company)
  • Science Isn’t Brokenit’s just a hell of a lot harder than we give it credit for. Beautifully written (and interactively illustrated) description of why science is easy to get wrong.
  • Eigenvectors in Plain English — absolutely the easiest to understand explanation I’ve ever read. It’s a miracle. (And I crashed and burned in linear algebra when matrices were used, so if *I* can get it …)
    Comment
    Four short links: 19 August 2015

    Four short links: 19 August 2015

    Privacy-Respecting Algorithms, Dealers Growing, Book Recommendations, and End of Internet Dreams

    1. Efficient Algorithms for Public-Private Social Networks — Google Research paper on privacy-respecting algorithms for social networks. From the overview: the models of privacy we’re landing on (nodes or edges in the graph are marked as “private” by a user) mean that enforcing these privacy guarantees translates to solving a different algorithmic problem for each user in the network, and for this reason, developing algorithms that process these social graphs and respect these privacy guarantees can become computationally expensive. The paper shows how to efficiently approximate some of the graph operations required to run a social network.
    2. Rise of Networked Platforms for Physical World Services (Tim O’Reilly) — the central player begins by feeding its network of suppliers, but eventually begins to compete with it. […] Over time, as networks reach monopoly or near-monopoly status, they must wrestle with the issue of how to create more value than they capture — how much value to take out of the ecosystem, versus how much they must leave for other players in order for the marketplace to continue to thrive.
    3. Book Recommendations from BLDBLOGWinslow memorably pointed out how farmers in the Sinaloa region of Mexico had been swept up into the cartel’s infinitely flexible method of production, and that, despite any ensuing role growing and harvesting marijuana or even poppies, the cartel offered them new jobs in logistics, not agriculture. “They didn’t want to be farmers,” Winslow said at Bookcourt, “they wanted to be FedEx.”
    4. The End of the Internet Dream (Jennifer Granick) — this is all gold. Something resonating with my current meditations: People are sick and tired of crappy software. And they aren’t going to take it any more. The proliferation of networked devices — the Internet of Things — is going to mean all kinds of manufacturers traditionally subject to products liability are also software purveyors. If an autonomous car crashes, or a networked toaster catches on fire, you can bet there is going to be product liability. […] I think software liability is inevitable. I think it’s necessary. I think it will make coding more expensive, and more conservative. I think we’ll do a crappy job of it for a really long time.
    Comment
    Four short links: 18 August 2015

    Four short links: 18 August 2015

    Chris Grainger Ships, Disorderly Data-Centric Languages, PCA for Fun and Fashion, and Know Thy History

    1. Eve, Version 0 (Chris Grainger) — Version 0 contains a database, compiler, query runtime, data editor, and query editor. Basically, it’s a database with an IDE. You can add data both manually or through importing a CSV and then you can create queries over that data using our visual query editor.
    2. BOOM: Berkeley Orders Of Magnitudean effort to explore implementing Cloud software using disorderly, data-centric languages.
    3. Eigenstyle — clever analysis and reconstruction of images through principal component analysis. And here are “prettiest ugly dresses,” those that I classified as dislikes, that the program predicted I would really like.
    4. Turing Digital Archivemany of Turing’s letters, talks, photographs, and unpublished papers, as well as memoirs and obituaries written about him. It contains images of the original documents that are held in the Turing collection at King’s College, Cambridge. (Timely as Jason Scott works to save a manual archive: [1], [2], [3])
    Comment
    Four short links: 17 August 2015

    Four short links: 17 August 2015

    Fix the Future, Hack a Dash, Inside a $50 Smartphone, and Smartphone Sensors

    1. Women in Science Fiction Bundle — pay-what-you-want bundle of SF written by women. SF shapes invention, but it’s often a future filled with square-jawed men and chiseled Space Desperados, with women relegated to incidental roles. And lo, the sci-tech industry evolved brogrammers. This bundle is a good start toward a cure. Dare to imagine a future where women are people, too. (via Cory Doctorow)
    2. How I Hacked Amazon’s $5 WiFi Button to track Baby Data (Ed Benson) — Dash Buttons are small $5 plastic buttons with a battery and a WiFi connection inside. I’m going to show you how to hijack and use these buttons for just about anything you want. (via Flowing Data)
    3. The Realities of a $50 Smartphone (Engadget) — it can be done, but it literally won’t be pretty. If this thought experiment has revealed anything, it’s that there’s no such thing as a profit in the Android world any more.
    4. The Pocket Lab — a wireless sensor for smartphones that measures acceleration, force, angular velocity, magnetic field, pressure, altitude, and temperature.
    Comment