Nat Torkington

Nat has chaired the O'Reilly Open Source Convention and other O'Reilly conferences for over a decade. He ran the first web server in New Zealand, co-wrote the best-selling Perl Cookbook, and was one of the founding Radar bloggers. He lives in New Zealand and consults in the Asia-Pacific region.

Four short links: 30 December 2014

Four short links: 30 December 2014

DevOps Security, Bit Twiddling, Design Debates, and Chinese IP

  1. DevOoops (Slideshare) — many ways in which your devops efforts can undermine your security efforts.
  2. Matters Computational (PDF) — low-level bit-twiddling and algorithms with source code. (via Jarkko Hietaniemi)
  3. Top 5 Game Design Debates I Ignored in 2014 (Daniel Cook) — Stretch your humanity.
  4. From Gongkai to Open Source (Bunnie Huang) — The West has a “broadcast” view of IP and ownership: good ideas and innovation are credited to a clearly specified set of authors or inventors, and society pays them a royalty for their initiative and good works. China has a “network” view of IP and ownership: the far-sight necessary to create good ideas and innovations is attained by standing on the shoulders of others, and as such there is a network of people who trade these ideas as favors among each other. In a system with such a loose attitude toward IP, sharing with the network is necessary as tomorrow it could be your friend standing on your shoulders, and you’ll be looking to them for favors. This is unlike the West, where rule of law enables IP to be amassed over a long period of time, creating impenetrable monopoly positions. It’s good for the guys on top, but tough for the upstarts.
Comment
Four short links: 29 December 2014

Four short links: 29 December 2014

Open Source Submersible, Web Language, Cheap Robot Arm, and Visualisation Trends

  1. OpenROV — open source submersible, funded in 1 day on Kickstarter, now available for purchase.
  2. Ur/Web — web application language that’s functional, pure, statically typed, and strict. (via IT World)
  3. MeArm (Thingiverse) — a low cost robot arm. The meArm is designed to be light weight and inexpensive – to be the perfect introduction to robotics. Design on Thingiverse, kickstarting the controller.
  4. Eric Rodenbeck on Running a Studio (Flowing Data) — Stamen’s founder on the challenges of staying current. I hadn’t realised quite how quickly the visualisation field is changing.
Comment
Four short links: 26 December 2014

Four short links: 26 December 2014

Science Software, Better Bitmaps, Pushy Internet, and Graphical Perception

  1. How Bad Software Leads to Bad Science — 21% of scientists who write software have never received training in software development.
  2. Roaring Bitmapscompressed bitmaps which tend to outperform conventional compressed bitmaps such as WAH, EWAH or Concise. In some instances, they can be hundreds of times faster and they often offer significantly better compression.
  3. Two Eras of the Internet: From Pull to Push (Chris Dixon) — in which the consumer becomes the infinite sink for an unending and constant stream of updates, media, and social mobile local offers to swipe right on brands near you.
  4. Graphical Perception: Theory, Experimentation, and Application to the Development of Graphical Methods (PDF) — research on how well people decode visual cues. In order: Position along a common scale e.g. scatter plot; Position on identical but nonaligned scales e.g. multiple scatter plots; Length e.g. bar chart; Angle & Slope (tie) e.g. pie chart; Area e.g. bubbles; Volume, density, and color saturation (tie) e.g. heatmap; Color hue e.g. newsmap. (via Flowing Data)
Comments: 2
Four short links: 25 December 2015

Four short links: 25 December 2015

Smart Cities, Blockchain Innovation, Brain Interfaces, and Knowledge Graphs

  1. Smartest Cities Rely on Citizen Cunning and Unglamorous Technology (The Guardian) — vendors like Microsoft, IBM, Siemens, Cisco and Hitachi construct the resident of the smart city as someone without agency; merely a passive consumer of municipal services – at best, perhaps, a generator of data that can later be aggregated, mined for relevant inference, and acted upon. Should he or she attempt to practise democracy in any form that spills on to the public way, the smart city has no way of accounting for this activity other than interpreting it as an untoward disruption to the orderly flow of circulation.
  2. Second Wave of Blockchain Innovation — the economic challenges of innovating on the blockchain.
  3. Introduction to the Modern Brain-Computer Interface Design (UCSD) — The lectures were first given by Christian Kothe (SCCN/UCSD) in 2012 at University of Osnabrueck within the Cognitive Science curriculum and have now been recorded in the form of an open online course. The course includes basics of EEG, BCI, signal processing, machine learning, and also contains tutorials on using BCILAB and the lab streaming layer software.
  4. Machine Learning with Knowledge Graphs (video) — see also extra readings.
Comment
Four short links: 24 December 2014

Four short links: 24 December 2014

DRMed Objects, Eventual Consistency, Complex Systems, and Machine Learning Papers

  1. DRMed Cat Litter Box — the future is when you don’t own what you buy, and it’s illegal to make it work better. (via BoingBoing)
  2. Are We Consistent Yet? — the eventuality of consistency on different cloud platforms.
  3. How Complex Systems Fail (YouTube) — Richard Cook’s Velocity 2012 keynote.
  4. Interesting papers from NIPS 2014 — machine learning holiday reading.
Comment
Four short links: 23 December 2014

Four short links: 23 December 2014

Useful Metrics, Trouble at Mill, Drug R&D, and Disruptive Opportunities

  1. Metrics for Operational Performance — you’d be surprised how many places around your business you can meaningfully and productively track time-to-detection and time-to-resolution.
  2. Steel Mill Hacked — damage includes a blast furnace that couldn’t be shut down properly.
  3. Cerebros — drug-smuggling’s equivalent of corporate R&D. (via Regine Debatty)
  4. Ramble About Bitcoin (Matt Webb) — the meta I’m trying to figure out is: when you spot that one of these deep value chains is at the beginning of a big reconfiguration, what do you do? How do you enter it as a small business? How, as a national economy, do you help it along and make sure the transition happens healthily?
Comment
Four short links: 22 December 2014

Four short links: 22 December 2014

Manufacturers and Consumers, Time Management, Ethical Decisions, and Faux Faces

  1. Manufacturers and Consumers (Matt Webb) — manufacturers never spoke to consumers before. They spoke with distributors and retailers. But now products are connected to the Internet, manufacturers suddenly have a relationship with the consumer. And they literally don’t know what to do.
  2. Calendar Hacks (Etsy) — inspiration for your New Year’s resolution to waste less time.
  3. Making an Ethical Decision — there actually is an [web] app for that.
  4. Masks That Look Human to Computers — an artist creates masks that look like faces to face-recognition algorithms, but not necessarily to us. cf Deep Neural Networks are Easily Fooled.
Comment: 1
Four short links: 19 December 2014

Four short links: 19 December 2014

Statistical Causality, Clustering Bitcoin, Hardware Security, and A Language for Scripts

  1. Distinguishing Cause and Effect using Observational Data — research paper evaluating effectiveness of the “additive noise” test, a nifty statistical trick to identify causal relationships from observational data. (via Slashdot)
  2. Clustering Bitcoin Accounts Using Heuristics (O’Reilly Radar) — In theory, a user can go by many different pseudonyms. If that user is careful and keeps the activity of those different pseudonyms separate, completely distinct from one another, then they can really maintain a level of, maybe not anonymity, but again, cryptographically it’s called pseudo-anonymity. […] It turns out in reality, though, the way most users and services are using bitcoin, was really not following any of the guidelines that you would need to follow in order to achieve this notion of pseudo-anonymity. So, basically, what we were able to do is develop certain heuristics for clustering together different public keys, or different pseudonyms.
  3. A Primer on Hardware Security: Models, Methods, and Metrics (PDF) — Camouflaging: This is a layout-level technique to hamper image-processing-based extraction of gate-level netlist. In one embodiment of camouflaging, the layouts of standard cells are designed to look alike, resulting in incorrect extraction of the netlist. The layout of nand cell and the layout of nor cell look different and hence their functionality can be extracted. However, the layout of a camouflaged nand cell and the layout of camouflaged nor cell can be made to look identical and hence an attacker cannot unambiguously extract their functionality.
  4. Prompter: A Domain-Specific Language for Versu (PDF) — literally a scripting language (you write theatrical-style scripts, characters, dialogues, and events) for an inference engine that lets you talk to characters and have a different story play out each time.
Comment
Four short links: 18 December 2014

Four short links: 18 December 2014

Manufacturer Rootkits, Dangerous Dongle, Physical Visualisation, and Cryptoed Comms

  1. Popular Chinese Android Smartphone Backdoored By ManufacturerCoolpad is the third largest smartphone builder in China, and ranks sixth worldwide with 3.7 percent global market share. It trails only Lenovo and Xiaomi in China and is the leader of China’s 4G market with 16 percent market share. Coolpad outsells Samsung and Apple in China, and has said it plans to expand globally with a goal of 60 million phones worldwide. For now, its high-end Halo Dazen phones are the only ones containing the backdoor, Palo Alto said. Backdoor enabled installation of other apps, dial numbers, send messages, and report back to the mothership. The manufacturer even ran the command-and-control nodes for the malware.
  2. USB Driveby — dongle that plugs into USB, and tries to root the box. Specifically, when you normally plug in a mouse or keyboard into a machine, no authorization is required to begin using them. The devices can simply begin typing and clicking. We exploit this fact by sending arbitrary keystrokes meant to launch specific applications (via Spotlight/Alfred/Quicksilver), permanently evade a local firewall (Little Snitch), install a reverse shell in crontab, and even modify DNS settings without any additional permissions.
  3. Physical Data Visualisationsa chronological list of physical visualizations and related artifacts. (via Flowing Data)
  4. Dissentan anonymous communication substrate intended primarily for applications built on a broadcast communication model: for example, bulletin boards, wikis, auctions, or voting. Users of an online group obtain cryptographic guarantees of sender and receiver anonymity, message integrity, disruption resistance, proportionality, and location hiding. And a pony.
Comment
Four short links: 17 December 2014

Four short links: 17 December 2014

Security Stick, Spyware Toy, Bezos Time, and Popular JavaScript

  1. USB Armory — another Linux-on-a-stick, but this one has some nifty dimensions and security applications in mind.
  2. Who’s the Boss?The Elf on the Shelf essentially teaches the child to accept an external form of non-familial surveillance in the home when the elf becomes the source of power and judgment, based on a set of rules attributable to Santa Claus. Excellent deconstruction of ludic malware. (via Washington Post)
  3. Bezos on Time (Business Insider) — Where you are going to spend your time and your energy is one of the most important decisions you get to make in life. We all have a limited amount of time, and where you spend it and how you spend it is just an incredibly levered way to think about the world. This (he says at 9 p.m. in the office, in a different city from his family!).
  4. libscore — popularity of JavaScript scripts and libraries in the top million sites. But remember, just because all the cool kids do it doesn’t make right for you. (via Medium)
Comment