White Hat’s Dilemma (Google Docs) — amazeballs preso with lots of tough ethical questions for people in the computer field.
Chinese Hacking Team Caught Taking Over Decoy Water Plant (MIT Tech Review) — Wilhoit went on to show evidence that other hacking groups besides APT1 intentionally seek out and compromise water plant systems. Between March and June this year, 12 honeypots deployed across eight different countries attracted 74 intentional attacks, 10 of which were sophisticated enough to wrest complete control of the dummy control system.
CoreOS — Linux kernel + systemd. That’s about it. CoreOS has just enough bits to run containers, but does not ship a package manager itself. In fact, the root partition is completely read-only, to guarantee consistency and make updates reliable. Docker-compatible.
Nyan Cat and Keyboard Cat Are Trademarked Memes (Ars Technica) — the business of this (presumably there will be royalties in the end) is less interesting to me than the murky tension between authorship, ownership, sharing, popularity, and profit. We still lack a common expectation for how memes can be owned and exploited.
Stealing US Military Secrets (Bloomberg) — One former intelligence official described internal Pentagon discussions over whether another Lockheed Martin fighter jet, the F-22 Raptor, could safely be deployed in combat, because several subcontractors had been hacked. The article is full of horror stories about Chinese penetration of US military contractors.
China = 41% of World’s Internet Attack Traffic (Bloomberg) — numbers are from Akamai’s research. Verizon Communications said in a separate report that China accounted for 96 percent of all global espionage cases it investigated. One interpretation is that China is a rogue Internet state, but another is that we need to harden up our systems. (via ZD Net)
China Startups: The Gold Rush (Steve Blank) — dense fact- and insight-filled piece. Not only is the Chinese ecosystem completely different but also the consumer demographics and user expectations are equally unique. 70% of Chinese Internet users are under 30. Instead of email, they’ve grown up with QQ instant messages. They’re used to using the web and increasingly the mobile web for everything, commerce, communication, games, etc. (They also probably haven’t seen a phone that isn’t mobile.) By the end of 2012, there were 85 million iOS and 160 million Android devices in China. And they were increasing at an aggregate 33 million IOS and Android activations per month.
The Well Deserved Fortune of Satoshi Nakamoto — I can’t assure with 100% certainty that the all the black dots are owned by Satoshi, but almost all are owned by a single entity, and that entity began mining right from block 1, and with the same performance as the genesis block. It can be identified by constant slope segments that occasionally restart. Also this entity is the only entity that has shown complete trust in Bitcoin, since it hasn’t spend any coins (as last as the eye can see). I estimate at eyesight that Satoshi fortune is around 1M Bitcoins, or 100M USD at current exchange rate. Author’s credible. (via Hacker News)
Houdini (Github) — C library for escaping and unescaping UTF-8-encoded HTML, according to OWASP guidelines.
The $12 Gongkai Phone (Bunnie Huang) — gongkai isn’t a totally lawless free-for-all. It’s a network of ideas, spread peer-to-peer, with certain rules to enforce sharing and to prevent leeching. It’s very different from Western IP concepts, but I’m trying to have an open mind about it.
Jan Chipchase on Google Glass (All Things D) — Any idiot can collect data. The real issue is how to collect data in such a way that meets both moral and legal obligations and still delivers some form of value. An interesting observation, one of many within this overview of the usability and third-party user experience of Google Glass-like UIs.
What American Startups Can Learn From the Cutthroat Chinese Software Industry — It follows that the idea of “viral” or “organic” growth doesn’t exist in China. “User acquisition is all about media buys. Platform-to-platform in China is war, and it is fought viciously and bitterly. If you have a Gmail account and send an email to, for example, NetEase163.com, which is the local web dominant player, it will most likely go to spam or junk folders regardless of your settings. Just to get an email to go through to your inbox, the company sending the email needs to have a special partnership.” This entire article is a horror show.
White House Hangout Maker Movement (Whitehouse) — During the Hangout, Tom Kalil will discuss the elements of an “all hands on deck” effort to promote Making, with participants including: Dale Dougherty, Founder and Publisher of MAKE; Tara Tiger Brown, Los Angeles Makerspace; Super Awesome Sylvia, Super Awesome Maker Show; Saul Griffith, Co-Founder, Otherlab; Venkatesh Prasad, Ford.
The Modern Malware Review (PDF) — 90% of fully undetected malware was delivered via web-browsing; It took antivirus vendors 4 times as long to detect malware from web-based applications as opposed to email (20 days for web, 5 days for email); FTP was observed to be exceptionally high-risk.
Bend Not Break — she had an amazing life but this caught my eye in the Make review: In China, she told me, making and craftsmanship are highly revered, and under Mao, factory jobs were prized. Her experience working in Mao’s factories planted a seed in her mind that sprouted when she sought to create her own company. Rather than launch another internet-based business as was the rage at the time, she wanted to connect software to the physical world. (via Makezine)
DIY Weapons of the Syrian Rebels (The Atlantic) — if WWII France had had X-Box controllers, they’d have been releasing remote controlled homebrew deathmobiles too.
Using Silk Road — exploring the transactions, probability of being busted, and more. Had me at the heading Silk Road as Cyphernomicon’s black markets. Estimates of risk of participating in the underground economy.
Travis CI — a hosted continuous integration service for the open source community. It is integrated with GitHub.
$250 Arduino-Powered Hand Made by a Teen — the third version of his robotic hand. The hand is primarily made with 3D printing, with the exception of motors, gears, and other hardware. The control system is activated by flexing a pre-chosen muscle, such as curling your toes, then the movement is chosen and controlled by a series of eyeblinks and an EEG headset to measure brainwaves. The most remarkable part is that the hand costs a mere $250.
Ed Startups in a Nutshell (Dan Meyer) — I couldn’t agree with Dan more: The Internet is like a round pipe. Lecture videos and machine-scored exercises are like round pegs. They pass easily from one end of the pipe to the other. But there are square and triangular pegs: student-student and teacher-student relationships, arguments, open problems, performance tasks, projects, modeling, and rich assessments. These pegs, right now, do not flow through that round pipe well at all.
CA Assembly Bill No. 292 — This bill would provide that the full text of the California Code of Regulations shall bear an open access creative commons attribution license, allowing any individual, at no cost, to use, distribute, and create derivative works based on the material for either commercial or noncommercial purposes. (via BoingBoing)
The Inside Story of PACER (Ars Technica) — PACER has become a cash cow for the judicial branch, generating $100 million in profits the court has plowed into non-PACER IT projects. (via BoingBoing)
Manipulating Memory for Fun and Profit (PDF) — It is a common belief that RAM loses its content as soon as the power is down. This is wrong, RAM is not immediately erased. It may take up to several minutes in a standard environment, even if the RAM is removed from the computer. And it may last much longer if you cool the DRAM chips. With a simple dusty spraying at -50°C, your RAM data can survive more that 10 minutes. If you cool the chips at -196°C with liquid nitrogen, data are held for several hours without any power.
The Indiepocalypse (Andy Baio) — We’re at the beginning of an indiepocalypse — a global shift in how culture is made, from a traditional publisher model to independently produced and distributed works.
China, GitHub, and MITM — No browser would prevent the authorities from using their ultimate tool though: certificates signed by the China Internet Network Information Center. CNNIC is controlled by the government through the Ministry of Industry and Information Technology. They are recognized by all major browsers as a trusted Certificate Authority. If they sign a fake certificate used in a man-in-the-middle attack, no browser will warn of any usual activity. The discussion of how GitHub (or any site) could be MITM’d is fascinating, as is the pros and cons for a national security agency to coopt the certificate-signing NIC.