"crypto" entries

Four short links: 11 February 2016

Four short links: 11 February 2016

Surviving Crashes, Thumbs-Up Thumbs-Down Learning, Faster Homomorphic Encryption, and Nerdy V-Day Cards

  1. All File Systems are Not Created Equal: On the Complexity of Crafting Crash Consistent Applications (Paper a Day) — an important subject for me. BOB, the Block Order Breaker, is used to find out what behaviours are exhibited by a number of modern file systems that are relevant to building crash consistent applications. ALICE, the Application Level Intelligent Crash Explorer, is then used to explore the crash recovery behaviour of a number of applications on top of these file systems.
  2. BinaryNet: Training Deep Neural Networks with Weights and Activations Constrained to +1 or -1 (Arxiv) — instead of complex positive/negative floating-point weights, this uses +1 and -1 (which I can’t help but think of as “thumbs up”, “thumbs down”) to get nearly state-of-the-art results because a run-time, BinaryNet drastically reduces memory usage and replaces most multiplications by 1-bit exclusive-not-or (XNOR) operations, which might have a big impact on both general-purpose and dedicated Deep Learning hardware. GPLv2 code available.
  3. Microsoft Speeds Up Homomorphic Encryption (The Register) — homomorphic encryption lets databases crunch data without needing keys to decode it.
  4. Nerdy Valentine Cards (Evil Mad Scientist) — for a nerd in your life. (via Cory Doctorow)
Comment
Four short links: 10 February 2016

Four short links: 10 February 2016

Bitcoin Textbook, Brain Books, Post-Quantum Crypto, and Amazon's Game Engine

  1. Princeton Bitcoin Book (PDF) — The Coursera course accompanying this book had 30,000 students in its first version, and it was a success based on engagement and end-of-course feedback. Large introduction to Bitcoin from Princeton. (via Cory Doctorow)
  2. A Quartet of Complementary Brain Books (Vaughan Bell) — The books have been chosen to complement each other and the idea is that if you read all four, you should have a solid grounding in modern cognitive neuroscience and beyond.
  3. NIST Report on Post-Quantum Cryptography (PDF) — in case you missed it, “post-quantum crypto” is “existing crypto relies on how hard it is to find the prime factors of large numbers, of which we suspect quantum computers may make a mockery. Wut to do?” The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.
  4. Amazon Lumberyarda free, cross-platform, 3D game engine for you to create the highest-quality games, connect your games to the vast compute and storage of the AWS Cloud, and engage fans on Twitch. From Amazon.
Comment
Four short links: 5 February 2016

Four short links: 5 February 2016

Signed Filesystem, Smart Mirror, Deep Learning Tuts, and CLI: Miami

  1. Introducing the Keybase Filesystem — love that crypto is making its way into the filesystem.
  2. DIY Smart Bathroom Mirror — finally, someone is building this science-fiction future! (via BoingBoing)
  3. tensorflow tutorials — for budding deep learners.
  4. clmystery — a command-line murder mystery.
Comment
Four short links: 21 January 2016

Four short links: 21 January 2016

Hidden Networks, Dissolving Sensors, Spies Spy, and Redirected Walking

  1. Big Bang Data: Networks of London (YouTube) — guide to the easy-to-miss networks (fibre, CCTV, etc.) around Somerset House, where an amazing exhibition is about to launch. The network guide is the work of the deeply talented Ingrid Burrington.
  2. Sensors Slip into the Brain and then Dissolve When Done (IEEE Spectrum) — pressure and temperature monitors, intended to be implanted in the brain, that completely dissolve within a few weeks. The news, published as a research letter in the journal Nature, described a demonstration of the devices in rats, using soluble wires to transmit the signals, as well as the demonstration of a wireless version, though the data transmission circuit, at this point, is not completely resorbable. The research was published as a letter to Nature.
  3. GCHQ Proposes Surveillable Voice Call Encryption (The Register) — unsurprising, but should reiterate AGAIN that state security services would like us to live in the panopticon. Therefore, don’t let the buggers anywhere near the reins of our communication systems.
  4. These Tricks Make Virtual Reality Feel RealScientists are exploiting the natural inaccuracies in people’s own proprioception, via a technique called “redirected walking,” to create the perception of space where none exists. With redirected walking, […] users can sense they are exploring the twisting byways of a virtual city when in reality they are simply walking in circles inside a lab. Original Redirect Walking paper.

Comment
Four short links: 15 December 2015

Four short links: 15 December 2015

Barbie Broken, JSON Database, Lightbulb DRM, and Graph Database

  1. Crypto is Hard says Hello BarbieWe discovered several issues with the Hello Barbie app including: it utilizes an authentication credential that can be re-used by attackers; it connects a mobile device to any unsecured Wi-Fi network if it has “Barbie” in the name; it shipped with unused code that serves no function but increases the overall attack surface. On the server side, we also discovered: client certificate authentication credentials can be used outside of the app by attackers to probe any of the Hello Barbie cloud servers; the ToyTalk server domain was on a cloud infrastructure susceptible to the POODLE attack. (via Ars Technica)
  2. Kinto — Mozilla’s open source lightweight JSON storage service with synchronisation and sharing abilities. It is meant to be easy to use and easy to self-host.
  3. Philips Blocks 3rd Party Lightbulbs — DRM for light fixtures. cf @internetofsh*t
  4. gaffer — GCHQ-released open source graph database. …a framework that makes it easy to store large-scale graphs in which the nodes and edges have statistics such as counts, histograms, and sketches. These statistics summarise the properties of the nodes and edges over time windows, and they can be dynamically updated over time. Gaffer is a graph database, rather than a graph processing system. It is optimised for retrieving data on nodes of interest. IHNJH,IJLTS “nodes of interest.”
Comment
Four short links: 8 December 2015

Four short links: 8 December 2015

Open Source ZeroDB, HTTP Statuses, Project Activity, and Database Readings

  1. ZeroDB is Open Source — end-to-end encrypted database goes open source (AGPL, *ptui*).
  2. Choosing an HTTP Status Code — or “an alternative to engineers duelling.”
  3. Open Source Monthly — views of open source projects through their GitHub activity.
  4. Readings in Database Science (5ed) — HTML and PDF versions of the papers.
Comment: 1
Four short links: 4 December 2015

Four short links: 4 December 2015

Bacterial Research, Open Source Swift, Deep Forger, and Prudent Crypto Engineering

  1. New Antibiotics Research Direction — most people don’t know that we can’t cultivate and isolate most of the microbes we know about.
  2. Swift now Open Source — Apache v2-licensed. An Apple exec is talking about it and its roadmap.
  3. Deep Forger User Guideclever Twitter bot converting your photos into paintings in the style of famous artists, using deep learning tech.
  4. Prudent Engineering Practice for Cryptographic Protocols (PDF) — paper from the ’90s that is still useful today. Those principles are good for API design too. (via Adrian Colyer)
Comment
Four short links: 18 November 2015

Four short links: 18 November 2015

Crypto Comms, Science Funding, Geo DB, and AI Ambitions

  1. If The Paris Hackers Weren’t Using Crypto, The Next Ones Will (Cory Doctorow) — But the reality is that criminals will be using crypto soon, if they aren’t already, for the same reason they’re using computers. Using crypto is the best way to communicate.
  2. Google $50M Heart Disease Effort — instead of taking bids for $250K chunks of the money, they will fund one team for five years. Applications close Feb 14.
  3. Pyro (Usenix) — This paper presents Pyro, a spatial-temporal big data storage system tailored for high-resolution geometry queries and dynamic hotspots. Pyro understands geometries internally, which allows range scans of a geometry query to be aggregately optimized. Moreover, Pyro employs a novel replica placement policy in the DFS layer that allows Pyro to split a region without losing data locality benefits.
  4. Inside Mark Zuckerberg’s Bold Plan for Facebook (FastCompany) — “One of our goals for the next five to 10 years,” Zuckerberg tells me, “is to basically get better than human level at all of the primary human senses: vision, hearing, language, general cognition.”
Comment
Four short links: 18 September 2015

Four short links: 18 September 2015

Mass Customization, Monolithic Codebase, Database Implementation, and Encrypted Databases

  1. The Wild Wild East (The Economist) — Fung Retailing Limited, a related firm, has over 3,000 outlets, a third of them in China. Victor Fung, its honorary chairman, sees the era of mass production giving way to one of mass customization. Markets are fragmenting and smartphones are empowering consumers to get “directly involved in what they buy, where it is made and how they buy it.” Zhao Xiande of CEIBS in Shanghai points to Red Collar, a firm that used simply to make and export garments. Now it lets customers the world over design their own shirts online and makes them to order. Another outfit, Home Koo, offers custom-built furniture online.
  2. Motivation for a Monolithic Codebase (YouTube) — interesting talk about Google’s codebase, the first time I know of that Google’s strategy for source code management was discussed in public.
  3. SQL in CockroachDB: Mapping Table Data to Key-Value Storage — very easy-to-follow simple database implementation lesson.
  4. cryptdbA database system that can process SQL queries over encrypted data.
Comment
Four short links: 17 September 2015

Four short links: 17 September 2015

Google's Code, China's Pledge, MD5's Cracks, and Toyota's Robotics Hire

  1. Google’s 2 Billion Lines of Code (Wired) — 85TB, 45,000 changes/day in Google’s DVCS “Piper.” They’re looking at Mercurial.
  2. China Extracting Pledge of Compliance from US Firms (NY Times) — The letter also asks the American companies to ensure their products are “secure and controllable,” a catchphrase that industry groups said could be used to force companies to build so-called back doors — which allow third-party access to systems — provide encryption keys or even hand over source code.
  3. MD5 To Be Considered Harmful Some Day (Adrian Colyer) — walkthrough of Dan Kaminsky’s paper on the growing number of cracks in MD5.
  4. Toyota’s Robot Car Plans (IEEE Spectrum) — Toyota hired the former head of DARPA’s Robotics Challenge. Pratt explained that a U.S. $50 million R&D collaboration with MIT and Stanford is just the beginning of a large and ambitious program whose goal is developing intelligent vehicles that can make roads safer and robot helpers that can improve people’s lives at home.
Comment