MegaPWN (GitHub) — Your MEGA master key is supposed to be a secret, but MEGA or anyone else with access to your computer can easily find it without you noticing. Browser crypto is only as secure as the browser and the code it runs.
When Smart Homes Get Hacked (Forbes) — Insteon’s flaw was worse in that it allowed access to any one via the Internet. The researchers could see the exposed systems online but weren’t comfortable poking around further. I was — but I was definitely nervous about it and made sure I had Insteon users’ permission before flickering their lights.
bletchley (Google Code) — Bletchley is currently in the early stages of development and consists of tools which provide: Automated token encoding detection (36 encoding variants); Passive ciphertext block length and repetition analysis; Script generator for efficient automation of HTTP requests; A flexible, multithreaded padding oracle attack library with CBC-R support.
Hackers of the Renaissance — Four centuries ago, information was as tightly guarded by intellectuals and their wealthy patrons as it is today. But a few episodes around 1600 confirm that the Hacker Ethic and its attendant emphasis on open-source information and a “hands-on imperative” was around long before computers hit the scene. (via BoingBoing)
Maker Camp 2013: A Look Back (YouTube) — This summer, over 1 million campers made 30 cool projects, took 6 epic field trips, and met a bunch of awesome makers.
huxley (Github) — Watches you browse, takes screenshots, tells you when they change. Huxley is a test-like system for catching visual regressions in Web applications. (via Alex Dong)
Toxic Behaviour — only 5% of toxic behavior comes from toxic people; 77% of it comes from people who are usually good.
More Encryption Is Not The Solution (Poul-Henning Kamp) — To an intelligence agency, a well-thought-out weakness can easily be worth a cover identity and five years of salary to a top-notch programmer. Anybody who puts in five good years on an open source project can get away with inserting a patch that “on further inspection might not be optimal.”
On Location With Foursquare (Anil Dash) — Foursquare switched from primarily being concerned with the game-based rewards around engagement and the recording of people’s whereabouts to a broader mission that builds on that base to be about location as a core capability of the Internet.
Applied Practical Cryptography — technical but readable article with lots of delicious lines. They’re a little magical, in the same sense that ABS brakes were magical in the 1970s and Cloud applications share metal with strangers, and thus attackers, who will gladly spend $40 to co-host themselves with a target and The conservative approach is again counterintuitive to developers, to whom hardcoding anything is like simony.
Nukemap — interactive visualization of the fallout damage from a nuclear weapon. Now we can all be the scary 1970s “this is what it would look like if [big town] were nuked” documentaries that I remember growing up with. I love interactives for learning the contours of a problem, and making it real and personal in a way that a static visualization cannot. WIN. See also the creator’s writeup.
Legalising Weed — Chuck, a dealer who switched from selling weed in California to New York and quadrupled his income, told WNYC, “There’s plenty of weed in New York. There’s just an illusion of scarcity, which is part of what I’m capitalizing on. Because this is a black market business, there’s insufficient information for customers.” Invisible economies are frequently inefficient, disrupted by moving online and made market-sense efficient.
How Well Does Name Analysis Work? (Pete Warden) — explanation of how those “turn a name into gender/ethnicity/etc” routines work, and how accurate they are. Age has the weakest correlation with names. There are actually some strong patterns by time of birth, with certain names widely recognized as old-fashioned or trendy, but those tend to be swamped by class and ethnicity-based differences in the popularity of names.
Bruce Sterling on Disruption — If more computation, and more networking, was going to make the world prosperous, we’d be living in a prosperous world. And we’re not. Obviously we’re living in a Depression. Slow first 25% but then it takes fire and burns with the heat of a thousand Sun Microsystems flaming out. You must read this now.
The Matasano Crypto Challenges (Maciej Ceglowski) — To my delight, though, I was able to get through the entire sequence. It took diligence, coffee, and a lot of graph paper, but the problems were tractable. And having completed them, I’ve become convinced that anyone whose job it is to run a production website should try them, particularly if you have no experience with application security. Since the challenges aren’t really documented anywhere, I wanted to describe what they’re like in the hopes of persuading busy people to take the plunge.
Tachyon — a fault tolerant distributed file system enabling reliable file sharing at memory-speed across cluster frameworks, such as Spark and MapReduce. Berkeley-licensed open source.
Silent Circle — Phil Zimmermann’s new startup, encrypting phone calls for iPhone and Android for $20/month. “I’m not going to apologize for the cost,” Zimmermann told CNET, adding that the final price has not been set. “This is not Facebook. Our customers are customers. They’re not products. They’re not part of the inventory.” (via CNET)
PeerJ — changing the business model for academic publishing: instead of charging you each time you publish, we ask for a single one off payment, giving you the lifetime right to publish articles with us, and to make those articles freely available. Lifetime plans start at just $99. O’Reilly a happy investor.
The Age of Fanfiction — We live in a time where copyright means very little to younger people, and it’s not just because they want free movies or free music. More than that, they want to be able to play with the amazing toys that they’ve been given by filmmakers and comic book writers and TV creators, and they want to do so without the constraints that copyright creates. Eloquent and thoughtful piece on what this means for Hollywood and how “the Age of Fanfiction is reflected in what Hollywood’s making. (via Sacha Judd)
How Khan Academy is Using Machine Learning to Assess Student Mastery — it is bloody hard to know when a student has mastered a subject, both for real live teachers and for roboteachers like Khan Academy. This is a detailed discussion of a change in assessment within Khan Academy. if we define proficiency as your chance of getting the next problem correct being above a certain threshold, then the streak becomes a poor binary classifier. Experiments conducted on our data showed a significant difference between students who take, say, 30 problems to get a streak vs. 10 problems right off the bat — the former group was much more likely to miss the next problem after a break than the latter.
Open Access Week — a global event promoting Open Access as a new norm in scholarship and research.
The Copiale Cipher — cracking a historical code with computers. Details in the paper: The book describes the initiation of “DER CANDIDAT” into a secret society, some functions of which are encoded with logograms. (via Discover Magazine)
Baroque.me — visualization of the first prelude from the first Cello Suite by Bach. Music is notoriously difficult to visualize (Disney’s Fantasia is the earliest attempt that I know of) as there is so much it’s possible to capture. (via Andy Baio)