RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis (PDF) — research uses audio from CPU to break GnuPG’s implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.
Bitcoin, Magic Thinking, and Political Ideology (Alex Payne) — In other words: Bitcoin represents more of the same short-sighted hypercapitalism that got us into this mess, minus the accountability. No wonder that many of the same culprits are diving eagerly into the mining pool.
Why I Want Bitcoin to Die in a Fire (Charlie Stross) — Like all currency systems, Bitcoin comes with an implicit political agenda attached. Decisions we take about how to manage money, taxation, and the economy have consequences: by its consequences you may judge a finance system. Our current global system is pretty crap, but I submit that Bitcoin is worst. With a list of reasons why Bitcoin is bad, like Stolen electricity will drive out honest mining. (So the greatest benefits accrue to the most ruthless criminals.)
iSeeYou: Disabling the MacBook Webcam Indicator LED — your computer is made up of many computers, each of which can be a threat. This enables video to be captured without any visual indication to the user and can be accomplished entirely in user space by an unprivileged (non-root) application. The same technique that allows us to disable the LED, namely reprogramming the firmware that runs on the iSight, enables a virtual machine escape whereby malware running inside a virtual machine reprograms the camera to act as a USB Human Interface Device (HID) keyboard which executes code in the host operating system. We build two proofs-of-concept: (1) an OS X application, iSeeYou, which demonstrates capturing video with the LED disabled; and (2) a virtual machine escape that launches Terminal.app and runs shell commands. (via Washington Post)
The Robots are Here (Tyler Cowan) — a bleak view of the future in which jobs that can be done by robots are done by robots, and concomitant power spiral towards the rich. I let this one sit for a while before posting, and I still think it’s wildly important.
Expecting Better — an economist runs the numbers on the actual consequences of various lifestyle choices during pregnancy. (via sciblogs)
Business as Usual in the Innovation Industry — the only thing worse than business plan contests for startups is innovation wankfests for small arts groups. [T]he vast majority of small and mid-sized arts organizations are not broken so much as they are in a constant state of precarity that could largely be addressed by reliable funding streams to support general operations and less onerous grant application processes that would allow them to focus more on delivering services and less on raising money. Hear! (via Courtney Johnston)
Driverless Cars Are Further Away Than You Think (MIT Technology Review) — nice roundup of potential benefits. experiments involving modified road vehicles conducted by Volvo and others in 2011 suggest that having vehicles travel in high-speed automated “platoons,” thereby reducing aerodynamic drag, could lower fuel consumption by 20 percent. And an engineering study published last year concluded that automation could theoretically allow nearly four times as many cars to travel on a given stretch of highway.
Hyperinflation in Diablo 3 — interesting discussion about how video games regulate currency availability, and how Diablo 3 appears to have messed up. several weeks after the game’s debut a source claimed that there were at least 1,000 bots active 24/7 in the Diablo 3 game world, allegedly “harvesting” (producing) 4 million virtual gold per hour. Most of the gold generated by the ruthlessly productive, rapidly adapting bots found its way to third party vendors in a black market which undercut the prices in the sanctioned, in-game auction houses.
Call Me Maybe (Kyle Kingsbury) — a series on network partitions. We’re going to learn about distributed consensus, discuss the CAP theorem’s implications, and demonstrate how different databases behave under partition.
OpenWorm (The Atlantic) — simulating the c. elegans nematode worm in software. OpenWorm isn’t like these other initiatives; it’s a scrappy, open-source project that began with a tweet and that’s coordinated on Google Hangouts by scientists spread from San Diego to Russia. If it succeeds, it will have created a first in executable biology: a simulated animal using the principles of life to exist on a computer.
Nautilus — elegantly-designed science web ‘zine. Includes Artificial Emotions on AI, neuro, and psych efforts to recognise and simulate emotions.
A Short Essay on 3D Printing — This hands-off approach to culpability cannot last long. If you design something to go into someone’s bathroom, it will make it’s way into their childs mouth. If someone buys, downloads and prints a case for their OUYA and they suffer an electric shock as a result, who is to blame? If a person replaces their phone case with a 3D printed one, and it doesn’t survive a drop to the floor, what then? We need to create a new chain of responsiblity for this emerging, and potentially very profitable business. (via Near Future Laboratory)
Zuckerberg’s FWD.us PAC (Anil Dash) — One of Mark Zuckerberg’s most famous mottos is “Move fast and break things.” When it comes to policy impacting the lives of millions of people around the world, there couldn’t be a worse slogan. Let’s see if we can get FWD.us to be as accountable to the technology industry as it purports to be, since they will undoubtedly claim to have the grassroots support of our community regardless of whether that’s true or not.
Pirate Economics — four dimensions of pirate institutions. Not BitTorrent pirates, but Berbers and arr-harr-avast-ye-swabbers nautical pirates. Pirate crews not only elected their captains on the basis of universal pirate suffrage, but they also regularly deposed them by democratic elections if they were not satisfied with their performance. Like the Berbers, or the US constitution, pirates didn’t just rely on democratic elections to keep their leaders under check. Though the captain of the ship was in charge of battle and strategy, pirate crews also used a separate democratic election to elect the ship’s quartermaster who was in charge of allocating booty, adjudicating disputes and administering discipline. Thus they had a nascent form of separation of powers.
Raytheon makes Social Media Tracking Software (Guardian) — the technology was shared with US government and industry as part of a joint research and development effort, in 2010, to help build a national security system capable of analysing “trillions of entities” from cyberspace.
Big Data Leads to Jobs for Cleveland — Spun out of the Cleveland Clinic three years ago, Explorys already employs 85 people and the prospects are as bright as its hip new offices in University Circle. Suddenly, economic development specialists are eyeing Big Data, and its potential for Cleveland, with new intensity. From rust belt to Hadoop uber alles.
Economics of Netflix’s $100M New Show (The Atlantic) — Up until now, Netflix’s strategy has involved paying content makers and distributors, like Disney and Epix, for streaming rights to their movies and TV shows. It turns out, however, the company is overpaying on a lot of those deals. […] [T]hese deals cost Netflix billions.
Inception — a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock (any password accepted) and escalate privileges to Administrator/root on almost* any powered on machine you have physical access to. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces. (via BoingBoing)
The Indiepocalypse (Andy Baio) — We’re at the beginning of an indiepocalypse — a global shift in how culture is made, from a traditional publisher model to independently produced and distributed works.
China, GitHub, and MITM — No browser would prevent the authorities from using their ultimate tool though: certificates signed by the China Internet Network Information Center. CNNIC is controlled by the government through the Ministry of Industry and Information Technology. They are recognized by all major browsers as a trusted Certificate Authority. If they sign a fake certificate used in a man-in-the-middle attack, no browser will warn of any usual activity. The discussion of how GitHub (or any site) could be MITM’d is fascinating, as is the pros and cons for a national security agency to coopt the certificate-signing NIC.
Chinese Attack UAV (Alibaba) — Small attack UAV is characterized with small size, light weight, convenient carrying, rapid outfield expansion procedure, easy operation and maintenance; the system only needs 2-3 operators to operate, can be carried by surveillance personnel to complete the attack mission. (via BoingBoing)
TruthTeller Prototype (Washington Post) — speech-to-text, then matches statements against known facts to identify truth/falsehoods. Still a prototype but I love that, in addition to the Real Time Coupon Specials From Hot Singles Near You mobile advertising lens, there might be a truth lens that technology helps us apply to the world around us.
Money from Music: Survey Evidence on Musicians’ Revenue and Lessons About Copyright Incentives — 5,000 American musicians surveyed, For most musicians, copyright does not provide much of a direct financial reward for what they are producing currently. The survey findings are instead consistent with a winner-take-all or superstar model in which copyright motivates musicians through the promise of large rewards in the future in the rare event of wide popularity. This conclusion is not unfamiliar, but this article is the first to support it with empirical evidence on musicians’ revenue. (via TechDirt)
Max Levchin’s DLD13 Keynote — I believe the next big wave of opportunities exists in centralized processing of data gathered from primarily analog systems. […] There is also a neat symmetry to this analog-to-digtail transformation — enabling centralization of unique analog capacities. As soon as the general public is ready for it, many things handled by a human at the edge of consumption will be controlled by the best currently available human at the center of the system, real time sensors bringing the necessary data to them in real time.
Captive Audience: Telecom Industry and Monopoly in the New Gilded Age (Amazon) — Foo camper and former Washington insider, now truth-teller about broken telco industry in the US. From Time’s review of the book and interview with her: Meanwhile, Comcast has sharply reduced its capital expenditures, which have now fallen to 14% of revenues from over 35% a decade ago, even as it enjoys a whopping 95% profit margin on its broadband service. “They’re not expanding and they’re not enhancing their service,” Crawford says. “They’ve done their investment, now they’re just harvesting.” Not surprisingly, Comcast’s stock price increased over 50% in the last year, and nearly 200% over the last four years. “Shareholders are doing well,” Crawford says. “The rest of the country, not so great.”
Barclays Cut Software Expenditure 90% With Open Source (The Inquirer) — “We’ve been making significant savings in our technology platform by doing a lot of the work in-house to develop and launch our own applications rapidly,” he said. “It means we can write new applications once and then develop them using an open source model, rather than rewriting them again for legacy systems.” (via The Linux Foundation)