- choir.io explained (Alex Dong) — Sound is the perfect medium for wearable computers to talk back to us. Sound has a dozen of properties that we can tune to convey different level of emotions and intrusivenesses. Different sound packs would fit into various contexts.
- Identity Single Point of Failure (Tim Bray) — continuing his excellent series on federated identity. There’s this guy here at Google, Eric Sachs, who’s been doing Identity stuff in the white-hot center of the Internet universe for a lot of years. One of his mantras is “If you’re typing a password into something, unless they have 100+ full-time engineers working on security and abuse and fraud, you should be nervous.” I think he’s right.
- What Does It Really Matter If Companies Are Tracking Us Online? (The Atlantic) — Rather, the failures will come in the form of consumers being systematically charged more than they would have been had less information about that particular consumer. Sometimes, that will mean exploiting people who are not of a particular class, say upcharging men for flowers if a computer recognizes that that he’s looking for flowers the day after his anniversary. A summary of Ryan Calo’s paper. (via Slashdot)
- Life Inside Brewster’s Magnificent Contraption (Jason Scott) — I’ve been really busy. Checking my upload statistics, here’s what I’ve added to the Internet Archive: Over 169,000 individual objects, totaling 245 terabytes. You should subscribe and keep them in business. I did.
Aural Viz, SPOF ID, Information Asymmetry, and Support IA
Modern Security Ethics, Punk'd Chinese Cyberwarriors, Web Tracing, and Lightweight Server OS
- White Hat’s Dilemma (Google Docs) — amazeballs preso with lots of tough ethical questions for people in the computer field.
- Chinese Hacking Team Caught Taking Over Decoy Water Plant (MIT Tech Review) — Wilhoit went on to show evidence that other hacking groups besides APT1 intentionally seek out and compromise water plant systems. Between March and June this year, 12 honeypots deployed across eight different countries attracted 74 intentional attacks, 10 of which were sophisticated enough to wrest complete control of the dummy control system.
- Web Tracing Framework — Rich tools for instrumenting, analyzing, and visualizing web apps.
- CoreOS — Linux kernel + systemd. That’s about it. CoreOS has just enough bits to run containers, but does not ship a package manager itself. In fact, the root partition is completely read-only, to guarantee consistency and make updates reliable. Docker-compatible.
Better Crypto, NukeViz, Weed Economics, and Ethics of Prediction
- Applied Practical Cryptography — technical but readable article with lots of delicious lines. They’re a little magical, in the same sense that ABS brakes were magical in the 1970s and Cloud applications share metal with strangers, and thus attackers, who will gladly spend $40 to co-host themselves with a target and The conservative approach is again counterintuitive to developers, to whom hardcoding anything is like simony.
- Nukemap — interactive visualization of the fallout damage from a nuclear weapon. Now we can all be the scary 1970s “this is what it would look like if [big town] were nuked” documentaries that I remember growing up with. I love interactives for learning the contours of a problem, and making it real and personal in a way that a static visualization cannot. WIN. See also the creator’s writeup.
- Legalising Weed — Chuck, a dealer who switched from selling weed in California to New York and quadrupled his income, told WNYC, “There’s plenty of weed in New York. There’s just an illusion of scarcity, which is part of what I’m capitalizing on. Because this is a black market business, there’s insufficient information for customers.” Invisible economies are frequently inefficient, disrupted by moving online and made market-sense efficient.
- Can Software That Predicts Crime Pass Constitutional Muster? (NPR) — “I think most people are gonna defer to the black box,” he says. “Which means we need to focus on what’s going into that black box, how accurate it is, and what transparency and accountability measures we have [for] it.”
Know Your HTTP, Digital Exploitation, Insecure Webcams, and CS Courses
- Know Your HTTP Posters (GitHub) — A0-posters about the HTTP protocol.
- Crowdserfing — when a large corp uses crowd-sourced volunteering for its own financial gain, without giving back. It offends my sense of reciprocity as well, but nobody is coerced into using Google Maps or contributing data to it. How do we decide what is “right”?
- Exposed Webcam Viewer — hotels in Russia, lobbies in California, and blinking lights in the darkness from all around the world. (via Hacker News)
- Beauty and Joy of Computing — an introductory computer science curriculum developed at the University of California, Berkeley, intended for non-CS majors at the high school junior through undergraduate freshman level. Uses Snap, a web-based implementation of Scratch.
Leading experts on data-driven storytelling came together in our recent Google+ Hangout.
Over the past year, I’ve been investigating data journalism. In that work, I’ve found no better source for understanding the who, where, what, how and why of what’s happening in this area than the journalists who are using and even building the tools needed to make sense of the exabyte age. Yesterday, I hosted a Google Hangout with several notable practitioners of data journalism. Video of the discussion is embedded below:
Over the course of the discussion, we talked about what data journalism is, how journalists are using it, the importance of storytelling, ethics, the role of open source and “showing your work” and much more.
Open Pushing Innovation, Clear Intentions, Druids vs Engineers, and Reimagined Textbooks
- Design Like Nobody’s Patenting Anything (Wired) — profile of Maker favourites Sparkfun. Instead of relying on patents for protection, the team prefers to outrace other entrants in the field. “The open source model just forces us to innovate,” says Boudreaux. “When we release something, we’ve got to be thinking about the next rev. We’re doing engineering and innovating and it’s what we wanna be doing and what we do well.”
- Agree to Agree — why I respect my friend David Wheeler: his Design Scene app, which features daily design inspiration, obtains prior written permission to feature the sites because doing so is not only making things legally crystal clear, but also makes his intentions clear to the sites he’s linking to. He’s shared the simple license they request.
- The Coming Fight Between Druids and Engineers (The Edge) — We live in a time when the loneliest place in any debate is the middle, and the argument over technology’s role in our future is no exception. The relentless onslaught of novelties technological and otherwise is tilting individuals and institutions alike towards becoming Engineers or Druids. It is a pressure we must resist, for to be either a Druid or an Engineer is to be a fool. Druids can’t revive the past, and Engineers cannot build technologies that do not carry hidden trouble. (via Beta Knowledge)
- Reimagining Math Textbooks (Dan Meyer) — love this outline of how a textbook could meaningfully interact with students, rather than being recorded lectures or PDF versions of cyclostyled notes and multichoice tests. Rather than using a generic example to illustrate a mathematical concept, we use the example you created. We talk about its perimeter. We talk about its area. The diagrams in the margins change. The text in the textbook changes. Check it out — they actually built it!
What Matters, NetSec Game, Coding Freedom, and Pro Git
- Things Users Don’t Care About (Pete Warden) — every day we relearn these lessons. How great it will be once all their friends are on it.
- Tracer FIRE 5 — online workshop and game that teaches network security. [A] week-long hands-on computer security workshop for cyber defenders in DOE, other government agencies, critical infrastructure, and college students. The exercise consists of 2 days of intensive training on a single subject, followed by a 2½-day game in which contestants are placed on a team and must use their new and existing skills to compete with other teams for points across multiple categories. (via Reddit /r/netsec)
- Coding Freedom: The Ethics and Aesthetics of Hacking (Amazon) — Gabriella Coleman’s new book, which explains us. Exploring the rise and political significance of the free and open source software (F/OSS) movement in the United States and Europe, Coding Freedom details the ethics behind hackers’ devotion to F/OSS, the social codes that guide its production, and the political struggles through which hackers question the scope and direction of copyright and patent law. In telling the story of the F/OSS movement, the book unfolds a broader narrative involving computing, the politics of access, and intellectual property. (Also available as CC-Licensed PDF)
- Pro Git (Scott Chacon) — CC-NC-SA licensed book on mad git skills.
What to do when facing the stoic expressions that pop up during ethics discussions.
The other day I clicked on a message posted to the O’Reilly editors’ email list and the message text filled up almost the entire monitor screen. I must admit that I thought “Am I going to require another caffeine hit to read through this?”
I decided to take a chance, not take another break just then, and read the lengthy note. I didn’t need that caffeine hit after all. Apparently, neither did half a dozen other editors.
The note was about ethics.
In a previous life, I worked in the competitive intelligence field. I remember participating in a friendly confab at an industry event and then someone mentioned the word “e-t-h-i-c-s”. It was rather fascinating to see how that word elicited stoic faces. No one wanted to be the first person to say anything on that topic. Now when working at ORM, mention the word “ethics!” and folks are not shy about saying exactly what they think. Not. At. All.
During the discussion, Ethics of Big Data by Kord Davis, came up. While I was not the editor on this book, I did read it when I was in New York. It made my list of recommended books for people looking to jump into the world of big data. Why? Because I remembered the stoic poker faces from my previous life in competitive intelligence. Read more…
Ethical Machines, Fault Tolerance, Offline HTML5, and Doomy Data
- Moral Machines — it will no longer be optional for machines to have ethical systems. Your car is speeding along a bridge at fifty miles per hour when errant school bus carrying forty innocent children crosses its path. Should your car swerve, possibly risking the life of its owner (you), in order to save the children, or keep going, putting all forty kids at risk? If the decision must be made in milliseconds, the computer will have to make the call. (via BoingBoing)
- Hystrix — a latency and fault tolerance library designed to isolate points of access to remote systems, services and 3rd party libraries, stop cascading failure and enable resilience in complex distributed systems where failure is inevitable. More information. (via Tom Loosemore)
- Offline First: A Better HTML5 Experience — can’t emphasize how important it is to have offline functionality for the parts of the world that don’t have blanket 3G/LTE/etc coverage. (280 south from SF, for example).
- Disaster of Biblical Proportions (Business Insider) — impressive collection of graphs and data showing commodity prices indicate our species is living beyond its means.
Here are a few stories from the data space that caught my attention this week.
Presidential candidates are mining your data
Data is playing an unprecedented role in the US presidential election this year. The two presidential campaigns have access to personal voter data “at a scale never before imagined,” reports Charles Duhigg at the New York Times. The candidate camps are using personal data in polling calls, accessing such details as “whether voters may have visited pornography Web sites, have homes in foreclosure, are more prone to drink Michelob Ultra than Corona or have gay friends or enjoy expensive vacations,” Duhigg writes. He reports that both campaigns emphasized they were committed to protecting voter privacy, but notes:
“Officials for both campaigns acknowledge that many of their consultants and vendors draw data from an array of sources — including some the campaigns themselves have not fully scrutinized.”
A Romney campaign official told Duhigg: “You don’t want your analytical efforts to be obvious because voters get creeped out. A lot of what we’re doing is behind the scenes.”
The “behind the scenes” may be enough in itself to creep people out. These sorts of situations are starting to tarnish the image of the consumer data-mining industry, and a Manhattan trade group, the Direct Marketing Association, is launching a public relations campaign — the “Data-Driven Marketing Institute” — to smooth things over before government regulators get involved. Natasha Singer reports at the New York Times:
“According to a statement, the trade group intends to promote such targeted marketing to lawmakers and the public ‘with the goal of preventing needless regulation or enforcement that could severely hamper consumer marketing and stifle innovation’ as well as ‘tamping down unfavorable media attention.’ As part of the campaign, the group plans to finance academic research into the industry’s economic impact, said Linda A. Woolley, the acting chief executive of the Direct Marketing Association.”
One of the biggest issues, Singer notes, is that people want control over their data. Chuck Teller, founder of Catalog Choice, told Singer that in a recent survey conducted by his company, 67% of people responded that they wanted to see the data collected about them by data brokers and 78% said they wanted the ability to opt out of the sale and distribution of that data.