Tale of Two Pwnies (Chromium Blog) — So, how does one get full remote code execution in Chrome? In the case of Pinkie Pie’s exploit, it took a chain of six different bugs in order to successfully break out of the Chrome sandbox. Lest you think all attacks come from mouth-breathing script kiddies, this is how the pros do it. (via Bryan O’Sullivan)
The Future is Specific (Chris Granger) — In traditional web-MVC, the code necessary to serve a single route is spread across many files in many different folders. In a normal editor this means you need to do a lot of context switching to get a sense for everything going on. Instead, this mode replaces the file picker with a route picker, as routes seem like the best logical unit for a website. There’s a revolution coming in web dev tools: we’ve had the programmer adapting to the frameworks with little but textual assistance from the IDE. I am loving this flood of creativity because it has the promise to reduce bugs and increase the speed by which we generate good code.
Makie — design a doll online, they’ll 3d-print and ship it to you. Hello, future of manufacturing, fancy seeing you in a dollhouse!
What the Sumerians Can Teach Us About Data (Pete Warden) — money quote: Gathering data is not a neutral act, it will alter the power balance, usually in favor of the people collecting the information. I also loved the Sumerian boundary marker covered in the supernatural equivalent of “copying is a federal crime!” pre-roll DVD warnings.
2011 Holiday Shopping Mobile Numbers (Luke Wroblewski) — iPad and iPhone shoppers account for 90% of all mobile purchases; spend 19% more per order than Android users. All these statistics are jaw-dropping.
Fifteen Things I’ve Learned About Designing for Participation This Year (Nina Simon) — most insightful to me “Make and share” is more powerful for many people than “make and take.” Most people–including kids–want to display their creations, not keep them. . Most thought-provoking: People of all ages can use sledgehammers with minimal oversight. We had over 400 successful bangers with no injuries. The risk of liability was worth it.
Porting MAME to Chrome — This document describes how we ported MAME using tools on the Linux platform. The resulting code runs in the Google Chrome browser on all currently supported Native Client platforms (Windows, Mac, and Linux). Jaw-dropping part: The port of MAME was relatively challenging; combined with figuring out how to port SDL-based games and load resources in Native Client, the overall effort took us about 4 days to complete. (via Slashdot)
Dan Saffer: How To Lie with Design Research (Google Video) — Experience shows that, especially with qualitative research like the type designers often do, two researchers can look at the same set of data and draw dramatically different findings from them. As William Blake said, “Both read the Bible day and night, But thou read’st black where I read white.” (via Keith Bolland)
Teaching What You Don’t Know (Sci Blogs) — As that lecturer said, learning new things—while challenging—is also stimulating & fun. If that sense of excitement and enjoyment carries through to your actual classes, then you’ll speak with passion and enthusiasm—how better to in turn enthuse your students? Ties in with the Maori concept of Ako, that teacher and student learn from each other.
Bored of 3D Printers (Tom Armitage) — made me wonder how long it would be before we drop the “3D” prefix and expect a “printer” to emit objects. That said, I love Tom’s neologism artefactory.
Invisible Autoupdater: An App’s Best Feature — Gina Trapani quotes Ben Goodger on Chrome: The idea was to give people a blank window with an autoupdater. If they installed that, over time the blank window would grow into a browser.
Crackpot Apocalypse — analyzing various historical pronouncements of the value of pi, paper author concludes “When πt is 1, the circumference of a circle will coincide with its diameter,” Dudley writes, “and thus all circles will collapse, as will all spheres (since they have circular cross-sections), in particular the earth and the sun. It will be, in fact, the end of the world, and … it will occur in 4646 A.D., on August 9, at 4 minutes and 27 seconds before 9 p.m.” Clever commentary and a good example when you need to show people the folly of inappropriate curve-fitting and extrapolation.
clang — C language family front-ends to LLVM. Development sponsored by Apple, as used in Snow Leopard. (via Nelson Minar)
OmniAuth — authenticate against Twitter, GitHub, Facebook, Foursquare, and many many more. OmniAuth is built from the ground up on the philosophy that authentication is not the same as identity. (via Tony Stubblebine)
Spark — Hadoop-alike in Scala. Spark was initially developed for two applications where keeping data in memory helps: iterative algorithms, which are common in machine learning, and interactive data mining. In both cases, Spark can outperform Hadoop by 30x. However, you can use Spark’s convenient API to for general data processing too. (via Hilary Mason)
Bagel — an implementation of the Pregel graph processing framework on Spark. (via Oliver Grisel)
Week 315 (Matt Webb) — read this entire post. It will make you smarter. The company’s decisions aren’t actually the shareholders’ decisions. A company has a culture which is not the simple sum of the opinions of the people in it. A CEO can never be said to perform an action in the way that a human body can be said to perform an action, like picking an apple. A company is a weird, complex thing, and rather than attempt (uselessly) to reduce it to people within it, it makes more sense – to me – to approach it as an alien being and attempt to understand its biology and momentums only with reference to itself. Having done that, we can then use metaphors to attempt to explain its behaviour: we can say that it follows profit, or it takes an innovative step, or that it is middle-aged, or that it treats the environment badly, or that it takes risks. None of these statements is literally true, but they can be useful to have in mind when attempting to negotiate with these bizarre, massive creatures. If anyone wonders why I link heavily to BERG’s work, it’s because they have some incredibly thoughtful and creative people who are focused and productive, and it’s Webb’s laser-like genius that makes it possible. They’re doing a lot of subtle new things and it’s a delight and privilege to watch them grow and reflect.
Chrome Experiment: ArcadeFire — choreographed windows, interactive flocking, custom rendered maps, real-time compositing, procedural drawing, 3D canvas rendering in HTML5. I have to say that “Built for Google Chrome” at the bottom does turn my stomach, a “this page looks best in Microsoft Internet Explorer” for the 2010s.
Resilience Engineering, Part 1 (John Allspaw) — listing human error as a root cause isn’t where you should end, it’s where you should start your investigation [...] The idea that failures in complex systems can literally have a singular ‘root’ cause, as if failures are the result of linear steps in time, is just incorrect. Not only is it almost always incorrect, but in practice that perspective can be harmful to an organization because it allows management and others to feel better about improving safety, when they’re not, because the solution(s) can be viewed as simple and singular fixes (in reality, they’re not). It’s all must-read stuff. (via Mike Loukides)
What’s in Microsoft’s Kineck SDK — it does seem to include the new super body tracking software able to track up to two users at the same time and it also promises a new feature – the ability to listen. It has four microphones and there’s promise that, with the position information, it’ll be able to isolate your voice from background noise. (via Tim O’Reilly)
Nerdy London Day Trips (Ben Goldacre) — hundreds more reasons to visit London (and then leave it). Includes abandoned nuclear bunkers, an “eccentric” Victorian philanthropist’s labyrinth of tunnels, and the first house in the world to be powered by hydro-electricity. (via Kari Stewart)
science.io — an open science community. Comment on, recommend and submit papers. Get up-to-date on a research topic. Follow a journal or an author. science.I/O is in beta and is currently focused on Computer Science.
White House Will Propose New Digital Copyright Laws (CNet) — If the Internet were truly empowering citizenry and bringing us this new dawn of digital democracy, the people who run it would be able to stop the oppressive grind of the pro-copyright machinery. There’s no detail about what the proposed law would include, except that it will be based on a white paper of “legislative proposals to improve intellectual property enforcement,” and it’s expected to encompass online piracy. I predict a jump in the online trading of those “You can keep the change” posters that were formerly the exclusive domain of the Tea Party, and the eventual passage of bad law. As the article says, digital copyright tends not to be a particularly partisan topic..
The Information: How the Internet Gets Inside Us (New Yorker) — thoughtful roundup of books and their positions on whether the Internet’s fruits are good for us. He divides them into never better, better never (as in “we’d be better off if it had never been invented”), and ever-was (as in, “we have always been changed by our technology, so big deal”). (via Bernard Hickey on Twitter)
Open Source Ethics and Dead End Derivatives — open source hardware is dealing with the problem of people changing open source designs but not publishing their modified source. Open source software hasn’t found an efficient and reproducible mechanism for dealing with this, though I’d love to be shown one. (via bre on Twitter)