Google’s Project Zero (Wired) — G pays a team to attack common software and report the bugs to the manufacturer. Interesting hypothesis about how the numbers inbalance between Every Russian 14 Year Old and this small team doesn’t matter: modern hacker exploits often chain together a series of hackable flaws to defeat a computer’s defenses. Kill one of those bugs and the entire exploit fails. That means Project Zero may be able to nix entire collections of exploits by finding and patching flaws in a small part of an operating system, like the “sandbox” that’s meant to limit an application’s access to the rest of the computer. ”On certain attack surfaces, we’re optimistic we can fix the bugs faster than they’re being introduced,” Hawkes says. “If you funnel your research into these limited areas, you increase the chances of bug collisions.”
Quick DT — open source (Java) decision tree learner.
Revealing Hidden Changes to Supreme Court Opinions — WHEREAS, It is now well-documented that the Supreme Court of the United States makes changes to its opinions after the opinion is published; and WHEREAS, Only “Four legal publishers are granted access to “change pages” that show all revisions. Those documents are not made public, and the court refused to provide copies to The New York Times”; and WHEREAS, git makes it easy to identify when changes have been made; RESOLVED, I shall apply a cron job to at least identify when the actual PDF has changed so everyone can see which documents have changed.
Microsoft’s “Killer” Android Patents Revealed (Ars Technica) — Chinese Government required them disclosed as part of MSFT-Nokia merger. The patent lists are strategically significant, because Microsoft has managed to build a huge patent-licensing business by taxing Android phones without revealing what kind of legal leverage they really have over those phones.
HTTPie — a command line HTTP client, a user-friendly HTTP client.
Samsung UX (Scribd) — little shop of self-catalogued UX horrors, courtesy discovery in a lawsuit. Dated (Android G1 as competition) but rewarding to see there are signs of self-awareness in the companies that inflict unusability on the world.
Intellectual Ventures Loses Patent Case (Ars Technica) — The Capital One case ended last Wednesday, when a Virginia federal judge threw out the two IV patents that remained in the case. It’s the first IV patent case seen through to a judgment, and it ended in a total loss for the patent-holding giant: both patents were invalidated, one on multiple grounds.
Bullish on Blockchain (Fred Wilson) — our 2014 fund will be built during the blockchain cycle. “The blockchain” is bitcoin’s distributed consensus system, interesting because it’s the return of p2p from the Chasm of Ridicule or whatever the Gartner Trite Cycle calls the time between first investment bubble and second investment bubble under another name.
Hemingway — online writing tool to help you make your writing clear and direct. (via Nina Simon)
The Transformation of the Workplace Through Robotics, Artificial Intelligence, and Automation — fascinating legal questions about the rise of the automated workforce. . Is an employer required to bargain if it wishes to acquire robots to do work previously performed by unionized employees working under a collective bargaining agreement? does the collective bargaining agreement control the use of robots to perform this work? A unionized employer seeking to add robots to its business process must consider these questions. (via Robotenomics)
The Invasive Valley of Personalization (Maria Anderson) — there is a fine line between useful personalization and creepy personalization. It reminded me of the “uncanny valley” in human robotics. So I plotted the same kind of curves on two axes: Access to Data as the horizontal axis, and Perceived Helpfulness on the vertical axis. For technology to get vast access to data AND make it past the invasive valley, it would have to be perceived as very high on the perceived helpfulness scale.
Artificial Labour and Ubiquitous Interactive Machine Learning (Greg Borenstein) — in which design fiction, actual machine learning, legal discovery, and comics meet. One of the major themes to emerge in the 2H2K project is something we’ve taken to calling “artificial labor”. While we’re skeptical of the claims of artificial intelligence, we do imagine ever-more sophisticated forms of automation transforming the landscape of work and economics. Or, as John puts it, robots are Marxist.
slic3r — converts a digital 3D model into printing instructions for your 3D printer. It cuts the model into horizontal slices (layers), generates toolpaths to fill them and calculates the amount of material to be extruded.
gCodeViewer — GCode is the “numerical control language” for telling extruders, mills, polishers, etc. where to move to and when. This open source package is a visual GCode visualizer, viewer and analyzer in your own browser! It works on any OS in almost any modern browser (chrome, ff, safari 6, opera, ie10 should work too). All you need to do – is drag your *.gcode file to the designated zone.
AC Power Control with Arduino — in the video video and the code, we take an in depth look at the hardware for using Arduino interrupts to control AC power through a triac. Using a zero-crossing detector Arduino will detect the pulse then calculate a delay to control the power output to a load.
Toyota Manufacturing Principles (Joseph Cohen) — Jidoka: Automation with a Human Touch. The idea of jidoka is that humans should work with machines to produce the best possible outcome, leveraging the execution ability of a machine and the judgement of a human. We at O’R Radar have been saying for years that there’s gold in the collaboration between people and machines, about augmenting people and not simply replacing them.
Twister — the fully decentralized P2P microblogging platform leveraging from the free software implementations of Bitcoin and BitTorrent protocols. Interesting to see BT and BC reused as platforms for app development, though if eventual consistency and threading Heisenbugs gave you headaches then just wait for the world of Bitcoin-meets-BitTorrent….
Transcript of Glenn Greenwald’s Speech to CCC — the relationship of privacy to security, and the transparency of governmental positions on that relationship, remain unaddressed. NSA’s actions are being used to establish local governmental control of the Internet, which will destroy the multistakeholder model that has kept net architecture and policy largely separate from the whims of elected officials. The fallout of Snowden’s revelations will shape 2014. Happy New Year.
Banning Autonomous Killing Machines (Tech Republic) — While no autonomous weapons have been built yet, it’s not a theoretical concern, either. Late last year, the U.S. Department of Defense (DoD) released its policy around how autonomous weapons should be used if they were to be deployed in the battlefield. The policy limits how they should operate, but definitely doesn’t ban them. (via Slashdot)
Security of Browser Extension Password Managers (PDF) — This research shows that the examined password managers made design decisions that greatly increase the chance of users unknowingly exposing their passwords through application-level flaws. Many of the flaws relate to the browser-integrated password managers that don’t follow the same-origin policy that is crucial to browser security. In the case of password managers, this means that passwords could be filled into unintended credential forms, making password theft easier.
Projects and Priorities Without Managers (Ryan Carson) — love what he’s doing with Treehouse. Very Googley. The more I read about these low-touch systems, the more obviously important self-reporting is. It is vital that everyone posts daily updates on what they’re working on or this whole idea will fall down.
Smokio Electronic Cigarette — the quantified cigarette (not yet announced) for measuring your (electronic) cigarette consumption and uploading the data (natch) to your smartphone. Soon your cigarette will have an IPv6 address, a bluetooth connection, and firmware to be pwned.