- USB Armory — another Linux-on-a-stick, but this one has some nifty dimensions and security applications in mind.
- Who’s the Boss? — The Elf on the Shelf essentially teaches the child to accept an external form of non-familial surveillance in the home when the elf becomes the source of power and judgment, based on a set of rules attributable to Santa Claus. Excellent deconstruction of ludic malware. (via Washington Post)
- Bezos on Time (Business Insider) — Where you are going to spend your time and your energy is one of the most important decisions you get to make in life. We all have a limited amount of time, and where you spend it and how you spend it is just an incredibly levered way to think about the world. This (he says at 9 p.m. in the office, in a different city from his family!).
USB could make power consumption more intelligent, but security concerns need to be addressed.
I’ve been reading about enhancements to the USB 3.0 standard that would allow a USB cable to provide up to 100 watts of power, nicely summarized in The Economist. 100 watts is more than enough to charge a laptop, and certainly enough to power other devices, such as LED lighting, televisions, and audio equipment. It could represent a significant shift in the way we distribute power in homes and offices: as low voltage DC, rather than 110 or 220 volt AC. Granted, 100 watts won’t power a stove, a refrigerator, or a toaster, but in a USB world, high-voltage power distribution could be limited to a few rooms, just like plumbing; the rest of the building could be wired with relatively inexpensive USB cables and connectors, and the wiring could easily be done by amateurs rather than professional electricians.
It’s an interesting and exciting idea. As The Economist points out, the voltages required for USB are easily compatible with solar power. Because USB cables also carry data, power consumption can become more intelligent.
But I have one concern that I haven’t seen addressed in the press. Of course USB cables carry both data and power. So, when you plug your device into a USB distribution system, whether it’s a laptop or phone, you’re plugging it into a network. And there are many cases, most notoriously Stuxnet, of computers being infected with malware through their USB ports. Read more…
Android Malware Numbers, Open Networking Hardware, Winning with Data, and DIY Pollution Sensor
- Android Malware Numbers — (Quartz) less than an estimated 0.001% of app installations on Android are able to evade the system’s multi-layered defenses and cause harm to users, based on Google’s analysis of 1.5B downloads and installs.
- Facebook Operations Chief Reveals Open Networking Plan — long interview about OCP’s network project. The specification that we are working on is essentially a switch that behaves like compute. It starts up, it has a BIOS environment to do its diagnostics and testing, and then it will look for an executable and go find an operating system. You point it to an operating system and that tells it how it will behave and what it is going to run. In that model, you can run traditional network operating systems, or you can run Linux-style implementations, you can run OpenFlow if you want. And on top of that, you can build your protocol sets and applications.
- How Red Bull Dominates F1 (Quartz) — answer: data, and lots of it.
- Ground-Level Air Pollution Sensor (Make) — neat sensor project from Make.
Chinese Lessons, White House Embraces Makers, DC Codes Freed, and Malware Numbers
- What American Startups Can Learn From the Cutthroat Chinese Software Industry — It follows that the idea of “viral” or “organic” growth doesn’t exist in China. “User acquisition is all about media buys. Platform-to-platform in China is war, and it is fought viciously and bitterly. If you have a Gmail account and send an email to, for example, NetEase163.com, which is the local web dominant player, it will most likely go to spam or junk folders regardless of your settings. Just to get an email to go through to your inbox, the company sending the email needs to have a special partnership.” This entire article is a horror show.
- White House Hangout Maker Movement (Whitehouse) — During the Hangout, Tom Kalil will discuss the elements of an “all hands on deck” effort to promote Making, with participants including: Dale Dougherty, Founder and Publisher of MAKE; Tara Tiger Brown, Los Angeles Makerspace; Super Awesome Sylvia, Super Awesome Maker Show; Saul Griffith, Co-Founder, Otherlab; Venkatesh Prasad, Ford.
- Municipal Codes of DC Freed (BoingBoing) — more good work by Carl Malamud. He’s specifically providing data for apps.
- The Modern Malware Review (PDF) — 90% of fully undetected malware was delivered via web-browsing; It took antivirus vendors 4 times as long to detect malware from web-based applications as opposed to email (20 days for web, 5 days for email); FTP was observed to be exceptionally high-risk.
Industrial malware has captured the imagination of the tech industry, but efforts by security researchers are promising.
I’ve spent the last two days at Digital Bond’s excellent S4 conference, listening to descriptions of dramatic industrial exploits and proposals for stopping them. A couple of years ago Stuxnet captured the imagination of people who foresee a world of interconnected infrastructure brought down by cybercriminals and hostile governments. S4 — which stands for SCADA Security Scientific Symposium — is where researchers convene to talk about exactly that sort of threat, in which malicious code makes its way into low-level industrial controls.
It is modern industry’s connectedness that presents the challenge: not only are industrial firms highly interconnected — allowing a worm to enter an engineer’s personal computer as an e-mail attachment and eventually find its way into a factory’s analytical layer, then into its industrial controls, bouncing around through print servers and USB drives — but they’re increasingly connected to the Internet as well.
Post-Capture Zoom, Load Gen, Inventive Malware, and Manufactured Normalcy
- SnapItHD — camera captures full 360-degree panorama and users select and zoom regions afterward. (via Idealog)
- Iago (GitHub) — Twitter’s load-generation tool.
- AutoCAD Worm Stealing Blueprints — lovely, malware that targets inventions. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens of thousands of stolen documents to email addresses in China. This one has soured, but give the field time … anything that can be stolen digitally, will be. (via Slashdot)
- Designing For and Against the Manufactured Normalcy Field (Greg Borenstein) — Tim said this was one of his favourite sessions at this year’s Foo Camp: breaking the artificial normality than we try to cast over new experiences so as to make them safe and comfortable.
Mac OS X Malware In the Wild, AntiBotnettery, Fabbing And Designers, Networked Products
- MS Office Exploit In The Wild, Targeting Mac OS X — This is one of the few times that we have seen a malicious Office file used to deliver Malware on Mac OS X. (via Hacker News)
- Please Do Not Take Down The Sality BotNet — best responsible disclosure ever.
- 3Difficult — I’m an industrial designer at heart, and I’m saddened by what’s happened to my craft. We were once the kings of things, but for a variety of reasons I think we’re in danger of being left behind. […] Making became the talk of the town, and to some extent it still is. We’re in the first stumbling days of the Internet of Things, and are increasingly seeing the paper thin definition between digital and tangible falling away.
- Air Quotes Product (Matt Webb) — Recently I noted down some places in which traditional products have changed and he goes on to list some critical ways in which networked objects challenge our thinking. I love the little brain/big brain distinction–great to have words for these things at last!
Hadoop 1.0, Approximation Wiki, Printer Firmware Attacks, and Cotton Circuits
- Hadoop Hits 1.0 — open source distributed computation engine, heavily used in big data analysis, hits 1.0.
- Sparse and Low-Rank Approximation Wiki — interesting technique: instead of sampling at 2x the rate you need to discriminate then compressing to trade noise for space, use these sampling algorithms to (intelligently) noisily sample at the lower bit rate to begin with. Promises interesting applications particularly in for sensors (e.g., the Rice single pixel camera). (via siah)
- Rise of Printer Malware — firmware attacks embedded in printed documents. Another reminder that not only is it hard to write safe software, your mistakes can be epically bad. (via Cory Doctorow)
- Electric Circuits and Transistors Made From Cotton — To make it conductive, the researchers coated cotton threads in a variety of other materials. To make conductive “wires,” the team coated the threads with gold nanoparticles, and then a conductive polymer. To turn a cotton wire into a semiconductor, it was dipped in another polymer, and then a further glycol coating to make it waterproof. Neat materials hack that might lend a new twist to wearables.