- The Resolution of the Bitcoin Experiment — If you had never heard about Bitcoin before, would you care about a payments network that: Couldn’t move your existing money; Had wildly unpredictable fees that were high and rising fast; Allowed buyers to take back payments they’d made after walking out of shops, by simply pressing a button (if you aren’t aware of this “feature” that’s because Bitcoin was only just changed to allow it); Is suffering large backlogs and flaky payments; … which is controlled by China; … and in which the companies and people building it were in open civil war?
- Malware Analysis Repository — the materials as developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015.
- How Websites Screw Up Experiences (Troy Hunt) — they’re mostly signs of a to-the-death business model.
- Dronecode Moves Forward — Linux Foundation’s Dronecode project has 51 members, is used commercially, and has technical working groups looking at camera and gimbal controls; airspace management; and hardware/software interfaces.
USB could make power consumption more intelligent, but security concerns need to be addressed.
I’ve been reading about enhancements to the USB 3.0 standard that would allow a USB cable to provide up to 100 watts of power, nicely summarized in The Economist. 100 watts is more than enough to charge a laptop, and certainly enough to power other devices, such as LED lighting, televisions, and audio equipment. It could represent a significant shift in the way we distribute power in homes and offices: as low voltage DC, rather than 110 or 220 volt AC. Granted, 100 watts won’t power a stove, a refrigerator, or a toaster, but in a USB world, high-voltage power distribution could be limited to a few rooms, just like plumbing; the rest of the building could be wired with relatively inexpensive USB cables and connectors, and the wiring could easily be done by amateurs rather than professional electricians.
It’s an interesting and exciting idea. As The Economist points out, the voltages required for USB are easily compatible with solar power. Because USB cables also carry data, power consumption can become more intelligent.
But I have one concern that I haven’t seen addressed in the press. Of course USB cables carry both data and power. So, when you plug your device into a USB distribution system, whether it’s a laptop or phone, you’re plugging it into a network. And there are many cases, most notoriously Stuxnet, of computers being infected with malware through their USB ports. Read more…
Android Malware Numbers, Open Networking Hardware, Winning with Data, and DIY Pollution Sensor
- Android Malware Numbers — (Quartz) less than an estimated 0.001% of app installations on Android are able to evade the system’s multi-layered defenses and cause harm to users, based on Google’s analysis of 1.5B downloads and installs.
- Facebook Operations Chief Reveals Open Networking Plan — long interview about OCP’s network project. The specification that we are working on is essentially a switch that behaves like compute. It starts up, it has a BIOS environment to do its diagnostics and testing, and then it will look for an executable and go find an operating system. You point it to an operating system and that tells it how it will behave and what it is going to run. In that model, you can run traditional network operating systems, or you can run Linux-style implementations, you can run OpenFlow if you want. And on top of that, you can build your protocol sets and applications.
- How Red Bull Dominates F1 (Quartz) — answer: data, and lots of it.
- Ground-Level Air Pollution Sensor (Make) — neat sensor project from Make.
Chinese Lessons, White House Embraces Makers, DC Codes Freed, and Malware Numbers
- What American Startups Can Learn From the Cutthroat Chinese Software Industry — It follows that the idea of “viral” or “organic” growth doesn’t exist in China. “User acquisition is all about media buys. Platform-to-platform in China is war, and it is fought viciously and bitterly. If you have a Gmail account and send an email to, for example, NetEase163.com, which is the local web dominant player, it will most likely go to spam or junk folders regardless of your settings. Just to get an email to go through to your inbox, the company sending the email needs to have a special partnership.” This entire article is a horror show.
- White House Hangout Maker Movement (Whitehouse) — During the Hangout, Tom Kalil will discuss the elements of an “all hands on deck” effort to promote Making, with participants including: Dale Dougherty, Founder and Publisher of MAKE; Tara Tiger Brown, Los Angeles Makerspace; Super Awesome Sylvia, Super Awesome Maker Show; Saul Griffith, Co-Founder, Otherlab; Venkatesh Prasad, Ford.
- Municipal Codes of DC Freed (BoingBoing) — more good work by Carl Malamud. He’s specifically providing data for apps.
- The Modern Malware Review (PDF) — 90% of fully undetected malware was delivered via web-browsing; It took antivirus vendors 4 times as long to detect malware from web-based applications as opposed to email (20 days for web, 5 days for email); FTP was observed to be exceptionally high-risk.
Industrial malware has captured the imagination of the tech industry, but efforts by security researchers are promising.
I’ve spent the last two days at Digital Bond’s excellent S4 conference, listening to descriptions of dramatic industrial exploits and proposals for stopping them. A couple of years ago Stuxnet captured the imagination of people who foresee a world of interconnected infrastructure brought down by cybercriminals and hostile governments. S4 — which stands for SCADA Security Scientific Symposium — is where researchers convene to talk about exactly that sort of threat, in which malicious code makes its way into low-level industrial controls.
It is modern industry’s connectedness that presents the challenge: not only are industrial firms highly interconnected — allowing a worm to enter an engineer’s personal computer as an e-mail attachment and eventually find its way into a factory’s analytical layer, then into its industrial controls, bouncing around through print servers and USB drives — but they’re increasingly connected to the Internet as well.
Post-Capture Zoom, Load Gen, Inventive Malware, and Manufactured Normalcy
- SnapItHD — camera captures full 360-degree panorama and users select and zoom regions afterward. (via Idealog)
- Iago (GitHub) — Twitter’s load-generation tool.
- AutoCAD Worm Stealing Blueprints — lovely, malware that targets inventions. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens of thousands of stolen documents to email addresses in China. This one has soured, but give the field time … anything that can be stolen digitally, will be. (via Slashdot)
- Designing For and Against the Manufactured Normalcy Field (Greg Borenstein) — Tim said this was one of his favourite sessions at this year’s Foo Camp: breaking the artificial normality than we try to cast over new experiences so as to make them safe and comfortable.
Mac OS X Malware In the Wild, AntiBotnettery, Fabbing And Designers, Networked Products
- MS Office Exploit In The Wild, Targeting Mac OS X — This is one of the few times that we have seen a malicious Office file used to deliver Malware on Mac OS X. (via Hacker News)
- Please Do Not Take Down The Sality BotNet — best responsible disclosure ever.
- 3Difficult — I’m an industrial designer at heart, and I’m saddened by what’s happened to my craft. We were once the kings of things, but for a variety of reasons I think we’re in danger of being left behind. […] Making became the talk of the town, and to some extent it still is. We’re in the first stumbling days of the Internet of Things, and are increasingly seeing the paper thin definition between digital and tangible falling away.
- Air Quotes Product (Matt Webb) — Recently I noted down some places in which traditional products have changed and he goes on to list some critical ways in which networked objects challenge our thinking. I love the little brain/big brain distinction–great to have words for these things at last!