Homebrew Bioweapons Not Imminent Threat — you need a safe facility, lab instruments, base strain, design and execution skills, and testing. None of these are easy until the Amazon-Google cloud wars finally cause them to move into “bioweapons as a service.”
gitrob — a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files, that typically contain sensitive or dangerous information.
How Much is a Leader’s Integrity Worth? — Kiel found that high-integrity CEOs had a multi-year return of 9.4%, while low-integrity CEOs had a yield of just 1.9%. What’s more, employee engagement was 26% higher in organizations led by high-integrity CEOs. (via Neelan Choksi)
Police Program Aims to Pinpoint Those Most Likely to Commit Crimes (NYT) — John S. Hollywood, a senior operations researcher at the RAND Corporation, said that in the limited number of studies undertaken to measure the efficacy of predictive policing, the improvement in forecasting crimes had been only 5% or 10% better than regular policing methods.
Apple’s Assault on Advertising and Google (Calacanis) — Google wants to be proud of their legacy, and tricking people into clicking ads and selling our profiles to advertisers is an awesome business – but a horrible legacy for Larry and Sergey. Read beside the Bloomberg piece on click fraud and the future isn’t too rosy for advertising. If the ad bubble bursts, how much of the Web will it take with it?
$9 Computer Hardware (Makezine) — open hardware project, with open source software. The board’s spec is a 1GHz R8 ARM processor with 512MB of RAM, 4GB of NAND storage, and Wi-Fi and Bluetooth built in.
China Extracting Pledge of Compliance from US Firms (NY Times) — The letter also asks the American companies to ensure their products are “secure and controllable,” a catchphrase that industry groups said could be used to force companies to build so-called back doors — which allow third-party access to systems — provide encryption keys or even hand over source code.
Toyota’s Robot Car Plans (IEEE Spectrum) — Toyota hired the former head of DARPA’s Robotics Challenge. Pratt explained that a U.S. $50 million R&D collaboration with MIT and Stanford is just the beginning of a large and ambitious program whose goal is developing intelligent vehicles that can make roads safer and robot helpers that can improve people’s lives at home.
Microservices Without the Servers (Amazon) — By “serverless,” we mean no explicit infrastructure required, as in: no servers, no deployments onto servers, no installed software of any kind. We’ll use only managed cloud services and a laptop. The diagram below illustrates the high-level components and their connections: a Lambda function as the compute (“backend”) and a mobile app that connects directly to it, plus Amazon API Gateway to provide an HTTP endpoint for a static Amazon S3-hosted website.
Privacy vs Data Science — claims Apple is having trouble recruiting top-class machine learning talent because of the strict privacy-driven limits on data retention (Siri data: 6 months, Maps: 15 minutes). As a consequence, Apple’s smartphones attempt to crunch a great deal of user data locally rather than in the cloud.
NAS Backdoors — firmware in some Seagate NAS drives is very vulnerable. It’s unclear whether these are Seagate-added, or came with third-party bundled software. Coming soon to lightbulbs, doors, thermostats, and all your favorite inanimate objects. (via BetaNews)
Doing Science on the Web (Alex Russell) — Minimizing harm to the ecosystem from experiments-gone-wrong […] This illustrates what happens when experiments inadvertently become critical infrastructure. It has happened before. Over, and over, and over again. Imma need therapy for the flashbacks. THE HORROR.
Virtual Time (Adrian Colyer) — applying special relativity to distributed systems. Contains lines like: All messages sent explicitly by user programs have a positive (+) sign; their antimessages have a negative (-) sign. Whenever a process sends a message, what actually happens is that a faithful copy of the message is transmitted to the receiver’s input queue, and a negative copy, the antimessage, is retained in the sender’s output queue for use in case the sender rolls back. Curl up with your intoxicant of choice and prepare to see the colour of infinity.
Lessons Learned from Reading Postmortems — (of the software kind) Except in extreme emergencies, risky code changes are basically never simultaneously pushed out to all machines because of the risk of taking down a service company-wide. But it seems that every company has to learn the hard way that seemingly benign config changes can also cause a company-wide service outage.
194 Chinese Robot Companies (Robohub) — Overall, 107 Chinese companies are involved in industrial robotics. Many of these new industrial robot makers are producing products that, because of quality, safety, and design regulations, will only be acceptable to the Chinese market. Many interesting numbers about the Chinese robotics biz.
Spam Under Half of Email (PDF) — Symantec report: There is good news this month on the email-based front of the threat landscape. According to our metrics, the overall spam rate has dropped to 49.7%. This is the first time this rate has fallen below 50% of email for over a decade. The last time Symantec recorded a similar spam rate was clear back in September of 2003.
Dropdowns Should be the UI of Last Resort (Luke Wroblewski) — Well-designed forms make use of the most appropriate input control for each question they ask. Sometimes that’s a stepper, a radio group, or even a dropdown menu. But because they are hard to navigate, hide options by default, don’t support hierarchies, and only enable selection not editing, dropdowns shouldn’t be the first UI control you reach for. In today’s software designs, they often are. So instead, consider other input controls first and save the dropdown as a last resort.
Another Look at Provable Security — In our time, one of the dominant paradigms in cryptographic research goes by the name “provable security.” This is the notion that the best (or, some would say, the only) way to have confidence in the security of a cryptographic protocol is to have a mathematically rigorous theorem that establishes some sort of guarantee of security (defined in a suitable way) under certain conditions and given certain assumptions. The purpose of this website is to encourage the emergence of a more skeptical and less credulous attitude toward this notion and to contribute to a process of critical analysis of the positive and negative features of the “provable security” paradigm.
Pig (github) — a Linux packet crafting tool. You can use Pig to test your IDS/IPS among other stuffs.
ReWalk Robotics Exoskeleton — first exoskeleton for the paralyzed to receive regulatory approval; 66 bought so far, 11 with reimbursement from insurance. The software upgrades for the ReWalk 6.0 provide a smoother walking gait (with less of a soldier-like marching step), an easier stopping mechanism, and a much-improved mode for ascending and descending stairs. The user wears a wristwatch-like controller to switch the suit between sit, stand, walk, and stair modes. How long until a cheaper version hits the market, but you don’t always get to control where it takes you if there’s a sale on featuring brands you love? (via IEEE)
LLVM Bitcode Gives Apple Hardware Independence (Medium) — Bob [Mansfield] has been quietly building a silicon team with the skills to rival all other players in the industry. Bob works for one of 15 companies with an ARM architecture license, giving his team carte blanche to modify and extend ARM in any way they see fit. And Bob’s CPUs only have to satisfy a single customer.
31 Negotiation Tactics (Nick Kolenda) — he mysteriously omitted my power tactics of (a) crying, (b) greeting my opposite number with the wrong name, and (c) passing a napkin covered with random scrawls as I say, “what do you make of this?”
Internet Trends 2015 (PDF) — Mary Meeker’s preso. Messaging + Notifications = Key Layers of Every Meaningful Mobile App, Messaging Leaders Aiming to Create Cross-Platform Operating Systems That Are Context-Persistent Communications Hubs for More & More Services. This year’s deck feels more superficial, less surprising than in years past.
When the Land Goes Under the Sea — As it turns out: People really despise being told to not replay the game. Almost universally, the reaction to that was a kernel of unhappiness amidst mostly positive reviews. In retrospect, including that note was a mistake for a number of reasons. My favorite part of game postmortems is what the designers learned about how people approach experiences.
Damage Recovery Algorithm for Robots (IEEE) — This illustrates how it’s possible to endow just about any robot with resiliency via this algorithm, as long as it’s got enough degrees of freedom to enable adaptive movement. Because otherwise the Terminators will just stop when we shoot them.
The Counselor — short fiction with ethics, AI, and how good things become questionable.
Tools are the Problem — Tools don’t solve problems any more; they have become the problem. There’s just too many of them, and they all include an incredible number of features that you don’t use on your site –but that users are still required to download and execute.
Elements of Scale: Composing and Scaling Data Platforms (Ben Stopford) — today’s data platforms range greatly in complexity, from simple caching layers or polyglotic persistence right through to wholly integrated data pipelines. There are many paths. They go to many different places. In some of these places at least, nice things are found. So, the aim for this talk is to explain how and why some of these popular approaches work. We’ll do this by first considering the building blocks from which they are composed. These are the intuitions we’ll need to pull together the bigger stuff later on.
Estimating Google’s 2FA Adoption — If we project out to the current day (965 days later), that’s a growth of ~25M users (25,586,975). Add that to the ~14M base number of users (13,886,058) exiting the graph and we end up at a grand total of…nearly 40 million users (39,473,033) enrolled in Google’s 2SV. NB there’s a lot on the back of this envelope.
Empathy and Product Development — None of this means that you shouldn’t A/B test or have other quantitative measure. But all of those will mean very little if you don’t have the qualitative context that only observation and usage can provide. Empathy is central to product development.