- Michael Ossman and the NSA Playset — the guy who read the leaked descriptions of the NSA’s toolchest, built them, and open sourced the designs. One device, dubbed TWILIGHTVEGETABLE, is a knock off of an NSA-built GSM cell phone that’s designed to sniff and monitor Internet traffic. The ANT catalog lists it for $15,000; the NSA Playset researchers built one using a USB flash drive, a cheap SDR, and an antenna, for about $50. The most expensive device, a drone that spies on WiFi traffic called PORCUPINEMASQUERADE, costs about $600 to assemble. At Defcon, a complete NSA Playset toolkit was auctioned by the EFF for $2,250.
- Gates Foundation Announces World’s Strongest Policy on Open Access Research (Nature) — Once made open, papers must be published under a license that legally allows unrestricted re-use — including for commercial purposes. This might include ‘mining’ the text with computer software to draw conclusions and mix it with other work, distributing translations of the text, or selling republished versions. CC-BY! We believe that published research resulting from our funding should be promptly and broadly disseminated.
- Xenotix — an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 4700+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. Xenotix Scripting Engine allows you to create custom test cases and addons over the Xenotix API. It is incorporated with a feature-rich Information Gathering module for target Reconnaissance. The Exploit Framework includes offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
- Firing Range — Google’s open source set of web security test cases for scanners.
"open access" entries
Mature Engineering, Control Theory, Open Access USA, and UK Health Data Too-Open?
- On Being a Senior Engineer (Etsy) — Mature engineers know that no matter how complete, elegant, or superior their designs are, it won’t matter if no one wants to work alongside them because they are assholes.
- Control Theory (Coursera) — Learn about how to make mobile robots move in effective, safe, predictable, and collaborative ways using modern control theory. (via DIY Drones)
- US Moves Towards Open Access (WaPo) — Congress passed a budget that will make about half of taxpayer-funded research available to the public.
- NHS Patient Data Available for Companies to Buy (The Guardian) — Once live, organisations such as university research departments – but also insurers and drug companies – will be able to apply to the new Health and Social Care Information Centre (HSCIC) to gain access to the database, called care.data. If an application is approved then firms will have to pay to extract this information, which will be scrubbed of some personal identifiers but not enough to make the information completely anonymous – a process known as “pseudonymisation”. Recipe for disaster as it has been repeatedly shown that it’s easy to identify individuals, given enough scrubbed data. Can’t see why the NHS just doesn’t make it an app in Facebook. “Nat’s Prostate status: it’s complicated.”
Master Coding, Rethinking Textbooks, Blocking Open Access, VPN from your Pi
- Analyzing mbostock’s queue.js — beautiful walkthrough of a small library, showing the how and why of good coding.
- What Job Would You Hire a Textbook To Do? (Karl Fisch) — notes from a Discovery Education “Beyond the Textbook” event. The issues Karl highlights for textbooks (why digital, etc.) are there for all books as we create this new genre.
- Neutralizing Open Access (Glyn Moody) — the publishers appear to have captured the UK group implementing the UK’s open access policy. At every single step of the way, the RCUK policy has been weakened. From being the best and most progressive in the world, it’s now considerably weaker than policies already in action elsewhere in the world, and hardly represents an increment on their 2006 policy. What’s at stake? Opportunity to do science faster, to provide source access to research for the public, and to redirect back to research the millions of pounds spent on journal subscriptions.
- Turn the Raspberry Pi into a VPN Server (LinuxUser) — One possible scenario for wanting a cheap server that you can leave somewhere is if you have recently moved away from home and would like to be able to easily access all of the devices on the network at home, in a secure manner. This will enable you to send files directly to computers, diagnose problems and other useful things. You’ll also be leaving a powered USB hub connected to the Pi, so that you can tell someone to plug in their flash drive, hard drive etc and put files on it for them. This way, they can simply come and collect it later whenever the transfer has finished.
Drug Interactions from Search History, Web Satire, Visible Peer Review, and Rights-based Copyright
- Pharmacovigilance — Signals from The Crowd (PDF) — in the NY Times’ words: Using automated software tools to examine queries by 6 million Internet users taken from Web search logs in 2010, the researchers looked for searches relating to an antidepressant, paroxetine, and a cholestorol lowering drug, pravastatin. They were able to find evidence that the combination of the two drugs caused high blood sugar. (via New York Times)
- The World Wide Web is Moving to AOL — best satire you’ll read this month.
- Review History for Perceptual elements in Penn & Teller’s “Cups and Balls” magic trick — PeerJ makes peer review history available for the articles it publishes. Not only does this build reputation for peer reviewers who want it, but it is also a wonderful insight into how paranoid science must be to defend against mistakes in data interpretation. (The finished paper is fun, too)
- A New Basis for Copyright — NZ’s most technically-literate judge floats an idea for how copyright might be reimagined in a more useful way for the modern age by considering it in terms of human rights. Perhaps there should be consideration of a new copyright model that recognises content user rights against a backdrop of the right to receive and impart information and a truly balanced approach to information and expression that recognises that ideas expressed are building blocks for new ideas. Underpinning this must be a recognition on the part of content owners that the properties of new technologies dictate our responses, our behaviours, our values and our ways of thinking. These should not be seen as a threat but an opportunity. It cannot be a one-way street with traffic heading only in the direction dictated by content owners.
Video Magnification Code, Copyright MOOC, Open Access Cost-Effectiveness, and SCADA Security (Sucks)
- Eulerian Video Magnification — papers and the MatLab source code for that amazing effect of exaggerating small changes in file. (*This work is patent pending)
- CopyrightX — MOOC on current law of copyright and the ongoing debates concerning how that law should be reformed. Through a combination of pre-recorded lectures, live webcasts, and weekly online seminars, participants in the course will examine and assess the ways in which law seeks to stimulate and regulate creative expression. (via BoingBoing)
- Cost Effectiveness for Open Access Journals — This plot reveals the prestige (Article Influence score) and publication charges for open access journals.
- Results of SANS SCADA Survey 2013 (PDF) — Unfortunately, at this time they seem unable to monitor the PLCs, terminal units and connections to field equipment due to lack of native security in the control systems themselves. (via InfoSecIsland)
Equity of Access, Smartphone Rare Earths, Nanoquadrocopter, and Macmillan Expands in Open Science
- Myth of the Free Internet (The Atlantic) — equity of access is an important issue, but this good point is marred by hanging it off the problematic (beer? speech? downloads?) “free”. I’m on the council of InternetNZ whose mission is to protect and promote the open and uncaptureable Internet. (A concept so good we had to make up a word for it)
- Periodic Table of the SmartPhone (PDF, big) — from Scientific American article on Rare Earth Minerals in the Smartphone comes a link to this neat infographic showing where rare earth elements are used in the iPhone. (via Om Malik)
- CrazyFlie Nano Preorders — 19g, 9cm x 9cm, 20min charge time for 7m flight time on this nano-quadrocopter. (via Wired)
- Changing Scientific Publishing (The Economist) — Nature buys an alternative journal publisher (30 titles in 14 scientific fields), which comes with an 80k-member social network for scientists. Macmillan are a clever bunch. (O’Reilly runs Science Foo Camp with Macmillan’s Digital Sciences and Google)
More federally funded research and data will be made freely available to the public online.
As part of the response, John Holdren, the director of the White House Office of Science and Technology Policy, released a memorandum today directing agencies with “more than $100 million in research and development expenditures to develop plans to make the results of federally-funded research publically available free of charge within 12 months after original publication.”
The Obama administration has been considering access to federally funded scientific research for years, including a report to Congress in March 2012. The relevant e-petition, which had gathered more than 65,000 signatures, had gone unanswered since May of last year.
JSON Tool, Technology Arts, Pentesting Kit, and Open Access Week
- jq — command-line tool for JSON data.
- GAFFTA — Gray Area Foundation For The Arts. Non-profit running workshops and building projects around technology-driven arts. (via Roger Dennis)
- Power Pwn — looks like a power strip, is actually chock-full of pen-testing tools, WiFi, bluetooth, and GSM. Beautifully evil. (via Jim Stogdill)
- Open Access Week — this week is Open Access week, raising awareness of the value of ubiquitous access to scientific publishing. (via Fabiana Kubke)