"open source" entries

Four short links: 8 January 2016

Four short links: 8 January 2016

Modern C, Colorizing Photos, Flashing Toy Drones, and Web + Native

  1. How to C in 2016 — straightforward recommendations for writing C if you have to.
  2. Using Deep Learning to Colorize Old Photos — comes with a trained TensorFlow model to play with.
  3. Open Source Firmware for Toy DronesThe Eachine H8 is a typical-looking mini-quadcopter of the kind that sell for under $20.[…] takes you through a step-by-step guide to re-flashing the device with a custom firmware to enable acrobatics, or simply to tweak the throttle-to-engine-speed mapping for the quad. (via DIY Drones)
  4. Mobile Web vs. Native Apps or Why You Want Both (Luke Wroblewski) — The Web is for audience reach and native apps are for rich experiences. Both are strategic. Both are valuable. So when it comes to mobile, it’s not Web vs. Native. It’s both. The graphs are impressive.
Four short links: 28 December 2015

Four short links: 28 December 2015

Bitcoin Software Choke, IoT Chokes, Dynabook History, and Fault Tree Analysis

  1. Core Bitcoin Devs LeaveAccording to a press release put out by Company 0 LLC, formed by former bitcoin developers, there are a few external entities that fund the actual development of the bitcoin cryptocurrency, forming a power-group that is in sole command of the direction the currency takes. These developers say that this group limits outside input in the currency’s governance, cherry-picks only options favorable for their own interests, and generally ignores the developers’ and community’s best interests.
  2. Internet of Proprietary Things — wonderfully accessible list of things we don’t have: Because companies can enforce anti-competitive behavior this way, there’s a litany of things that just don’t exist, even though they would make life easier for consumers in significant ways. You can’t have custom software for your cochlear implant, or your programmable thermostat, or your computer-enabled Barbie doll. An auto-repair shop can’t design a better diagnostic system that interfaces with a car’s computers. Capturing all the value you create, versus creating more value than you capture.
  3. Tracing the Dynabooka historical study of the Dynabook project and vision, which began as a blue-sky project to define personal and educational computing at Xerox PARC in the 1970s. It traces the idea through the three intervening decades, noting the transformations that occur as the vision and its artifacts meet varying contexts. (via Bret Victor)
  4. Fault Tree Analysis (FTA): Concepts and Applications (PDF) — 194 slides from NASA. (via Mara Tam)

Patrick Wendell on Spark’s roadmap, Spark R API, and deep learning on the horizon

The O'Reilly Radar Podcast: A special holiday cross-over of the O'Reilly Data Show Podcast.

Subscribe to the O’Reilly Radar Podcast to track the technologies and people that will shape our world in the years to come.

350px-4746439330_f71a44a82f_o

In this special holiday episode of the Radar Podcast, we’re featuring a cross-over of the O’Reilly Data Show Podcast, which you can find on iTunes, Stitcher, TuneIn, or SoundCloud. O’Reilly’s Ben Lorica hosts that podcast, and in this episode, he chats with Apache Spark release manager and Databricks co-founder Patrick Wendell about the roadmap of Spark and where it’s headed, and interesting applications he’s seeing in the growing Spark ecosystem.

Here are some highlights from their chat:

We were really trying to solve research problems, so we were trying to work with the early users of Spark, getting feedback on what issues it had and what types of problems they were trying to solve with Spark, and then use that to influence the roadmap. It was definitely a more informal process, but from the very beginning, we were expressly user driven in the way we thought about building Spark, which is quite different than a lot of other open source projects. … From the beginning, we were focused on empowering other people and building platforms for other developers.

One of the early users was Conviva, a company that does analytics for real-time video distribution. They were a very early user of Spark, they continue to use it today, and a lot of their feedback was incorporated into our roadmap, especially around the types of APIs they wanted to have that would make data processing really simple for them, and of course, performance was a big issue for them very early on because in the business of optimizing real-time video streams, you want to be able to react really quickly when conditions change. … Early on, things like latency and performance were pretty important.

Read more…

Four short links: 23 December 2015

Four short links: 23 December 2015

Software Leaders, Hadoop Ecosystem, GPS Spoofing, and Explaining Models

  1. Things Software Leaders Should Know (Ben Gracewood) — If you have people things and tech things on your to-do list, put the people things first on the list.
  2. The Hadoop Ecosystem — table of the different projects across the Hadoop ecosystem.
  3. Narcos GPS-Spoofing Border Drones — not only are the border drones expensive and ineffective, now they’re being tricked. Basic trade-off: more reliability or longer flight times?
  4. A Model Explanation System (PDF) — you can explain any machine-learned decision, though not necessarily the way the model came to the decision. Confused? This summary might help. Explainability is not a property of the model.
Four short links: 21 December 2015

Four short links: 21 December 2015

Anomaly Detection, Contempt Culture, Deep Learning Robot, and Compromised Firewalls

  1. Bro — open source intrusion and anomaly detection service, turns everything into events that you can run scripts against. Good pedigree (Vern Paxson, a TCP/IP elder god) despite the wince-inducing name (at least it isn’t “brah”).
  2. Contempt Culture (Aurynn) — for a culture that now prides itself on continuous improvement and blameless post-mortems and so on, we’re blind to a contempt culture that produces cults of criticism like “PHP isn’t a real programming language,” etc., where the targets of the criticism are pathways disproportionately taken by women and minorities. I’m embarrassed by how much of 2001-era Nat I recognise in Aurynn’s description.
  3. Deep Learning RobotBuilt for advanced research in robotics and artificial intelligence (deep learning). Pre-installed Google TensorFlow, Robot Operating System (ROS), Caffe, Torch, Theano, CUDA, and cuDNN.
  4. Juniper ScreenOS Backdoor — here’s the ssh password that’ll get you into any unpatched Juniper firewall, courtesy a backdoor that will be keeping network admins and CEOs alike awake and unhappy around the world. The interesting analysis with long-term effects will be “how the hell did it get in there?”
Four short links: 18 December 2015

Four short links: 18 December 2015

Malicious Traffic, Visual Analysis, C History, and Immersive Gaming

  1. Maltraila malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists[…]. Also, it has (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware). (via Nick Galbreath)
  2. Vega-Litehigh-level grammar for visual analysis, built on top of Vega. (via Curran Kelleher)
  3. C History — Dennis Ritchie’s 1993 notes on the history of the C programming language explains the origins of a.out and arrays as pointers, and has a reminder of how tight those systems were: Of the 24K bytes of memory on the machine, the earliest PDP-11 Unix system used 12K bytes for the operating system, a tiny space for user programs, and the remainder as a RAM disk.
  4. Zero Latency — immersive gaming with Oculus headsets. Detailed and positive.
Four short links: 15 December 2015

Four short links: 15 December 2015

Barbie Broken, JSON Database, Lightbulb DRM, and Graph Database

  1. Crypto is Hard says Hello BarbieWe discovered several issues with the Hello Barbie app including: it utilizes an authentication credential that can be re-used by attackers; it connects a mobile device to any unsecured Wi-Fi network if it has “Barbie” in the name; it shipped with unused code that serves no function but increases the overall attack surface. On the server side, we also discovered: client certificate authentication credentials can be used outside of the app by attackers to probe any of the Hello Barbie cloud servers; the ToyTalk server domain was on a cloud infrastructure susceptible to the POODLE attack. (via Ars Technica)
  2. Kinto — Mozilla’s open source lightweight JSON storage service with synchronisation and sharing abilities. It is meant to be easy to use and easy to self-host.
  3. Philips Blocks 3rd Party Lightbulbs — DRM for light fixtures. cf @internetofsh*t
  4. gaffer — GCHQ-released open source graph database. …a framework that makes it easy to store large-scale graphs in which the nodes and edges have statistics such as counts, histograms, and sketches. These statistics summarise the properties of the nodes and edges over time windows, and they can be dynamically updated over time. Gaffer is a graph database, rather than a graph processing system. It is optimised for retrieving data on nodes of interest. IHNJH,IJLTS “nodes of interest.”
Four short links: 8 December 2015

Four short links: 8 December 2015

Open Source ZeroDB, HTTP Statuses, Project Activity, and Database Readings

  1. ZeroDB is Open Source — end-to-end encrypted database goes open source (AGPL, *ptui*).
  2. Choosing an HTTP Status Code — or “an alternative to engineers duelling.”
  3. Open Source Monthly — views of open source projects through their GitHub activity.
  4. Readings in Database Science (5ed) — HTML and PDF versions of the papers.
Four short links: 7 December 2015

Four short links: 7 December 2015

Telepresent Axeman, Toxic Workers, Analysis Code, and Cryptocurrency Attacks

  1. Axe-Wielding Robot w/Telepresence (YouTube) — graphic robot-on-wall action at 2m30s. (via IEEE)
  2. Toxic Workers (PDF) — In comparing the two costs, even if a firm could replace an average worker with one who performs in the top 1%, it would still be better off by replacing a toxic worker with an average worker by more than two-to-one. Harvard Business School research. (via Fortune)
  3. Replacing Sawzall (Google) — At Google, most Sawzall analysis has been replaced by Go […] we’ve developed a set of Go libraries that we call Lingo (for Logs in Go). Lingo includes a table aggregation library that brings the powerful features of Sawzall aggregation tables to Go, using reflection to support user-defined types for table keys and values. It also provides default behavior for setting up and running a MapReduce that reads data from the logs proxy. The result is that Lingo analysis code is often as concise and simple as (and sometimes simpler than) the Sawzall equivalent.
  4. Attacks in the World of Cryptocurrency — a review of some of the discussed weakness, attacks, or oddities in cryptocurrency (esp. bitcoin).
Four short links: 2 December 2015

Four short links: 2 December 2015

Regulating Addictive Attention, Microservice Middleware, Better 3D Scanning, and Anti-Disassembly Tricks

  1. If the Internet is Addictive, Why Don’t We Regulate It? — an excellent look at behaviourism, gambling machine flow, design-for-addiction, attention, regulation. As Schüll puts it: ‘It just seems very duplicitous to design with the goal of capturing attention, and then to put the whole burden onto the individual.’
  2. Zipnish — using varnish as middleware for your microservices, with Zipnish to create Zipkin-style analysis of your API performance.
  3. Using Polarisation to Improve 3D Scanning (PDF) — The proposed technique can resolve finer detail than some laser scannners
  4. Anti-Disassembly Tricks Used in Malware — also “things I remember from trying to break copy protection in 1980s games.”