ENTRIES TAGGED "programming"

Four short links: 31 July 2014

Four short links: 31 July 2014

OCR in Javascript, Insecure IoT, USB Considered Insecure, and Use AdBlock Plus

  1. Ocrad.js — open source OCR in Javascript, a port of GNU Ocrad software.
  2. HP’s IoT Security Research (PDF) — 70% of devices use unencrypted network services, 90% of devices collected at least one piece of personal information, 60% of those that have UIs are vulnerable to things like XSS, 60% didn’t use encryption when downloading software updates, …
  3. USB Security Flawed From Foundation (Wired) — The element of Nohl and Lell’s research that elevates it above the average theoretical threat is the notion that the infection can travel both from computer to USB and vice versa. Any time a USB stick is plugged into a computer, its firmware could be reprogrammed by malware on that PC, with no easy way for the USB device’s owner to detect it. And likewise, any USB device could silently infect a user’s computer. “It goes both ways,” Nohl says. “Nobody can trust anybody.” [...] “In this new way of thinking, you can’t trust a USB just because its storage doesn’t contain a virus. Trust must come from the fact that no one malicious has ever touched it,” says Nohl. “You have to consider a USB infected and throw it away as soon as it touches a non-trusted computer. And that’s incompatible with how we use USB devices right now.”
  4. AdBlock vs AdBlock Plus — short answer: the genuinely open source AdBlock Plus, because AdBlock resiled from being open source, phones home, has misleading changelog entries, …. No longer trustworthy.
Comment
Four short links: 28 July 2014

Four short links: 28 July 2014

Secure Server, Angular Style, Recursion History (see Recursion History), Aerospike Open Source

  1. streisandsets up a new server running L2TP/IPsec, OpenSSH, OpenVPN, Shadowsocks, Stunnel, and a Tor bridge. It also generates custom configuration instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
  2. Angular.js Style Guidemy opinionated styleguide for syntax, building and structuring Angular applications.
  3. How Recursion Got into ProgrammingCommittee member F.L. Bauer registered his protest by characterizing the addition of recursion to the language as an “Amsterdam plot”.
  4. aerospike — open source database server and client, with bold claims of performance.
Comment
Four short links: 25 July 2014

Four short links: 25 July 2014

Public Private Pain, Signature Parsing, OSCON Highlights, and Robocar Culture

  1. What is Public? (Anil Dash) — the most cogent and articulate (and least hyperventilated dramaware) rundown of just what the problem is, that you’re ever likely to find.
  2. talon — mailgun’s open sourced library for parsing email signatures.
  3. Signals from OSCON — some highlights. Watching Andrew Sorensen livecode synth playing (YouTube clip) is pretty wild.
  4. Two Cultures of Robocars (Brad Templeton) — The conservative view sees this technology as a set of wheels that has a computer. The aggressive school sees this as a computer that has a set of wheels.
Comment

Signals from OSCON 2014

From tiny satellites to young programmers to reasoned paranoia, here are key talks from OSCON 2014.

Experts and advocates from across the open source world assembled in Portland, Ore. this week for OSCON 2014. Below you’ll find a handful of keynotes and interviews from the event that we found particularly notable.

How tiny satellites and fresh imagery can help humanity

Will Marshall of Planet Labs outlines a vision for using small satellites to provide daily images of the Earth.

Read more…

Comment
Four short links: 23 July 2014

Four short links: 23 July 2014

Selfless Machines, Docker Security, Voice Hacks, and Choiceless Programming

  1. Talking to Big Machines (Jon Bruner) — “Selfless machines” coordinate across networks and modify their own operation to improve the output of the entire system.
  2. Docker SecurityContainers do not contain and Stop assuming that Docker and the Linux kernel protect you from malware.
  3. Your Voice Assistant is Mine (PDF) — Through Android Intent mechanism, VoicEmployer triggers Google Voice Search to the foreground, and then plays prepared audio files (like “call number 1234 5678”) in the background. Google Voice Search can recognize this voice command and execute corresponding operations. With ingenious designs, our GVS-Attack can forge SMS/Email, access privacy information, transmit sensitive data and achieve remote control without any permission.
  4. escher (GitHub) — choiceless programming and non-Turing coding. Mind: blown.
Comment
Four short links: 22 July 2014

Four short links: 22 July 2014

English lint, Scalable Replicated Datastore, There's People in my Software, and Sci-Fi for Ethics

  1. write-gooda naive `lint’ for English prose.
  2. cockroachdba scalable, geo-replicated, transactional datastore from a team that includes the person who built Spanner for Google. Spanner requires atomic clocks, cockroach does not (which has corresponding performance consequences). (via Wired)
  3. The Deep Convergence of Networks, Software, and Peopleas we wire up our digital products increasingly with interconnected networks, their nature is increasingly a product of the responses that come back from those networks. The experience cannot be wholly represented in mock prototypes that are coded to respond in predictable ways, or even using a set of preset random responses. The power of the application is seeing the emergent behaviour of the system, and recognizing that you are a participant in that emergent behaviour. (via Tim O’Reilly)
  4. An Ethics Class for Inventors, via Sci-Fi“Reading science fiction is kind of like ethics class for inventors,” says Brueckner. Traditionally, technology schools ask ‘how do we build it?’ This class asks a different question: ‘should we?’
Comments: 2
Four short links: 18 July 2014

Four short links: 18 July 2014

Design Reviews, Gaudy Palette, Web Components, and Creative Coding

  1. Questions to Ask when Reviewing a Design (GDS) — GDS made stickers, but I might just put this in poster form on the wall. They missed, “can you make it pop?” though.
  2. Saturated — wonderfully unsubdued web palette for prototyping. Nobody will ask “can you make it pop?” with this colour scheme.
  3. Component Kitchen — and customelements are both catalogues of web components.
  4. Summer Immersive 2014 (GitHub) — curriculum and materials for a ten week program devoted to learning the art of creative coding. (via Shawn Allen)
Comment: 1
Four short links: 17 July 2014

Four short links: 17 July 2014

Software Ethics, Learning Challenges, Workplace Harassment, and Logging for Postmortems

  1. Misjudgements Will Drive Social Trials Underground (Nature) — 34 ethicists write to explain why they see Facebook’s mood-influence trials as not an egregious breach of either ethics or law. Notable: No one knows whether exposure to a stream of baby announcements, job promotions and humble brags makes Facebook’s one billion users sadder or happier. The exposure is a social experiment in which users become guinea pigs, but the effects will not be known unless they are studied.[...] But the extreme response to this study, some of which seems to have been made without full understanding of what it entailed or what legal and ethical standards require, could result in such research being done in secret or not at all. Compare wisdom of the ethicists to wisdom of the crowd. (via Kate Crawford)
  2. Problem-Free Activity in the Mathematics Classroom (PDF) — interesting not just for the bland crap work we make kids do, but for the summary of five types of need that stimulate learning: for certainty (“which of the two is right?”), for causality (“did X cause Y?”, “what will happen next?”), for computation (“how much will it cost?”, “how long will it take?”), for communication and persuasion (“it’s more fun when we work on this together”, “let me show you why I’m right!”), and for connection and structuring (“that can’t be right, it goes against all I know!”, “ah, that makes sense because …”). (via Kathy Sierra)
  3. Survey of Academic Field Experiences (PLoSone) — Our survey revealed that conducting research in the field exposes scientists to a number of negative experiences as targets and as bystanders. The experiences described by our respondents ranged from inadvertent alienating behavior, to unwanted verbal and physical sexual advances, to, most troublingly, sexual assault including rape. is immediately followed by These proportions of respondents experiencing harassment are generally consistent with other studies of workplace harassment in other professional settings. This will change when men’s behaviour and expectations change. Male readers, do your part: don’t harass and don’t tolerate it. This message brought to you from future generations who will wonder how the hell we turned a blind eye to it.
  4. sentry (github) — a realtime, platform-agnostic error logging and aggregation platform. It specializes in monitoring errors and extracting all the information needed to do a proper post-mortem without any of the hassle of the standard user feedback loop.
Comment
Four short links: 11 July 2014

Four short links: 11 July 2014

Curated Code, Hackable Browser, IoT Should Be Open, and Better Treemaps

  1. Awesome Awesomeness — list of curated collections of frameworks and libraries in various languages that do not suck. They solve the problem of “so, I’m new to (language) and don’t want to kiss a lot of frogs before I find the right tool for a particular task”.
  2. Breach — a hackable, modular web browser.
  3. The CompuServe of Things (Phil Windley) — How we build the Internet of Things has far-reaching consequences for the humans who will use—or be used by—it. Will we push forward, connecting things using forests of silos that are reminiscent the online services of the 1980′s, or will we learn the lessons of the Internet and build a true Internet of Things? (via Cory Doctorow)
  4. FoamTree — nifty treemap layouts and animations, in Javascript. (via Flowing Data)
Comment: 1
Four short links: 10 July 2014

Four short links: 10 July 2014

Journalism Security, Inclusive Technology, Network Magic, and Python Anti-Patterns

  1. Ex-Google Hacker Taking On The World’s Spy Agencies (Wired) — profile of the security expert working on protecting reporters.
  2. Meet Google’s Security Princess (Elle) — would have preferred to see her story in Wired. Much is good here, but this is pithy and strong: “If you have ambitions to create technology for the whole world, you need to represent the whole world, and the whole world is not just white men.”
  3. snabb switch — open source Linux userspace executable for making network appliances. Processes millions of ethernet packets per second per core. Suitable for ISPs. Speaks natively to Ethernet hardware, Hypervisors, and the Linux kernel. You can program it with LuaJIT extensions to do anything you want.
  4. Anti-Patterns in Python Programming — gold.
Comment: 1