- Pin: A Dynamic Binary Instrumentation Tool — a dynamic binary instrumentation framework for the IA-32 and x86-64 instruction-set architectures that enables the creation of dynamic program analysis tools. Some tools built with Pin are Intel Parallel Inspector, Intel Parallel Amplifier and Intel Parallel Advisor. The tools created using Pin, called Pintools, can be used to perform program analysis on user space applications in Linux and Windows. As a dynamic binary instrumentation tool, instrumentation is performed at run time on the compiled binary files. Thus, it requires no recompiling of source code and can support instrumenting programs that dynamically generate code.
- Lasers Bringing Down Drones (Wired) — I’ve sat on this for a while, but it is still hypnotic. Autonomous attack, autonomous defence. Pessimist: we’ll be slaves of the better machine learning algorithm. Optimist: we can make love while the AIs make war.
- Advice on Rewriting It From Scratch — every word is true. Over my career, I’ve come to place a really strong value on figuring out how to break big changes into small, safe, value-generating pieces. It’s a sort of meta-design — designing the process of gradual, safe change.
- Creating Gmail Inbox Statistics Reports — shows how to setup gmail to send you an email at the beginning of each month showing statistics for the previous month, such as the number of emails you received, the top 5 to whom you sent email, the top 5 from whom you received email, charts on your daily usage.
ENTRIES TAGGED "programming"
Binary Instrumentation, Drone-Laser Warfare, Rocking the Rewrite, and Quantified Inbox
Engagement Cliff, SSL Best Practices, Public Domain Numbers, and GitHub License Sniffing
- The Engagement Cliff — Gallup surveyed nearly 500,000 students in grades five through 12 from more than 1,700 public schools in 37 states in 2012 and found that by the time students get to high school only about 4 in 10 qualify as engaged.
- SSL/TLS Deployment Best Practices — clear and concise instructions to help overworked administrators and programmers spend the minimum time possible to obtain a secure site or web application. In pursue of clarity, we sacrifice completeness, foregoing certain advanced topics. The focus is on advice that is practical and easy to understand.
- Do Bad Things Happen When Works Enter The Public Domain? — research to answer that question. Spoiler: no. (via Surprisingly Free)
- Most GitHub Projects Not Open-Source Licensed (The Register) — 1,692,135 code repositories scanned, 219,326 (14.9%) percent had a file in their top-level directories that identified any kind of license at all. Of those, 28 per cent only announced their licenses in a README file, as opposed to recommended filenames such as LICENSE or COPYING. MIT license overwhelmingly popular compared to the different reciprocal (GPL-like) ones.
iOS Package Manager, Designed Satire, API Fragility, and Retweeting WWI
- Alcatraz — package manager for iOS. (via Hacker News)
- Scarfolk Council — clever satire, the concept being a UK town stuck in 1979. Tupperware urns, “put old people down at birth”. The 1979 look is gorgeous. (via BoingBoing)
- Stop Designing Fragile Web APIs — It is possible to design your API in a manner that reduces its fragility and increases its resilience to change. The key is to design your API around its intent. In the SOA world, this is also referred to as business-orientation.
- @life100yearsago (Twitter) — account that tweets out fragments of New Zealand journals and newspapers and similar historic documents, as part of celebrating the surprising and the commonplace during WWI. My favourite so far: “Wizard” stones aeroplane. (via NDF)
Solar Numbers, Process Managers, BitTorrent Sync, and Motherfrickin' Snakes in Your Motherfrickin' Browser
- Solar Energy: This is What a Disruptive Technology Looks Like (Brian McConnell) — In 1977, solar cells cost upwards of $70 per Watt of capacity. In 2013, that cost has dropped to $0.74 per Watt, a 100:1 improvement (source: The Economist). On average, solar power improves 14% per year in terms of energy production per dollar invested.
- Process Managers — overview of the tools that keep your software running.
- Bittorrent Sync — Dropbox-like features, BitTorrent under the hood.
3D Code, Malbuffering, p2p Hardware, and Crypto Challenges
- Meshlab — open source, portable, and extensible system for the processing and editing of unstructured 3D triangular meshes.
- HTML5 Video on iOS (Steve Souders) — While it’s true that Mobile Safari on iOS doesn’t buffer any video data as a result of the PRELOAD attribute, it does make other video requests that aren’t counted as “buffered” video. The number and size of the requests and responses depends on the video. For larger videos the total amount of data for these behind-the-scenes requests can be significant.
- Space Monkey (Kickstarter) — distributed encrypted peer-to-peer cloud service using custom hardware. Not open source, which would make me nervous that I was buying a botnet client with storage capability. (via BERG London)
- Matasano Crypto Challenges — Counting is not a hard problem. But cryptography is. There are just a few things you can screw up to get the size of a buffer wrong. There are tens, probably hundreds, of obscure little things you can do to take a cryptosystem that should be secure even against an adversary with more CPU cores than there are atoms in the solar system, and make it solveable with a Perl script and 15 seconds. Don’t take our word for it: do the challenges and you’ll see. People “know” this already, but they don’t really know it in their gut, and we think the reason for that is that very few people actually know how to implement the best-known attacks. So, mail us, and we’ll give you a tour of them.
Sterling on Disruption, Coding Crypto Fun, Distributed File System, and Asset Packaging
- Bruce Sterling on Disruption — If more computation, and more networking, was going to make the world prosperous, we’d be living in a prosperous world. And we’re not. Obviously we’re living in a Depression. Slow first 25% but then it takes fire and burns with the heat of a thousand Sun Microsystems flaming out. You must read this now.
- The Matasano Crypto Challenges (Maciej Ceglowski) — To my delight, though, I was able to get through the entire sequence. It took diligence, coffee, and a lot of graph paper, but the problems were tractable. And having completed them, I’ve become convinced that anyone whose job it is to run a production website should try them, particularly if you have no experience with application security. Since the challenges aren’t really documented anywhere, I wanted to describe what they’re like in the hopes of persuading busy people to take the plunge.
- Tachyon — a fault tolerant distributed file system enabling reliable file sharing at memory-speed across cluster frameworks, such as Spark and MapReduce. Berkeley-licensed open source.
Bitcoin Bundle, HTML Escaping, Open as in Gongkai, and Glass Reflections
- The Well Deserved Fortune of Satoshi Nakamoto — I can’t assure with 100% certainty that the all the black dots are owned by Satoshi, but almost all are owned by a single entity, and that entity began mining right from block 1, and with the same performance as the genesis block. It can be identified by constant slope segments that occasionally restart. Also this entity is the only entity that has shown complete trust in Bitcoin, since it hasn’t spend any coins (as last as the eye can see). I estimate at eyesight that Satoshi fortune is around 1M Bitcoins, or 100M USD at current exchange rate. Author’s credible. (via Hacker News)
- Houdini (Github) — C library for escaping and unescaping UTF-8-encoded HTML, according to OWASP guidelines.
- The $12 Gongkai Phone (Bunnie Huang) — gongkai isn’t a totally lawless free-for-all. It’s a network of ideas, spread peer-to-peer, with certain rules to enforce sharing and to prevent leeching. It’s very different from Western IP concepts, but I’m trying to have an open mind about it.
- Jan Chipchase on Google Glass (All Things D) — Any idiot can collect data. The real issue is how to collect data in such a way that meets both moral and legal obligations and still delivers some form of value. An interesting observation, one of many within this overview of the usability and third-party user experience of Google Glass-like UIs.
Software Archive, Self-Tracking, Provisioning, and Python Ciphers
- Computer Software Archive (Jason Scott) — The Internet Archive is the largest collection of historical software online in the world. Find me someone bigger. Through these terabytes (!) of software, the whole of the software landscape of the last 50 years is settling in. (And documentation and magazines and …). Wow.
- 7 in 10 Doctors Have a Self-Tracking Patient — the most common ways of sharing data with a doctor, according to the physicians, were writing it out by hand or giving the doctor a paper printout. (via Richard MacManus)
- opsmezzo — open-sourced provisioning tools from the Nodejitsu team. (via Nuno Job)
- Hacking Secret Ciphers with Python — teaches complete beginners how to program in the Python programming language. The book features the source code to several ciphers and hacking programs for these ciphers. The programs include the Caesar cipher, transposition cipher, simple substitution cipher, multiplicative & affine ciphers, Vigenere cipher, and hacking programs for each of these ciphers. The final chapters cover the modern RSA cipher and public key cryptography.
Probabilistic languages can free developers from the complexities of high-performance probabilistic inference.
Know Your HTTP, Digital Exploitation, Insecure Webcams, and CS Courses
- Know Your HTTP Posters (GitHub) — A0-posters about the HTTP protocol.
- Crowdserfing — when a large corp uses crowd-sourced volunteering for its own financial gain, without giving back. It offends my sense of reciprocity as well, but nobody is coerced into using Google Maps or contributing data to it. How do we decide what is “right”?
- Exposed Webcam Viewer — hotels in Russia, lobbies in California, and blinking lights in the darkness from all around the world. (via Hacker News)
- Beauty and Joy of Computing — an introductory computer science curriculum developed at the University of California, Berkeley, intended for non-CS majors at the high school junior through undergraduate freshman level. Uses Snap, a web-based implementation of Scratch.