ENTRIES TAGGED "security"
New Kinect, Surveillance of Things, How to Criticise, and Compensating for Population
- XBox One Kinect Controller (Guardian) — the new Kinect controller can detect gaze, heartbeat, and the buttons on your shirt.
- Surveillance and the Internet of Things (Bruce Schneier) — Lots has been written about the “Internet of Things” and how it will change society for the better. It’s true that it will make a lot of wonderful things possible, but the “Internet of Things” will also allow for an even greater amount of surveillance than there is today. The Internet of Things gives the governments and corporations that follow our every move something they don’t yet have: eyes and ears.
- Daniel Dennett’s Intuition Pumps (extract) — How to compose a successful critical commentary: 1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.” 2. List any points of agreement (especially if they are not matters of general or widespread agreement). 3. Mention anything you have learned from your target.4. Only then are you permitted to say so much as a word of rebuttal or criticism.
- New Data Science Toolkit Out (Pete Warden) — with population data to let you compensate for population in your heatmaps. No more “gosh, EVERYTHING is more prevalent where there are lots of people!” meaningless charts.
Videogame Hyperinflation, Thumbdrive Computing, Distributed Consensus, and Organism Simulation
- Hyperinflation in Diablo 3 — interesting discussion about how video games regulate currency availability, and how Diablo 3 appears to have messed up. several weeks after the game’s debut a source claimed that there were at least 1,000 bots active 24/7 in the Diablo 3 game world, allegedly “harvesting” (producing) 4 million virtual gold per hour. Most of the gold generated by the ruthlessly productive, rapidly adapting bots found its way to third party vendors in a black market which undercut the prices in the sanctioned, in-game auction houses.
- Dell Project Ophelia (PC World) — $100 USB-stick-sized Android computer.
- Call Me Maybe (Kyle Kingsbury) — a series on network partitions. We’re going to learn about distributed consensus, discuss the CAP theorem’s implications, and demonstrate how different databases behave under partition.
- OpenWorm (The Atlantic) — simulating the c. elegans nematode worm in software. OpenWorm isn’t like these other initiatives; it’s a scrappy, open-source project that began with a tweet and that’s coordinated on Google Hangouts by scientists spread from San Diego to Russia. If it succeeds, it will have created a first in executable biology: a simulated animal using the principles of life to exist on a computer.
Internet Filter Creep, Innovating in E-Mail/Gmail, Connected Devices Business Strategy, and Ecology Recapitulates Photography
- Australian Filter Scope Creep — The Federal Government has confirmed its financial regulator has started requiring Australian Internet service providers to block websites suspected of providing fraudulent financial opportunities, in a move which appears to also open the door for other government agencies to unilaterally block sites they deem questionable in their own portfolios.
- Embedding Actions in Gmail — after years of benign neglect, it’s good to see Gmail worked on again. We’ve said for years that email’s a fertile ground for doing stuff better, and Google seem to have the religion. (see Send Money with Gmail for more).
- What Keeps Me Up at Night (Matt Webb) — Matt’s building a business around connected devices. Here he explains why the category could be owned by any of the big players. In times like this I remember Howard Aiken’s advice: Don’t worry about people stealing your ideas. If it is original you will have to ram it down their throats.
- Image Texture Predicts Avian Density and Species Richness (PLOSone) — Surprisingly and interestingly, remotely sensed vegetation structure measures (i.e., image texture) were often better predictors of avian density and species richness than field-measured vegetation structure, and thus show promise as a valuable tool for mapping habitat quality and characterizing biodiversity across broad areas.
Privacy: Gone in 150ms, Pen-Testing Tablet, Low-Level in Lua, and Metaphor Identification Shootout
- Behind the Banner — visualization of what happens in the 150ms when the cabal of data vultures decide which ad to show you. They pass around your data as enthusiastically as a pipe at a Grateful Dead concert, and you’ve just as much chance of getting it back. (via John Battelle)
- pwnpad — Nexus 7 with Android and Ubuntu, high-gain USB bluetooth, ethernet adapter, and a gorgeous suite of security tools. (via Kyle Young)
- Terra — a simple, statically-typed, compiled language with manual memory management [...] designed from the beginning to interoperate with Lua. Terra functions are first-class Lua values created using the terra keyword. When needed they are JIT-compiled to machine code. (via Hacker News)
- Metaphor Identification in Large Texts Corpora (PLOSone) — The paper presents the most comprehensive study of metaphor identification in terms of scope of metaphorical phrases and annotated corpora size. Algorithms’ performance in identifying linguistic phrases as metaphorical or literal has been compared to human judgment. Overall, the algorithms outperform the state-of-the-art algorithm with 71% precision and 27% averaged improvement in prediction over the base-rate of metaphors in the corpus.
Exploiting Glass, Teaching Probability, Product Design, and Subgraph Matching
- Exploiting a Bug in Google Glass — unbelievably detailed and yet easy-to-follow explanation of how the bug works, how the author found it, and how you can exploit it too. The second guide was slightly more technical, so when he returned a little later I asked him about the Debug Mode option. The reaction was interesting: he kind of looked at me, somewhat confused, and asked “wait, what version of the software does it report in Settings”? When I told him “XE4″ he clarified “XE4, not XE3″, which I verified. He had thought this feature had been removed from the production units.
- Probability Through Problems — motivating problems to hook students on probability questions, structured to cover high-school probability material.
- Connbox — love the section “The importance of legible products” where the physical UI interacts seamless with the digital device … it’s glorious. Three amazing videos.
- The Index-Based Subgraph Matching Algorithm (ISMA): Fast Subgraph Enumeration in Large Networks Using Optimized Search Trees (PLoSONE) — The central question in all these fields is to understand behavior at the level of the whole system from the topology of interactions between its individual constituents. In this respect, the existence of network motifs, small subgraph patterns which occur more often in a network than expected by chance, has turned out to be one of the defining properties of real-world complex networks, in particular biological networks. [...] An implementation of ISMA in Java is freely available.
Paperclip Computing, Packet Capture, Offline Wikipedia, and Sensor Databases
- How to Build a Working Digital Computer Out of Paperclips (Evil Mad Scientist) — from a 1967 popular science book showing how to build everything from parts that you might find at a hardware store: items like paper clips, little light bulbs, thread spools, wire, screws, and switches (that can optionally be made from paper clips).
- Moloch (Github) — an open source, large scale IPv4 packet capturing (PCAP), indexing and database system with a simple web GUI.
- Offline Wikipedia Reader (Amazon) — genius, because what Wikipedia needed to be successful was to be read-only. (via BoingBoing)
- Storing and Publishing Sensor Data — rundown of apps and sites for sensor data. (via Pete Warden)
Raspberry Pi MITM, Industrial Robot SDK, Cheap Mill, and Open Source State Replication in Go
- Raspberry Pi Wireless Attack Toolkit — A collection of pre-configured or automatically-configured tools that automate and ease the process of creating robust Man-in-the-middle attacks. The toolkit allows your to easily select between several attack modes and is specifically designed to be easily extendable with custom payloads, tools, and attacks. The cornerstone of this project is the ability to inject Browser Exploitation Framework Hooks into a web browser without any warnings, alarms, or alerts to the user. We accomplish this objective mainly through wireless attacks, but also have a limpet mine mode with ettercap and a few other tricks.
- Industrial Robot with SDK For Researchers (IEEE Spectrum) — $22,000 industrial robot with 7 degrees-of-freedom arms, integrated cameras, sonar, and torque sensors on every joint. [...] The Baxter research version is still running a core software system that is proprietary, not open. But on top of that the company built the SDK layer, based on ROS (Robot Operation System), and this layer is open source. In addition, there are also some libraries of low level tasks (such as joint control and positioning) that Rethink made open.
- OtherMill (Kickstarter) — An easy to use, affordable, computer controlled mill. Take all your DIY projects further with custom circuits and precision machining. (via Mike Loukides)
- go-raft (GitHub) — open source implementation of the Raft distributed consensus protocol, in Go. (via Ian Davis)
Intelligence and Entropy, Trademarked Memes, Wink UI, and Swiss Cheese Military Security
- Causal Entropic Forces (PDF) — new paper from Sci Foo alum Alex Wissner-Gross connecting intelligence and entropy. (via Inside Science)
- Nyan Cat and Keyboard Cat Are Trademarked Memes (Ars Technica) — the business of this (presumably there will be royalties in the end) is less interesting to me than the murky tension between authorship, ownership, sharing, popularity, and profit. We still lack a common expectation for how memes can be owned and exploited.
- Wink UI — Mike DiGiovanni wrote a Glass app to take photos when you wink. (via Ars Technica)
- Stealing US Military Secrets (Bloomberg) — One former intelligence official described internal Pentagon discussions over whether another Lockheed Martin fighter jet, the F-22 Raptor, could safely be deployed in combat, because several subcontractors had been hacked. The article is full of horror stories about Chinese penetration of US military contractors.
China Threat, China Opportunity, Open Source Sustainability, and SQL for Cohort Analysis
- China = 41% of World’s Internet Attack Traffic (Bloomberg) — numbers are from Akamai’s research. Verizon Communications said in a separate report that China accounted for 96 percent of all global espionage cases it investigated. One interpretation is that China is a rogue Internet state, but another is that we need to harden up our systems. (via ZD Net)
- Open Source Cannot Live on Donations Alone — excellent summary of some of the sustainability questions facing open source projects.
- China Startups: The Gold Rush (Steve Blank) — dense fact- and insight-filled piece. Not only is the Chinese ecosystem completely different but also the consumer demographics and user expectations are equally unique. 70% of Chinese Internet users are under 30. Instead of email, they’ve grown up with QQ instant messages. They’re used to using the web and increasingly the mobile web for everything, commerce, communication, games, etc. (They also probably haven’t seen a phone that isn’t mobile.) By the end of 2012, there were 85 million iOS and 160 million Android devices in China. And they were increasing at an aggregate 33 million IOS and Android activations per month.
- Calculating Rolling Cohort Retention with SQL — just what it says. (via Max Lynch)