ENTRIES TAGGED "security"

The technical aspects of privacy

The first of three public workshops kicked off a conversation with the federal government on data privacy in the US.

Thrust into controversy by Edward Snowden’s first revelations last year, President Obama belatedly welcomed a “conversation” about privacy. As cynical as you may feel about US spying, that conversation with the federal government has now begun. In particular, the first of three public workshops took place Monday at MIT. Given the locale, a focus on the technical aspects of…
Read Full Post | Comments: 7 |
Four short links: 5 March 2014

Four short links: 5 March 2014

Cheap Gesture Sensor, Ignorance as Strength, Android Malware Resistance, and Security Talks

  1. $1 Gesture-Recognizing Device (GigaOm) — the AllSee is the size of a quarter, harvests RF for power, and detects the variations in signal strength caused by gestures.
  2. A Conversation with Sydney BrennerThe thing is to have no discipline at all. Biology got its main success by the importation of physicists that came into the field not knowing any biology and I think today that’s very important. I strongly believe that the only way to encourage innovation is to give it to the young. The young have a great advantage in that they are ignorant. Because I think ignorance in science is very important. If you’re like me and you know too much you can’t try new things. I always work in fields of which I’m totally ignorant.
  3. Android Almost Impenetrable to Malware — multiple layers of defence, including signatures of known-bad systems found in the wild, necessary to retain an “open” marketplace vs Apple’s lock-down.
  4. TrustyCon (YouTube) — video of the speakers at the conference that was set up by speakers who withdrew from the RSA conference. (via BoingBoing)
Comment |
Four short links: 4 March 2014

Four short links: 4 March 2014

It's Complicated, Solid World, Bitcoin Redux, and CS Papers

  1. It’s Complicated — Danah Boyd’s new book on teens use of the online world is available for PDF download (but buy a copy anyway!).
  2. Building a Solid World — O’Reilly research paper about the “software-enhanced networked physical world”. Gonna be mighty interesting in a world where our stuff knows more and is better connected than its owners.
  3. What Did Not Happen at Mt Gox — interesting analysis of some of the popular theories. Overall, Bitcoin has been an ongoing massive online course on economics and distributed systems for the libertarian masses. It’s ironic that Mt. Gox turned into a chapter on fractional reserve banking.
  4. Papers We Love (Github) — a collection of papers from the computer science community to read and discuss.
Comment |
Four short links: 27 February 2014

Four short links: 27 February 2014

A Fine Rant, Continuous Deployment, IBeacon Spec, and LaTeX Gets a Collaborative Multiplayer Mode

  1. Our Comrade, The Electron (Maciej Ceglowski) — a walk through the life of the inventor of the Theremin, with a pointed rant about how we came to build the surveillance state for the state. One of the best conference talks ever, and I was in the audience for it!
  2. go.cd — continuous deployment and delivery automation tool from Thoughtworks, nothing to do with the Go programming language. The name is difficult to search for, so naturally we needed the added confusion of two projects sharing the name. Continuous deployment is an important part of devops (“the job of our programmers is not to write code, it is to deploy working code into production”—who said this? I’ve lost the reference already).
  3. Apple iBeacon Developer Programme — info locked up behind registration. Sign an NDA to get the specs, free to use the name. Interesting because iBeacon and other Bluetooth LE implementations are promising steps to building a network of things. (via Beekn)
  4. ShareLaTeX — massively multiplayer online LaTeX. Open sourced.
Comment |
Four short links: 26 February 2014

Four short links: 26 February 2014

Library Box, Data-Driven Racial Profiling, Internet of Washing Machines, and Nokia's IoT R&D

  1. Librarybox 2.0fork of PirateBox for the TP-Link MR 3020, customized for educational, library, and other needs. Wifi hotspot with free and anonymous file sharing. v2 adds mesh networking and more. (via BoingBoing)
  2. Chicago PD’s Using Big Data to Justify Racial Profiling (Cory Doctorow) — The CPD refuses to share the names of the people on its secret watchlist, nor will it disclose the algorithm that put it there. [...] Asserting that you’re doing science but you can’t explain how you’re doing it is a nonsense on its face. Spot on.
  3. Cloudwash (BERG) — very good mockup of how and why your washing machine might be connected to the net and bound to your mobile phone. No face on it, though. They’re losing their touch.
  4. What’s Left of Nokia to Bet on Internet of Things (MIT Technology Review) — With the devices division gone, the Advanced Technologies business will cut licensing deals and perform advanced R&D with partners, with around 600 people around the globe, mainly in Silicon Valley and Finland. Hopefully will not devolve into being a patent troll. [...] “We are now talking about the idea of a programmable world. [...] If you believe in such a vision, as I do, then a lot of our technological assets will help in the future evolution of this world: global connectivity, our expertise in radio connectivity, materials, imaging and sensing technologies.”
Comment |
Four short links: 25 February 2014

Four short links: 25 February 2014

MtGox Go Boom, Flappy Bird, Air Hockey Hack, and Robo Lab

  1. Bitcoin Markets Down — value of bitcoins plunges as market uncertain after largest bitcoin exchange goes insolvent after losing over 750k bitcoins because they didn’t update their software after a flaw was discovered in the signing of transactions.
  2. Flappy Bird for the Commodore 64 — the 1980s games platform meets the 2014 game. cf the machine learning hack where the flappy bird learns to play the game successfully.
  3. Air Hockey Robot — awesome hack.
  4. Run 30 Lab Tests on Only One Drop of Blood — automated lab processing to remove the human error in centrifuging, timing, etc. that added to variability of results.
Comment: 1 |
Four short links: 24 February 2014

Four short links: 24 February 2014

Your Brain on Code, Internet of Compromised Things, Waiting for Wearables, and A/B Illusions

  1. Understanding Understanding Source Code with Functional Magnetic Resonance Imaging (PDF) — we observed 17 participants inside an fMRI scanner while they were comprehending short source-code snippets, which we contrasted with locating syntax error. We found a clear, distinct activation pattern of five brain regions, which are related to working memory, attention, and language processing. I’m wary of fMRI studies but welcome more studies that try to identify what we do when we code. (Or, in this case, identify syntax errors—if they wanted to observe real programming, they’d watch subjects creating syntax errors) (via Slashdot)
  2. Oobleck Security (O’Reilly Radar) — if you missed or skimmed this, go back and reread it. The future will be defined by the objects that turn on us. 50s scifi was so close but instead of human-shaped positronic robots, it’ll be our cars, HVAC systems, light bulbs, and TVs. Reminds me of the excellent Old Paint by Megan Lindholm.
  3. Google Readying Android Watch — just as Samsung moves away from Android for smart watches and I buy me and my wife a Pebble watch each for our anniversary. Watches are in the same space as Goggles and other wearables: solutions hunting for a problem, a use case, a killer tap. “OK Google, show me offers from brands I love near me” isn’t it (and is a low-lying operating system function anyway, not a userland command).
  4. Most Winning A/B Test Results are Illusory (PDF) — Statisticians have known for almost a hundred years how to ensure that experimenters don’t get misled by their experiments [...] I’ll show how these methods ensure equally robust results when applied to A/B testing.
Comment: 1 |

Oobleck security

What is the security model for a world filled with sensors?

I’ve been thinking (and writing) a lot lately about the intersection of hardware and software, and how standing at that crossroads does not fit neatly into our mental models of how to approach the world. Previously, there was hardware and there was software, and the two didn’t really mix. When trying to describe my thinking to a colleague…
Read Full Post | Comments: 3 |
Four short links: 18 February 2014

Four short links: 18 February 2014

Offensive Security, Sage-Quitting, Ethics Risks, and War Stories

  1. Offensive Computer Security — 2014 class notes, lectures, etc. from FSU. All CC-licensed.
  2. Twitter I Love You But You’re Bringing Me Down (Quinn Norton) — The net doesn’t make social problems. It amplifies them until they can’t be ignored. And many other words of wisdom. When you eruditely stop using a service, that’s called sage-quitting.
  3. Inside Google’s Mysterious Ethics Board (Forbes) — nails the three risk to Google’s AI ethics board: (a) compliance-focus, (b) internally-staffed, and (c) only for show.
  4. 10 Things We Forgot to Monitor — devops war stories explaining ten things that bitly now monitors.
Comment |
Four short links: 13 February 2014

Four short links: 13 February 2014

Open Web Ranking, Quantified Self Gadgets, Armband Input, and Bitcoin Exchanges Threatened

  1. The Common Crawl WWW Ranking — open data, open methodology, behind an open ranking of the top sites on the web. Preprint paper available. (via Slashdot)
  2. Felton’s Sensors (Quartz) — inside the gadgets Nicholas Felton uses to quantify himself.
  3. Myo Armband (IEEE Spectrum) — armband input device with eight EMG (electromyography) muscle activity sensors along with a nine-axis inertial measurement unit (that’s three axes each for accelerometer, gyro, and magnetometer), meaning that you get forearm gesture sensing along with relative motion sensing (as opposed to absolute position). The EMG sensors pick up on the electrical potential generated by muscle cells, and with the Myo on your forearm, the sensors can read all of the muscles that control your fingers, letting them spy on finger position as well as grip strength.
  4. Bitcoin Exchanges Under Massive and Concerted Attack — he who lives by the network dies by the network. a DDoS attack is taking Bitcoin’s transaction malleability problem and applying it to many transactions in the network, simultaneously. “So as transactions are being created, malformed/parallel transactions are also being created so as to create a fog of confusion over the entire network, which then affects almost every single implementation out there,” he added. Antonopoulos went on to say that Blockchain.info’s implementation is not affected, but some exchanges have been affected – their internal accounting systems are gradually going out of sync with the network.
Comment |