Free Security Advice (grugq) — chap wearies of handing out security advice, so gathers it and shares for all.
TensorFuse — Common interface for Theano, CGT, and TensorFlow.
Draft.js — a framework for building rich text editors in React, powered by an immutable model and abstracting over cross-browser differences.
Dexy — a free-form literate documentation tool for writing any kind of technical document incorporating code. Dexy helps you write correct documents, and to easily maintain them over time as your code changes.
Comments Off on Four short links: 25 February 2016
Security Without Identification (PDF) — a David Chaum paper from 1985. Digital pseudonyms, handheld signing devices, Current systems emphasize the one-sided security of organizations attempting to protect themselves from individuals; the new approach allows all parties to protect their own interests. The new approach relies on individuals keeping secret keys from organizations and organizations devising other secret keys that are kept from individuals. During transactions, parties use these keys to provide each other with specially coded confirmation of the transaction details, which can be used as evidence.
Killing Slow Chrome Tabs (Medium) — There is one not-so-well known tool in Chrome, that allows you to analyse how much resources the individual tabs consume. It is called Task Manager and you can find it in Menu > More Tools > Task Manager.
Comments Off on Four short links: 22 February 2016
Exoskeletons Must be Covered by Health Insurance (VICE) — A medical review board ruled that a health insurance provider in the United States is obligated to provide coverage and reimbursement for a $69,500 ReWalk robotic exoskeleton, in what could be a major turning point for people with spinal cord injuries. (via Robohub)
New Models for the Company of the 21st Century (Simone Brunozzi) — large companies often get displaced by new entrants, failing to innovate and/or adapt to new technologies. Y-Combinator can be seen as a new type of company, where innovation is brought in as an entrepreneurial experiment, largely for seed-stage ideas; Google’s Alphabet, on the other hand, tries to stimulate innovation and risk by dividing a large company into smaller pieces and reassigning ownership and responsibilities to different CEOs.
Zephyr — Linux Foundation’s IoT open source OS project. tbh, I don’t see people complaining about operating systems. Integrating all these devices (and having the sensors actually usefully capturing what you want) seems the bigger problem. We already have fragmentation (is it a Samsung home or a Nest home?), and as more Big Swinging Click companies enter the world of smarter things, this will only get worse before it gets better.
Shmoocon 2016 Videos (Internet Archive) — videos of the talks from an astonishingly good security conference.
TipTalk — Samsung watchstrap that is the smart device … put your finger in your ear to hear the call. You had me at put my finger in my ear. (via WaPo)
Ecorithms — Leslie Valiant at Harvard broadened the concept of an algorithm into an “ecorithm,” which is a learning algorithm that “runs” on any system capable of interacting with its physical environment. Algorithms apply to computational systems, but ecorithms can apply to biological organisms or entire species. The concept draws a computational equivalence between the way that individuals learn and the way that entire ecosystems evolve. In both cases, ecorithms describe adaptive behavior in a mechanistic way.
Dataflow/Beam vs Spark (Google Cloud) — To highlight the distinguishing features of the Dataflow model, we’ll be comparing code side-by-side with Spark code snippets. Spark has had a huge and positive impact on the industry thanks to doing a number of things much better than other systems had done before. But Dataflow holds distinct advantages in programming model flexibility, power, and expressiveness, particularly in the out-of-order processing and real-time session management arenas.
Old-School PC Fonts — definitive collection of ripped-from-the-BIOS fonts from the various types of PCs. Your eyes will ache with nostalgia. (Or, if you’re a young gun, wondering how anybody wrote code with fonts like that) (my terminal font is VT220 because it makes me happy and productive)
Cognitive Load: Brain Gems — We distill the latest behavioural economics & consumer psychology research down into helpful little brain gems.
LTE Weaknesses (PDF) — ShmooCon talk about how weak LTE is: a lot of unencrypted exchanges between handset and basestation, cheap and easy to fake up a basestation.
Analyzo — Find and Compare the Best Tools for your Startup it claims. We’re in an age of software surplus: more projects, startups, apps, and tools than we can keep in our heads. There’s a place for curated lists, which is why every week brings a new one.
How to Keep the NSA Out — NSA’s head of Tailored Access Operations (aka attacking other countries) gives some generic security advice, and some interesting glimpses. “Don’t assume a crack is too small to be noticed, or too small to be exploited,” he said. If you do a penetration test of your network and 97 things pass the test but three esoteric things fail, don’t think they don’t matter. Those are the ones the NSA, and other nation-state attackers will seize on, he explained. “We need that first crack, that first seam. And we’re going to look and look and look for that esoteric kind of edge case to break open and crack in.”
Sensors Slip into the Brain and then Dissolve When Done (IEEE Spectrum) — pressure and temperature monitors, intended to be implanted in the brain, that completely dissolve within a few weeks. The news, published as a research letter in the journal Nature, described a demonstration of the devices in rats, using soluble wires to transmit the signals, as well as the demonstration of a wireless version, though the data transmission circuit, at this point, is not completely resorbable. The research was published as a letter to Nature.
GCHQ Proposes Surveillable Voice Call Encryption (The Register) — unsurprising, but should reiterate AGAIN that state security services would like us to live in the panopticon. Therefore, don’t let the buggers anywhere near the reins of our communication systems.
These Tricks Make Virtual Reality Feel Real — Scientists are exploiting the natural inaccuracies in people’s own proprioception, via a technique called “redirected walking,” to create the perception of space where none exists. With redirected walking, […] users can sense they are exploring the twisting byways of a virtual city when in reality they are simply walking in circles inside a lab.Original Redirect Walking paper.
The Resolution of the Bitcoin Experiment — If you had never heard about Bitcoin before, would you care about a payments network that: Couldn’t move your existing money; Had wildly unpredictable fees that were high and rising fast; Allowed buyers to take back payments they’d made after walking out of shops, by simply pressing a button (if you aren’t aware of this “feature” that’s because Bitcoin was only just changed to allow it); Is suffering large backlogs and flaky payments; … which is controlled by China; … and in which the companies and people building it were in open civil war?
Malware Analysis Repository — the materials as developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015.
Dronecode Moves Forward — Linux Foundation’s Dronecode project has 51 members, is used commercially, and has technical working groups looking at camera and gimbal controls; airspace management; and hardware/software interfaces.
Comments Off on Four short links: January 15, 2016
SLOTH — weak hash functions continue to be used in various cryptographic constructions within mainstream protocols such as TLS, IKE, and SSH, because practitioners argue that their use in these protocols relies only on second preimage resistance, and hence is unaffected by collisions. We systematically investigate and debunk this argument.
DFW Home of Body Modding — Dallas is at the center of two movements that are each trying to bring implants to the mainstream. Tattoo artists and technophiles head one, and well-heeled university neurologists and medical device engineers form the vanguard of the other.
On the Dangers of a Blockchain Monoculture — Would you use a database with these features? Uses approximately the same amount of electricity as could power an average American household for a day per transaction; Supports 3 transactions / second across a global network with millions of CPUs/purpose-built ASICs; Takes over 10 minutes to “commit” a transaction; […]
Lessig Interview (WSJ) — the slogan says regulation should be more technology neutral. I am not sure I ever heard a more idiotic statement in my life. There is no neutrality here, just different modes. … I don’t what think the law should say here is what services can do and not do, because the technology is so (fast-changing) the law could never catch up. But that what (we want) to avoid are certain kinds of business models, a prison of bits, where services leverage control over access to content and profit from that control over content.
Bubble-Driven Pseudoscience — In terms of life extension, here are the real opportunities: closing the gap between black and white patients, lowering the infant mortality rate, and making sure the very poorest among us have access to adequate care. You can make sure that many people live longer, right now! But none of this is quite as sexy as living forever, even though it’s got a greater payoff for the nation as a whole. So instead of investing in these areas, you’ve got a bunch of old white men who are afraid to die trying to figure out cryonics.
Comments Off on Four short links: 31 December 2015