ENTRIES TAGGED "security"

Four short links: 10 February 2014

Four short links: 10 February 2014

Sterling Zings, Android Swings, Data Blings, and Visualized Things.

  1. Bruce Sterling at transmediale 2014 (YouTube) — “if it works, it’s already obsolete.” Sterling does a great job of capturing the current time: spies in your Internet, lost trust with the BigCos, the impermanence of status quo, the need to create. (via BoingBoing)
  2. No-one Should Fork Android (Ars Technica) — this article is bang on. Google Mobile Services (the Play functionality) is closed-source, what makes Android more than a bare-metal OS, and is where G is focusing its development. Google’s Android team treats openness like a bug and routes around it.
  3. Data Pipelines (Hakkalabs) — interesting overview of the data pipelines of Stripe, Tapad, Etsy, and Square.
  4. Visualising Salesforce Data in Minecraft — would almost make me look forward to using Salesforce. Almost.
Comment: 1 |
Four short links: 7 February 2014

Four short links: 7 February 2014

Future of Programming, Android Conceal, Software Dependency, and IoT OS

  1. 12 Predictions About the Future of Programming (Infoworld) — not a bad set of predictions, except for the inane “squeezing” view of open source.
  2. Conceal (Github) — Facebook Android tool for apps to encrypt data and large files stored in public locations, for example SD cards.
  3. Dreamliner Softwareall three of the jet’s navigation computers failed at the same time. “The cockpit software system went blank,” IBN Live, an Indian television station, reported. The Internet of Rebooting Things.
  4. Contiki — open source connective OS for IoT.
Comment |
Four short links: 6 February 2014

Four short links: 6 February 2014

Emotions Wanted, Future's So Bright, Machine Learning for Security, and Medieval Unicode Fonts

  1. What Machines Can’t Do (NY Times) — In the 1950s, the bureaucracy was the computer. People were organized into technocratic systems in order to perform routinized information processing. But now the computer is the computer. The role of the human is not to be dispassionate, depersonalized or neutral. It is precisely the emotive traits that are rewarded: the voracious lust for understanding, the enthusiasm for work, the ability to grasp the gist, the empathetic sensitivity to what will attract attention and linger in the mind. Cf the fantastic The Most Human Human. (via Jim Stogdill)
  2. The Technium: A Conversation with Kevin Kelly (Edge) — If we were sent back with a time machine, even 20 years, and reported to people what we have right now and describe what we were going to get in this device in our pocket—we’d have this free encyclopedia, and we’d have street maps to most of the cities of the world, and we’d have box scores in real time and stock quotes and weather reports, PDFs for every manual in the world—we’d make this very, very, very long list of things that we would say we would have and we get on this device in our pocket, and then we would tell them that most of this content was free. You would simply be declared insane. They would say there is no economic model to make this. What is the economics of this? It doesn’t make any sense, and it seems far-fetched and nearly impossible. But the next twenty years are going to make this last twenty years just pale. (via Sara Winge)
  3. Applying Machine Learning to Network Security Monitoring (Slideshare) — interesting deck on big data + machine learning as applied to netsec. See also their ML Sec Project. (via Anton Chuvakin)
  4. Medieval Unicode Font Initiative — code points for medieval markup. I would have put money on Ogonek being a fantasy warrior race. Go figure.
Comment: 1 |
Four short links: 27 January 2014

Four short links: 27 January 2014

Real Time Exploratory Analytics, Algorithmic Agendas, Disassembly Engine, and Future of Employment

  1. Druid — open source clustered data store (not key-value store) for real-time exploratory analytics on large datasets.
  2. It’s Time to Engineer Some Filter Failure (Jon Udell) — Our filters have become so successful that we fail to notice: We don’t control them, They have agendas, and They distort our connections to people and ideas. That idea that algorithms have agendas is worth emphasising. Reality doesn’t have an agenda, but the deployer of a similarity metric has decided what features to look for, what metric they’re optimising, and what to do with the similarity data. These are all choices with an agenda.
  3. Capstone — open source multi-architecture disassembly engine.
  4. The Future of Employment (PDF) — We note that this prediction implies a truncation in the current trend towards labour market polarization, with growing employment in high and low-wage occupations, accompanied by a hollowing-out of middle-income jobs. Rather than reducing the demand for middle-income occupations, which has been the pattern over the past decades, our model predicts that computerisation will mainly substitute for low-skill and low-wage jobs in the near future. By contrast, high-skill and high-wage occupations are the least susceptible to computer capital. (via The Atlantic)
Comment |
Four short links: 24 January 2014

Four short links: 24 January 2014

Floating Point, Secure Distributed FS, Cloud Robotics, and Domestic Sensors

  1. What Every Computer Scientist Should Know About Floating Point Arithmetic — in short, “it will hurt you.”
  2. Ori a distributed file system built for offline operation and empowers the user with control over synchronization operations and conflict resolution. We provide history through light weight snapshots and allow users to verify the history has not been tampered with. Through the use of replication instances can be resilient and recover damaged data from other nodes.
  3. RoboEartha Cloud Robotics infrastructure, which includes everything needed to close the loop from robot to the cloud and back to the robot. RoboEarth’s World-Wide-Web style database stores knowledge generated by humans – and robots – in a machine-readable format. Data stored in the RoboEarth knowledge base include software components, maps for navigation (e.g., object locations, world models), task knowledge (e.g., action recipes, manipulation strategies), and object recognition models (e.g., images, object models).
  4. Mother — domestic sensors and an app with an appallingly presumptuous name. (Also, wasn’t “Mother” the name of the ship computer in Alien?) (via BoingBoing)
Comment: 1 |
Four short links: 22 January 2014

Four short links: 22 January 2014

Mating Math, Precogs Are Coming, Tor Bad Guys, and Mind Maps

  1. How a Math Genius Hacked OkCupid to Find True Love (Wired) — if he doesn’t end up working for OK Cupid, productising this as a new service, something is wrong with the world.
  2. Humin: The App That Uses Context to Enable Better Human Connections (WaPo) — Humin is part of a growing trend of apps and services attempting to use context and anticipation to better serve users. The precogs are coming. I knew it.
  3. Spoiled Onions — analysis identifying bad actors in the Tor network, Since September 2013, we discovered several malicious or misconfigured exit relays[...]. These exit relays engaged in various attacks such as SSH and HTTPS MitM, HTML injection, and SSL stripping. We also found exit relays which were unintentionally interfering with network traffic because they were subject to DNS censorship.
  4. My Mind (Github) — a web application for creating and managing Mind maps. It is free to use and you can fork its source code. It is distributed under the terms of the MIT license.
Comment |
Four short links: 20 January 2014

Four short links: 20 January 2014

iOS Pentesting, Twitter's Infrastructure, JS Data Sync, and Chromium as C Runtime

  1. idb (Github) — a tool to simplify some common tasks for iOS pentesting and research: screenshots, logs, plists/databases/caches, app binary decryption/download, etc. (via ShmooCon)
  2. Twitter Infrastructure — an interview with Raffi Krikorian, VP of Platform Engineering. Details on SOA, deployment schedule, rollouts, and culture. (via Nelson Minar)
  3. Orbit (Github) — a standalone Javascript lib for data access and synchronization.
  4. Chromium is the New C Runtime — using Chrome’s open source core as the standard stack of networking, crash report, testing, logging, strings, encryption, concurrency, etc. libraries for C programming.
Comment |
Four short links: 15 January 2014

Four short links: 15 January 2014

SCADA Security, Graph Clustering, Facebook Flipbook, and Projections Illustrated

  1. Hackers Gain ‘Full Control’ of Critical SCADA Systems (IT News) — The vulnerabilities were discovered by Russian researchers who over the last year probed popular and high-end ICS and supervisory control and data acquisition (SCADA) systems used to control everything from home solar panel installations to critical national infrastructure. More on the Botnet of Things.
  2. mclMarkov Cluster Algorithm, a fast and scalable unsupervised cluster algorithm for graphs (also known as networks) based on simulation of (stochastic) flow in graphs.
  3. Facebook to Launch Flipboard-like Reader (Recode) — what I’d actually like to see is Facebook join the open web by producing and consuming RSS/Atom/anything feeds, but that’s a long shot. I fear it’ll either limit you to whatever circle-jerk-of-prosperity paywall-penetrating content-for-advertising-eyeballs trades the Facebook execs have made, or else it’ll be a leech on the scrotum of the open web by consuming RSS without producing it. I’m all out of respect for empire-builders who think you’re a fool if you value the open web. AOL might have died, but its vision of content kings running the network is alive and well in the hands of Facebook and Google. I’ll gladly post about the actual product launch if it is neither partnership eyeball-abuse nor parasitism.
  4. Map Projections Illustrated with a Face (Flowing Data) — really neat, wish I’d had these when I was getting my head around map projections.
Comment |
Four short links: 14 January 2014

Four short links: 14 January 2014

Web Design, SF History of Hate, USB Fauxkeyboard, and Git Tutorials

  1. LayoutIt — drag-and-drop design using Bootstrap components. These tools are proliferating, as the standard design frameworks like Bootstrap make them possible. There’s unsustainable complexity in building web sites today, which means something will give: the web will lose to something, the technology forming the web will iterate, or the tools for the web will improve.
  2. How Silicon Valley Became The Man — I’m fascinated by the sudden spike in anti-corporate tension in SF. This interview gives me some useful vocabulary: New Communalists and the New Left. And two more books to read …
  3. USB Rubber Ducky — USB dongle that pretends to be a keyboard and types out your text REALLY fast. (via Root a Mac in 10s or Less)
  4. Simple Git Workflow is Simple — Atlassian producing videos on how to use git, good starting point for new code drones.
Comment: 1 |
Four short links: 10 January 2014

Four short links: 10 January 2014

Software in 2014, Making Systems That Don't Suck, Cognition Troubles, and Usable Security Hacks

  1. Software in 2014 (Tim Bray) — a good state of the world, much of which I agree with. Client-side: Things are bad. You have to build everything three times: Web, iOS, Android. We’re talent-starved, this is egregious waste, and it’s really hurting us.
  2. Making Systems That Don’t Suck (Dominus) — every software engineer should have to read this. Every one.
  3. IBM Struggles to Turn Watson Into Big Business (WSJ) — cognition services harder to onboard than seemed. It smells suspiciously like expert systems from the 1980s, but with more complex analytics on the inside. Analytic skill isn’t the problem for these applications, though, it’s the pain of getting domain knowledge into the system in the first place. This is where G’s web crawl and massive structured general knowledge is going to be a key accelerant.
  4. Reading This May Harm Your Computer (SSRN) — Internet users face large numbers of security warnings, which they mostly ignore. To improve risk communication, warnings must be fewer but better. We report an experiment on whether compliance can be increased by using some of the social-psychological techniques the scammers themselves use, namely appeal to authority, social compliance, concrete threats and vague threats. We also investigated whether users turned off browser malware warnings (or would have, had they known how).
Comment |