- Pebble Gets App Store (ReadWrite Web) — as both Pebble and MetaWatch go after the high-end watch market. Wearables becoming more than a nerd novelty.
- Thinking About the Network as Filter (JP Rangaswami) — Constant re-openings of the same debate as people try and get a synchronous outcome out of an asynchronous tool without the agreements and conventions in place to do it. He says friends are your social filters. You no longer have to read every email. When you come back from vacation, whatever has passed in the stream unread can stay unread but most social tools are built as collectors, not as filters. Looking forward to the rest in his series.
- Open Auto Alliance — The OAA is a global alliance of technology and auto industry leaders committed to bringing the Android platform to cars starting in 2014. “KidGamesPack 7 requires access to your history, SMS, location, network connectivity, speed, weight, in-car audio, and ABS control systems. Install or Cancel?”
- Jacob Appelbaum’s CCC Talk — transcript of an excellent talk. One of the scariest parts about this is that for this system or these sets of systems to exist, we have been kept vulnerable. So it is the case that if the Chinese, if the Russians, if people here wish to build this system, there’s nothing that stops them. And in fact the NSA has in a literal sense retarded the process by which we would secure the internet because it establishes a hegemony of power, their power in secret to do these things.
ENTRIES TAGGED "security"
The risk of disintermediation meets a promise of collaboration.
Pattern Recognition, MicroSD Vulnerability, Security Talks, and IoT List
- tooldiag — a collection of methods for statistical pattern recognition. Implemented in C.
- Hacking MicroSD Cards (Bunnie Huang) — In my explorations of the electronics markets in China, I’ve seen shop keepers burning firmware on cards that “expand” the capacity of the card — in other words, they load a firmware that reports the capacity of a card is much larger than the actual available storage. The fact that this is possible at the point of sale means that most likely, the update mechanism is not secured. MicroSD cards come with embedded microcontrollers whose firmware can be exploited.
- 30c3 — recordings from the 30th Chaos Communication Congress.
- IOT Companies, Products, Devices, and Software by Sector (Mike Nicholls) — astonishing amount of work in the space, especially given this list is inevitably incomplete.
Lightweight Flying Robot, Autonomous Weapons, Scientific Irony, and Insecurity of Password Management Extensions
- DelFly Explorer — 20 grams, 9 minutes of autonomous flight, via barometer and new stereo vision system. (via Wayne Radinsky)
- Banning Autonomous Killing Machines (Tech Republic) — While no autonomous weapons have been built yet, it’s not a theoretical concern, either. Late last year, the U.S. Department of Defense (DoD) released its policy around how autonomous weapons should be used if they were to be deployed in the battlefield. The policy limits how they should operate, but definitely doesn’t ban them. (via Slashdot)
- Scientific Data Lost at Alarming Rate — says scientific paper PUBLISHED BEHIND A PAYWALL.
- Security of Browser Extension Password Managers (PDF) — This research shows that the examined password managers made design decisions that greatly increase the chance of users unknowingly exposing their passwords through application-level flaws. Many of the flaws relate to the browser-integrated password managers that don’t follow the same-origin policy that is crucial to browser security. In the case of password managers, this means that passwords could be filled into unintended credential forms, making password theft easier.
Zombie Drones, Algebra Through Code, Data Toolkit, and Crowdsourcing Antibiotic Discovery
- Skyjack — drone that takes over other drones. Welcome to the Malware of Things.
- Bootstrap World — a curricular module for students ages 12-16, which teaches algebraic and geometric concepts through computer programming. (via Esther Wojicki)
- Harvest — open source BSD-licensed toolkit for building web applications for integrating, discovering, and reporting data. Designed for biomedical data first. (via Mozilla Science Lab)
- Project ILIAD — crowdsourced antibiotic discovery.
Disruption, Telepresence, Drone Mapping, and TV Malware
- Innovation and the Coming Shape of Social Transformation (Techonomy) — great interview with Tim O’Reilly and Max Levchin. in electronics and in our devices, we’re getting more and more a sense of how to fix things, where they break. And yet as a culture, what we have chosen to do is to make those devices more disposable, not last forever. And why do you think it will be different with people? To me one of the real risks is, yes, we get this technology of life extension, and it’s reserved for a very few, very rich people, and everybody else becomes more disposable.
- Attending a Conference via a Telepresence Robot (IEEE) — interesting idea, and I look forward to giving it a try. The mark of success for the idea, alas, is two bots facing each other having a conversation.
- Drone Imagery for OpenStreetMap — 100 acres of 4cm/pixel imagery, in less than an hour.
- LG Smart TV Phones Home with Shows and Played Files — welcome to the Internet of Manufacturer Malware.
ISS Malware, Computational Creativity, Happy Birthday Go, Built Environment for Surveillance
- ISS Enjoys Malware — Kaspersky reveals ISS had XP malware infestation before they shifted to Linux. The Gravity movie would have had more registry editing sessions if the producers had cared about FACTUAL ACCURACY.
- Big Data Approach to Computational Creativity (Arxiv) — although the “results” are a little weak (methodology for assessing creativity not described, and this sadly subjective line “professional chefs at various hotels, restaurants, and culinary schools have indicated that the system helps them explore new vistas in food”), the process and mechanism are fantastic. Bayesian surprise, crowdsourced tagged recipes, dictionaries of volatile compounds, and more. (via MIT Technology Review)
- Go at 4 — recapping four years of Go language growth.
- Las Vegas Street Lights to Record Conversations (Daily Mail) — The wireless, LED lighting, computer-operated lights are not only capable of illuminating streets, they can also play music, interact with pedestrians and are equipped with video screens, which can display police alerts, weather alerts and traffic information. The high tech lights can also stream live video of activity in the surrounding area. Technology vendor is Intellistreets. LV says, Right now our intention is not to have any cameras or recording devices. Love that “right now”. Can’t wait for malware to infest it.
Warrant Canary, Polluted Statistics, Dollars for Deathbots, and Protocol Madness
- Apple Transparency Report (PDF) — contains a warrant canary, the statement Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge an order if served on us which will of course be removed if one of the secret orders is received. Bravo, Apple, for implementing a clever hack to route around excessive secrecy. (via Boing Boing)
- You’re Probably Polluting Your Statistics More Than You Think — it is insanely easy to find phantom correlations in random data without obviously being foolish. Anyone who thinks it’s possible to draw truthful conclusions from data analysis without really learning statistics needs to read this. (via Stijn Debrouwere)
- CyPhy Funded (Quartz) — the second act of iRobot co-founder Helen Greiner, maker of the famed Roomba robot vacuum cleaner. She terrified ETech long ago—the audience were expecting Roomba cuteness and got a keynote about military deathbots. It would appear she’s still in the deathbot niche, not so much with the cute. Remember this when you build your OpenCV-powered recoil-resistant load-bearing-hoverbot and think it’ll only ever be used for the intended purpose of launching fertiliser pellets into third world hemp farms.
- User-Agent String History — a light-hearted illustration of why the formal semantic value of free-text fields is driven to zero in the face of actual use.