- Starship — robotic delivery, from Skype co-founders. Pilot in the U.K. next year, in U.S. the year after. (via Brad Templeton)
- Materials that Couple Sensing, Actuation, Computation, and Communication (PDF) — very readable rundown of the ways in which materials can be designed to sense, compute, actuate, and communicate. You should read this because if the Internet of Things is going to be big, then the real breakthroughs and leaps forward will be in the Things and not the Internet. (via CCC Blog)
- Taiga — open source agile software project management tool (backlog, kanban, tasks, sprints, burndown charts, that sort of thing). (via Jef Vratny)
- Confidant — a secret management system, for AWS, from Lyft. If you build services that need to talk to each other, it quickly gets difficult to distribute and manage permissions to those services. So, naturally, the solution is to add another service. (In accordance with the Fundamental Theorem of Computer Science.)
"security" entries
Four short links: 5 November 2015
Robotic Delivery, Materials Science, Open Source Project Management, and Open Source Secret Management
Four short links: 30 October 2015
Cyber Threats, Secrecy Hurts R&D, Robot Bee, Long Live ChromeOS
- Emerging Cyber Threats Report (Georgia Tech) — no surprises, but another document to print and leave on the desk of the ostrich who thinks there’s no security problem.
- Apple’s Secrecy Hurts Its AI Development (Bloomberg) — “Apple is off the scale in terms of secrecy,” says Richard Zemel, a professor in the computer science department at the University of Toronto. “They’re completely out of the loop.”
- Swimming Robobees (Harvard) — The Harvard RoboBee, designed in Wood’s lab, is a microrobot, smaller than a paperclip, that flies and hovers like an insect, flapping its tiny, nearly invisible wings 120 times per second. It can fly and swim.
- Android and Chrome — starting next year, the company will work with partners to build personal computers that run on Android, according to sources familiar with the company’s plans. The Chrome browser and operating systems aren’t disappearing — PC makers that produce Chromebooks will still be able to use Chrome. Security gurus sad because ChromeOS is most secure operating system in use.
Four short links: 29 October 2015
Cloud Passports, Better Python Notebooks, Slippery Telcos, and Python Data Journalism
- Australia Floating the Idea of Cloud Passports — Under a cloud passport, a traveller’s identity and biometrics data would be stored in a cloud, so passengers would no longer need to carry their passports and risk having them lost or stolen. That sound you hear is Taylor Swift on Security, quoting “Wildest Dreams” into her vodka and Tang: “I can see the end as it begins.” This article is also notable for The idea of cloud passports is the result of a hipster-style-hackathon.
- Jupyter — Python Notebooks that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Uses include: data cleaning and transformation, numerical simulation, statistical modeling, machine learning, and much more.
- Telcos $24B Business In Your Data — Under the radar, Verizon, Sprint, Telefonica, and other carriers have partnered with firms including SAP, IBM, HP, and AirSage to manage, package, and sell various levels of data to marketers and other clients. It’s all part of a push by the world’s largest phone operators to counteract diminishing subscriber growth through new business ventures that tap into the data that showers from consumers’ mobile Web surfing, text messaging, and phone calls. Even if you do pay for it, you’re still the product.
- Introducing Agate — a Python data analysis library designed to be useable by non-data-scientists, so leads to readable and predictable code. Target market: data journalists.
Four short links: 15 October 2015
The Chinese Dream, Siri Hacked, Indirect Measures, and Boring Technology
- Little Rice: Smartphones, Xiaomi, and the Chinese Dream (Amazon) — Clay Shirky’s new 128-page book/report about how Xiaomi exemplifies the balancing act that China has to perfect to navigate between cheap copies and innovation, between the demands of local and global markets, and between freedom and control. I’d buy Clay’s shopping list, the same way I’d gladly listen to Neil Gaiman telling the time. (via BoingBoing)
- Feed Siri Instructions From 16 Feet Away (Wired) — summary of a paywalled IEEE research paper Their clever hack uses those headphones’ cord as an antenna, exploiting its wire to convert surreptitious electromagnetic waves into electrical signals that appear to the phone’s operating system to be audio coming from the user’s microphone. […] It generates its electromagnetic waves with a laptop running the open source software GNU Radio, a USRP software-defined radio, an amplifier, and an antenna.
- User-Centered Design (Courtney Johnston) — the wall label should always give you cause to look back at the art work again. I love behaviour-based indirect measures of success like this.
- Choose Boring Technology (Dan McKinley) — going into the new hire required reading pile. See also the annotated slide deck.
Four short links: 14 October 2015
Diversity Planning, Women in Robotics, AWS Resources, and Web Authentication
- Signals from Velocity New York — “If your company is creating a diversity plan and you’ve actually gone and counted people,” Liles said, “you’ve already lost.” If you’re motivated to count, then know you’ve already lost. You want to know by how much.
- 25 Women in Robotics You Need to Know About — The DARPA Robotics Challenge (DRC) Finals 2015 were similarly lacking; of the 444 robot builders representing 24 robot entrants, only 23 builders were women (though some of the most successful teams at the DRC had female team members). Given how multidisciplinary the field is, and how many different skills are required, we need to celebrate women who are achieving greatness in robotics until we are seeing more parity. Great list.
- Awesome AWS — A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources.
- The Web Authentication Arms Race — Cryptography can only be used to transfer existing trust or secrecy across time or space; if the attacker impersonates the defender before the user establishes anything, it becomes impossible for the user to tell which party is legitimate. This sentence, made in solid gold Yes.
Four short links: 7 October 2015
Time for Change, Face Recognition, Correct Monitoring, and Surveillance Infrastructure
- The Uncertain Future of Emotion Analytics — A year before the launch of the first mass-produced personal computer, British academic David Collingridge wrote in his book “The Social Control of Technology” that “when change is easy, the need for it cannot be foreseen; when the need for change is apparent, change has become expensive, difficult, and time consuming.”
- Automatic Face Recognition (Bruce Schneier) — Without meaningful regulation, we’re moving into a world where governments and corporations will be able to identify people both in real time and backwards in time, remotely and in secret, without consent or recourse.
- Really Monitoring Your Systems — If you are not measuring and showing the maximum value, then you are hiding something. The number one indicator you should never get rid of is the maximum value. That’s not noise — it’s the signal; the rest is noise.
- Haunted by Data (Maciej Ceglowski) — You can’t just set up an elaborate surveillance infrastructure and then decide to ignore it. These data pipelines take on an institutional life of their own, and it doesn’t help that people speak of the “data-driven organization” with the same religious fervor as a “Christ-centered life.”
Four short links: 30 September 2015
Homebrew Bioweapons, Drone Strikes, Git Security, and Integrity Boost
- Homebrew Bioweapons Not Imminent Threat — you need a safe facility, lab instruments, base strain, design and execution skills, and testing. None of these are easy until the Amazon-Google cloud wars finally cause them to move into “bioweapons as a service.”
- Apple Removes App That Tracks Drone Strikes — “there are certain concepts that we decide not to move forward with, and this is one,” says Apple. (via BoingBoing)
- gitrob — a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files, that typically contain sensitive or dangerous information.
- How Much is a Leader’s Integrity Worth? — Kiel found that high-integrity CEOs had a multi-year return of 9.4%, while low-integrity CEOs had a yield of just 1.9%. What’s more, employee engagement was 26% higher in organizations led by high-integrity CEOs. (via Neelan Choksi)
Four short links: 28 September 2015
Coordinated Disclosure Kit, Coding Contests, Growth Strategies, and Ad Buck Passing
- Coordinated Disclosure Toolkit — a generic copy of the resources used by Portcullis Computer Security to manage our Advisory Process.
- Competitive Coding (Bloomberg) — ignore the lazy author’s patronising tone; the bit that caught my eye was: He first began freaking people out in second grade, at age 8, when he took second place in a major Belarusian coding competition. To put this achievement in perspective, the score was high enough for Korotkevich to be granted automatic enrollment in a top technical university without needing to pass any other entrance exams. That is how you value STEM education: let people test out of it if they don’t need it!
- Here’s What a Growth Strategy Looks Like (First Round) — User acquisition doesn’t really make sense unless you already have healthy retention [of diversity-in-tech pipeline conversations].
- How We Pass The Buck (Anil Dash) — The thing is, technology is not neutral, algorithms are built with values, and the default choices in our software determine huge swaths of our culture. We delegate ethical decisions as consumers and citizens to people who make software, but almost no computer science program teaches ethics, and almost no major technology company has a chief ethicist.
No, the IoT does not need strong privacy and security to flourish
The Internet of Things will happily march along with lousy privacy and security, and we will be the poorer for it.
“Without addressing privacy and trust, the Internet of Things will not reach its full potential.”
This refrain can be heard at IoT conferences, in opinion pieces in the press and in normative academic literature. If we don’t “get it right,” then consumers won’t embrace the IoT and all of the wonderful commercial and societal benefits it portends.
This is false.
It’s a nice idea, imagining that concern for privacy and security will curtail or slow technological growth. But don’t believe it: the Internet of Things will develop whether or not privacy and security are addressed. Economic imperative and technology evolution will impel the IoT and its tremendous potential for increased monitoring forward, but citizen concern plays a minor role in operationalizing privacy. Certainly, popular discourse on the subject is important, but developers, designers, policy-makers and manufacturers are the key actors in embedding privacy architectures within new connected devices. Read more…
Four short links: 25 September 2015
Predicting Policing, Assaulting Advertising, Compliance Ratings, and $9 Computer
- Police Program Aims to Pinpoint Those Most Likely to Commit Crimes (NYT) — John S. Hollywood, a senior operations researcher at the RAND Corporation, said that in the limited number of studies undertaken to measure the efficacy of predictive policing, the improvement in forecasting crimes had been only 5% or 10% better than regular policing methods.
- Apple’s Assault on Advertising and Google (Calacanis) — Google wants to be proud of their legacy, and tricking people into clicking ads and selling our profiles to advertisers is an awesome business – but a horrible legacy for Larry and Sergey. Read beside the Bloomberg piece on click fraud and the future isn’t too rosy for advertising. If the ad bubble bursts, how much of the Web will it take with it?
- China Is Building The Mother Of All Reputation Systems To Monitor Citizen Behavior — The document talks about the “construction of credibility” — the ability to give and take away credits — across more than 30 areas of life, from energy saving to advertising.
- $9 Computer Hardware (Makezine) — open hardware project, with open source software. The board’s spec is a 1GHz R8 ARM processor with 512MB of RAM, 4GB of NAND storage, and Wi-Fi and Bluetooth built in.