- Reducing the Roots of Some Evil (Etsy) — Based on our first two months of data we have removed a number of unused CA certificates from some pilot systems to test the effects, and will run CAWatch for a full six months to build up a more comprehensive view of what CAs are in active use. Sign of how broken the CA system for SSL is. (via Alex Dong)
- Mind the Brain — PLOS podcast interviews Sci Foo alum and delicious neuroscience brain of awesome, Vaughan Bell. (via Fabiana Kubke)
- How Often are Ineffective Interventions Still Used in Practice? (PLOSone) — tl;dr: 8% of the time. Imagine the number if you asked how often ineffective software development practices are still used.
- Announcing Evan’s Awesome A/B Tools — I am calling these tools awesome because they are intuitive, visual, and easy-to-use. Unlike other online statistical calculators you’ve probably seen, they’ll help you understand what’s going on “under the hood” of common statistical tests, and by providing ample visual context, they make it easy for you to explain p-values and confidence intervals to your boss. (And they’re free!)
ENTRIES TAGGED "ssl"
Distrusting CA Certs, Brain Talk, Ineffective Interventions, and Visual A/B Tools
Elective Dickery, Probabilistic Data Analysis, Data Cleaning, and SSL Security
- Punting on SxSW (Brad Feld) — I came across this old post and thought: if you can make money by being a dick, or make money by being a caring family person, why would you choose to be a dick? As far as I can tell, being a dick is optional. Brogrammers, take note. Be more like Brad Feld, who prioritises his family and acts accordingly.
- Probabilistic Structures for Data Mining — readable introduction to useful algorithms and datastructures showing their performance, reliability, and resources trade-off. (via Hacker News)
- Many HTTPS Servers are Insecure — 75% still vulnerable to the BEAST attack.
My friend Ben Black just released TLS Report, a free (ad-supported) tool that evaluates SSL/TLS configurations across websites and assigns letter grades. In the example below, Facebook gets a D because it accepts several keys that are below 128-bits and relies on MD5: Ben explains: Cryptography is arcane and complex. Cryptography is also the basis for the various protocols that…