"web" entries

Four short links: 17 December 2014

Four short links: 17 December 2014

Security Stick, Spyware Toy, Bezos Time, and Popular JavaScript

  1. USB Armory — another Linux-on-a-stick, but this one has some nifty dimensions and security applications in mind.
  2. Who’s the Boss?The Elf on the Shelf essentially teaches the child to accept an external form of non-familial surveillance in the home when the elf becomes the source of power and judgment, based on a set of rules attributable to Santa Claus. Excellent deconstruction of ludic malware. (via Washington Post)
  3. Bezos on Time (Business Insider) — Where you are going to spend your time and your energy is one of the most important decisions you get to make in life. We all have a limited amount of time, and where you spend it and how you spend it is just an incredibly levered way to think about the world. This (he says at 9 p.m. in the office, in a different city from his family!).
  4. libscore — popularity of JavaScript scripts and libraries in the top million sites. But remember, just because all the cool kids do it doesn’t make right for you. (via Medium)
Comment
Four short links: 16 December 2014

Four short links: 16 December 2014

Memory Management, Stream Processing, Robot's Google, and Emotive Words

  1. Effectively Managing Memory at Gmail Scale — how they gathered data, how Javascript memory management works, and what they did to nail down leaks.
  2. tigonan open-source, real-time, low-latency, high-throughput stream processing framework.
  3. Robo Brain — machine knowledge of the real world for robots. (via MIT Technology Review)
  4. The Structure and Interpretation of the Computer Science Curriculum — convincing argument for teaching intro to programming with Scheme, but not using the classic text SICP.

Update: the original fourth link to Depeche Mood led only to a README on GitHub; we’ve replaced it with a new link.

Comments: 5
Four short links: 11 December 2014

Four short links: 11 December 2014

Crowdsourcing Framework, Data Team Culture, Everybody Scrolls, and Honeypot Data

  1. Hive — open source crowdsourcing framework from NYT Labs.
  2. Prezi Data Team Culture — good docs on logging, metrics, etc. The vision is a great place to start.
  3. Scroll Behaviour Across the Web (Chartbeat) — nobody reads above the fold, they immediately scroll.
  4. threat_research (github) — shared raw data and stats from honeypots.
Comment
Four short links: 10 December 2014

Four short links: 10 December 2014

Clearing Tor, Offline Cookbook, Burning Great Things, and Batch Pipelines

  1. Clearing the Air Around Tor (Quinn Norton) — Occasionally the stars align between spooks and activists and governments and anarchists. Tor, like a road system or a telephone network or many pieces of public infrastructure, is useful to all of these people and more (hence the debate on child pornographers and drug markets) because it’s just such a general architecture of encryption. The FBI may want Tor to be broken, but I promise any spies who are counting on it for mission and life don’t.
  2. Offline Cookbook — how Chrome intends to solve the offline problem in general. I hope it works and takes off because offline is the bane of this webapp-user’s life.
  3. The Pirate Bay, Down Forever?As a big fan of the KLF I once learned that it’s great to burn great things up. At least then you can quit while you’re on top.
  4. Luigi (Github) — a Python module that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, etc. It also comes with Hadoop support built in. (via Asana engineering blog)

Comment
Four short links: 2 December 2014

Four short links: 2 December 2014

e-Paper Watch, Probabilistic Go, Z-Machine in Hardware, and Glorious Underlines

  1. FES Watch — e-paper watch, including strap. Beautiful, crowdfunded, made by a Sony subsidiary that’s looking at e-ink for wearables and more. (via The Verge)
  2. Probabilistic Data Structures for Go — introduction to the go-probably library for when you can’t store every single value, so will trade off memory usage against accuracy.
  3. Z3 — implementation of the Infocom Z-Machine in hardware. Check out the easter eggs. I look upon my works and despair.
  4. Towards a More Perfect Link Underline — glorious typography on the web. A phrase you don’t often hear together without “would be a nice thing” at the end of the sentence.
Comment
Four short links: 27 November 2014

Four short links: 27 November 2014

Scalable Infrastructure, Lens Tech, Javascript Frameworks, and Morality Valley

  1. Stumbleupon’s Big Data Architecture Using Open Source Software (PDF) — not just the list of tools but the functions they implement. Useful!
  2. Innovega — making a contact lens with a tiny bump that acts as a microscope for content shown in glasses. That description, and this link via MIT Technology Review)
  3. How to Pick a Front-End Framework — not unreasonable opinions, largely useful.
  4. [Silicon Valley] Bedevilled by Moral Issues (NYT, registerwall) — given that Silicon Valley tends to copy and paste the mantra, “we’re making the world a better place,” it seem reasonable to expect that tech companies would hold themselves to a higher ethical standard.
Comment
Four short links: 26 November 2014

Four short links: 26 November 2014

Metastable Failures, Static Python Analysis, Material Desktop, and AWS Scale Numbers

  1. Metastable Failure State (Facebook) — very nice story about working together to discover the cause of one of those persistently weird problems.
  2. Bandit — static security analysis of Python code.
  3. Quantum OS — Linux desktop based on Google’s Material Design. UI guidelines fascinate me: users love consistency, designers and brands hate that everything works the same.
  4. Inside AWSEvery day, AWS installs enough server infrastructure to host the entire Amazon e-tailing business from back in 2004, when Amazon the retailer was one-tenth its current size at $7 billion in annual revenue. “What has changed in the last year,” Hamilton asked rhetorically, and then quipped: “We have done it 365 more times.” That is another way of saying that in the past year AWS has added enough capacity to support a $2.55 trillion online retailing operation, should one ever be allowed to exist.
Comment
Four short links: 25 November 2014

Four short links: 25 November 2014

NSA Playset, Open Access, XSS Framework, and Security Test Cases

  1. Michael Ossman and the NSA Playset — the guy who read the leaked descriptions of the NSA’s toolchest, built them, and open sourced the designs. One device, dubbed TWILIGHTVEGETABLE, is a knock off of an NSA-built GSM cell phone that’s designed to sniff and monitor Internet traffic. The ANT catalog lists it for $15,000; the NSA Playset researchers built one using a USB flash drive, a cheap SDR, and an antenna, for about $50. The most expensive device, a drone that spies on WiFi traffic called PORCUPINEMASQUERADE, costs about $600 to assemble. At Defcon, a complete NSA Playset toolkit was auctioned by the EFF for $2,250.
  2. Gates Foundation Announces World’s Strongest Policy on Open Access Research (Nature) — Once made open, papers must be published under a license that legally allows unrestricted re-use — including for commercial purposes. This might include ‘mining’ the text with computer software to draw conclusions and mix it with other work, distributing translations of the text, or selling republished versions. CC-BY! We believe that published research resulting from our funding should be promptly and broadly disseminated.
  3. Xenotixan advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 4700+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. Xenotix Scripting Engine allows you to create custom test cases and addons over the Xenotix API. It is incorporated with a feature-rich Information Gathering module for target Reconnaissance. The Exploit Framework includes offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
  4. Firing Range — Google’s open source set of web security test cases for scanners.
Comment
Four short links: 12 November 2014

Four short links: 12 November 2014

Material Design, Inflatable Robots, Printable Awesome, and Graph Modelling

  1. CSS and React to Implement Material Design — as I said earlier, it will be interesting to see if Material Design becomes a common UI style for the web.
  2. Current State of Inflatable Robots — I’d missed the amazing steps forward in control that were made in pneumatic robots. Check out the OtherLab tentacle!
  3. Dinosaur Skull Showerhead — 3D-printable add-on to your shower. (via Archie McPhee)
  4. Data Modelling in Graph Databases — how to build the graph structure by working back from the questions you’ll ask of it.
Comment
Four short links: 6 November 2014

Four short links: 6 November 2014

Javascript Testing, Dark Data, Webapp Design, and Design Trumps Data

  1. Karma — kick-ass open source Javascript test environment.
  2. The Dark Market for Personal Data (NYTimes) — can buy lists of victims of sexual assault, of impulse buyers, of people with sexually transmitted disease, etc. The cost of a false-positive when those lists are used for marketing is less than the cost of false-positive when banks use the lists to decide whether you’re a credit risk. The lists fall between the cracks in privacy legislation; essentially, the compilation and use of lists of people are unregulated territory.
  3. 7 Principles of Rich Web Applications — “rich web applications” sounds like 2007 wants its ideas back, but the content is modern and useful. Predict behaviour for negative latency.
  4. Collaborative Filtering at LinkedIn (PDF) — This paper presents LinkedIn’s horizontal collaborative filtering infrastructure, known as browsemaps. Great lessons learned, including context and presentation of browsemaps or any recommendation is paramount for a truly relevant user experience. That is, design and presentation represents the largest ROI, with data engineering being a second, and algorithms last. (via Greg Linden)
Comment