ENTRIES TAGGED "web"
Rich Text Editing, Structural Visualisation, DDoS Protection, Realtime DDoS Map
- Sir Trevor — nice rich-text editing. Interesting how Markdown has become the way to store formatted text without storing HTML (and thus exposing the CSRF-inducing HTML-escaping stuckfastrophe).
- Slate for Excel — visualising spreadsheet structure. I’d be surprised if it took MSFT or Goog 30 days to acquire them.
- Project Shield — Google project to protect against DDoSes.
- Digital Attack Map — DDoS attacks going on around the world. (via Jim Stogdill)
Connecting Things, Eye Tracker, Retro Browser, Human Filter
- The Thing System — connects to Things in your home, whether those things are media players such as the Sonos or the Apple TV, your Nest thermostat, your INSTEON home control system, or your Philips Hue lightbulbs — whether your things are connected together via Wi-Fi, USB or Bluetooth Low Energy (BLE). The steward will find them and bring them together so they can talk to one another and perform magic.
- The Eye Tribe — $99 eye-tracker with SDK.
- Line Mode — CERN emulator for the original web client. I remember coding for this, and hacking new features into it. Roar says the dinosaur, in 80×24 pixelated glory.
- 2M Person Internet Filter — (BBC) China apparently employs 2 million people to read Weibo and other Internet content sites, to identify critical opinions. That’s 40% of my country’s population. Crikey.
Translation Glasses, Diagramming, Offline Gmail, and WTF Computation
- Instant Translator Glasses (ZDNet) — character recognition to do instant translating, and a UI that turns any flat surface into a touch-screen via a finger-ring sensor.
- draw.io — diagramming … In The Cloud!
- Airmail — Mac gmail client with offline mode that fails to suck.
- The Page-Fault Weird Machine: Lessons in Instruction-less Computation (Usenix) — video, audio, and text of a paper that’ll make your head hurt. We demonstrate a Turing-complete execution environment driven solely by the IA32 architecture’s interrupt handling and memory translation tables, in which the processor is trapped in a series of page faults and double faults, without ever successfully dispatching any instructions. LOLWUT?!
Google Code Analysis, Deep Learning, Front-End Workflow, and SICP in JS
- Steve Yegge on GROK (YouTube) — The Grok Project is an internal Google initiative to simplify the navigation and querying of very large program source repositories. We have designed and implemented a language-neutral, canonical representation for source code and compiler metadata. Our data production pipeline runs compiler clusters over all Google’s code and third-party code, extracting syntactic and semantic information. The data is then indexed and served to a wide variety of clients with specialized needs. The entire ecosystem is evolving into an extensible platform that permits languages, tools, clients and build systems to interoperate in well-defined, standardized protocols.
- Deep Learning for Semantic Analysis — When trained on the new treebank, this model outperforms all previous methods on several metrics. It pushes the state of the art in single sentence positive/negative classification from 80% up to 85.4%. The accuracy of predicting fine-grained sentiment labels for all phrases reaches 80.7%, an improvement of 9.7% over bag of features baselines. Lastly, it is the only model that can accurately capture the effect of contrastive conjunctions as well as negation and its scope at various tree levels for both positive and negative phrases.
- Fireshell — workflow tools and framework for front-end developers.
Insecure Hardware, Doc Database, Kids Programming, and Ad-Blocking AP
- Researchers Can Slip an Undetectable Trojan into Intel’s Ivy Bridge CPUs (Ars Technica) — The exploit works by severely reducing the amount of entropy the RNG normally uses, from 128 bits to 32 bits. The hack is similar to stacking a deck of cards during a game of Bridge. Keys generated with an altered chip would be so predictable an adversary could guess them with little time or effort required. The severely weakened RNG isn’t detected by any of the “Built-In Self-Tests” required for the P800-90 and FIPS 140-2 compliance certifications mandated by the National Institute of Standards and Technology.
- rethinkdb — open-source distributed JSON document database with a pleasant and powerful query language.
- Teach Kids Programming — a collection of resources. I start on Scratch much sooner, and 12+ definitely need the Arduino, but generally I agree with the things I recognise, and have a few to research …
- Raspberry Pi as Ad-Blocking Access Point (AdaFruit) — functionality sadly lacking from my off-the-shelf AP.
Verified Web, Verified Base64, Theorem Prover, and Fast Events in C
- Quark — a web browser with a formally-proven kernel.
- High-Assurance Base64 — formally verified C implementation of Base64.
- z3 — fast theorem prover from Microsoft Research.
- libphenom (GitHub) — Facebook’s open sourced eventing framework. (High-scalability, natch)
NSA Crypto, Web Traps, Learn by Doing, and Distributed Testing
- On the NSA — intelligent unpacking of what the NSA crypto-weakening allegations mean.
- Overview of the 2013 OWASP Top 10 — rundown of web evil to avoid. (via Ecryption)
- Easy 6502 — teaches 6502 assembler, with an emulator built into the book. This is what programming non-fiction books will look like in the future.
- Kochiku — distributing automated test suites for faster validation in continuous integration.
Big Diner, Fab Future, Browser Crypto, and STEM Crisis Questioned
- In Search of the Optimal Cheeseburger (Hilary Mason) — playing with NYC menu data. There are 5,247 cheeseburgers you can order in Manhattan. Her Ignite talk from Ignite NYC15.
- James Burke Predicting the Future — spoiler: massive disruption from nano-scale personal fabbing.
- The STEM Crisis is a Myth (IEEE Spectrum) — Every year U.S. schools grant more STEM degrees than there are available jobs. When you factor in H-1B visa holders, existing STEM degree holders, and the like, it’s hard to make a case that there’s a STEM labor shortage.
- MegaPWN (GitHub) — Your MEGA master key is supposed to be a secret, but MEGA or anyone else with access to your computer can easily find it without you noticing. Browser crypto is only as secure as the browser and the code it runs.
- When Smart Homes Get Hacked (Forbes) — Insteon’s flaw was worse in that it allowed access to any one via the Internet. The researchers could see the exposed systems online but weren’t comfortable poking around further. I was — but I was definitely nervous about it and made sure I had Insteon users’ permission before flickering their lights.
- A Stick Figure Guide to Advanced Encryption Standard (AES) — exactly what it says.