ENTRIES TAGGED "web"
Modern Security Ethics, Punk'd Chinese Cyberwarriors, Web Tracing, and Lightweight Server OS
- White Hat’s Dilemma (Google Docs) — amazeballs preso with lots of tough ethical questions for people in the computer field.
- Chinese Hacking Team Caught Taking Over Decoy Water Plant (MIT Tech Review) — Wilhoit went on to show evidence that other hacking groups besides APT1 intentionally seek out and compromise water plant systems. Between March and June this year, 12 honeypots deployed across eight different countries attracted 74 intentional attacks, 10 of which were sophisticated enough to wrest complete control of the dummy control system.
- Web Tracing Framework — Rich tools for instrumenting, analyzing, and visualizing web apps.
- CoreOS — Linux kernel + systemd. That’s about it. CoreOS has just enough bits to run containers, but does not ship a package manager itself. In fact, the root partition is completely read-only, to guarantee consistency and make updates reliable. Docker-compatible.
Transit and Peering, Quick Web Interfaces, Open Source Licensing, and RC Roach
- Why YouTube Buffers (ArsTechnica) — When asked if ISPs are degrading Netflix and YouTube traffic to steer users toward their own video services, Crawford told Ars that “the very powerful eyeball networks in the US (and particularly Comcast and Time Warner Cable) have ample incentive and ability to protect the IP services in which they have economic interests. Their real goal, however, is simpler and richer. They have enormous incentives to build a moat around their high-speed data networks and charge for entry because data is a very high-margin (north of 95 percent for the cable companies), addictive, utility product over which they have local monopoly control. They have told Wall Street they will do this. Yes, charging for entry serves the same purposes as discrimination in favor of their own VOD [video-on-demand], but it is a richer and blunter proposition for them.”
- Ink — MIT-licensed interface kit for quick development of web interfaces, simple to use and expand on.
- Licensing in a Post-Copyright World — This article is opening up a bit of the history of Open Source software licensing, how it seems to change and what we could do to improve it. Caught my eye: Oracle that relicensed Berkeley DB from BSD to APGLv3 [... effectively changing] the effective license for 106 other packages to AGPLv3 as well.
- RC Cockroaches (Vine) — video from Dale Dougherty of Backyard Brains Bluetooth RoboRoach. (via Dale Dougherty)
Security Sensor, Mobile Speed, Rate Limiting, and Self-Assembling Drone
- Canary (IndieGogo) — security sensor with video, motion, temperature, microphone, speaker, accelerometer, and smartphone remote control.
- Page Speed is Only The Beginning — 73% of mobile internet users say they’ve encountered Web pages that are too slow. A 1 second delay can result in a 7% reduction in conversions.
- Rate Limiting and Velocity Checking (Jeff Atwood) — I was shocked how little comprehensive information was out there on rate limiting and velocity checking for software developers, because they are your first and most important line of defense against a broad spectrum of possible attacks. It’s amazing how many attacks you can mitigate or even defeat by instituting basic rate limiting. (via Alex Dong)
- Self-Assembling Multicopter (DIY Drones) — The true accomplishment of this research is that there is not one robot in control – each unit in itself decides what actions to take to keep the group in the air in what’s known as Distributed Flight Array. (via Slashdot)
- Product Strategy Means Saying No — a resource for strength in saying ‘no’ to unplanned features and direction changes. My favourite illustration is for “but my cousin’s neighbour said”. Yes, this.
- git-imerge — incremental merge for git.
- The Paranoid #! Security Guide — Networked-Evil-Maid-Attacks (Attacker steals the actual SED and replaces it with another containing a tojanized OS. On bootup victim enters it’s password which is subsequently send to the attacker via network/local attacker hot-spot. Different method: Replacing a laptop with a similar model [at e.g. airport/hotel etc.] and the attacker’s phone# printed on the bottom of the machine. Victim boots up enters “wrong” password which is send to the attacker via network. Victim discovers that his laptop has been misplaced, calls attacker who now copies the content and gives the “misplaced” laptop back to the owner.)
Technical Bitcoin, Tracking News Flow, Science Advice, and Gov Web Sites
- 6 Technical Things I Learned About Bitcoin (Rusty Russell) — Anonymity is hard, but I was surprised to see blockchain.info’s page about my donation to Unfilter correctly geolocated to my home town! Perhaps it’s a fluke, but I was taken aback by how clear it was. Interesting collection of technical observations about the workings of Bitcoin.
- NIFTY: News Information Flow Tracking, Yay! — watch how news stories mutate and change over time. (via Stijn Debrouwere
- EO Wilson’s Advice for Future Scientists (NPR) — the ideal scientist thinks like a poet and works like a bookkeeper. (via Courtney Johnston)
- Healthcare.gov New Web Model for Government (The Atlantic) — The new site has been built in public for months, iteratively created on Github using cutting edge open-source technologies. Healthcare.gov is the rarest of birds: a next-generation website that also happens to be a .gov.
Model-Driven Configuration, 1,000 RSS Readers Bloom, JSON Query Language, and Doug Engelbart's Vision
- ansible — Model-driven configuration management, multi-node deployment/orchestration, and remote task execution system. Uses SSH by default, so no special software has to be installed on the nodes you manage. Ansible can be extended in any language.
- The Golden Age of RSS — One of the things I expected least to see in 2013 was that this year would mark the greatest flourishing of RSS reader applications in the decade since it first came to prominence on the web.
- JSONiq: the JSON Query Language — expressive and highly optimizable language to query and update NoSQL stores. It enables developers to leverage the same productive high-level language across a variety of NoSQL products. Implemented in Zorba, an Apache-licensed virtual machine for JSONiq and XQuery queries.
- Bret Victor on Doug Engelbart — If you attempt to make sense of Engelbart’s design by drawing correspondences to our present-day systems, you will miss the point, because our present-day systems do not embody Engelbart’s intent. Engelbart hated our present-day systems. Poetic, articulate, and bang on the money.
Microvideos for MIcrohelp, Organic Search, Probabilistic Programming, and Cluster Management
- How to Make Help Microvideos For Your Site (Alex Holovaty) — Instead of one monolithic video, we decided to make dozens of tiny, five-second videos separately demonstrating features.
- How Google is Killing Organic Search — 13% of the real estate is organic results in a search for “auto mechanic”, 7% for “italian restaurant”, 0% if searching on an iPhone where organic results are four page scrolls away. SEO Book did an extensive analysis of just how important the top left of the page, previously occupied by organic results actually is to visitors. That portion of the page is now all Google. (via Alex Dong)
- Church — probabilistic programming language from MIT, with tutorials. (via Edd Dumbill)
- mesos — a cluster manager that provides efficient resource isolation and sharing across distributed applications, or frameworks. It can run Hadoop, MPI, Hypertable, Spark (a new framework for low-latency interactive and iterative jobs), and other applications. Mesos is open source in the Apache Incubator. (via Ben Lorica)
Cloud IDE, Magic Headlights, Policy Simulator, Anti-OCR Font
- nitrous.io — IDE “in the cloud”, as “the kids” say.
- smartHeadlight — headlight that tracks raindrops and doesn’t send out light to reflect off them back into your eyes causing you to clutch your head and veer off the road into the parking lot of a Hooters to which your wife will NOT enjoy being called to tow your VERY SORRY HONEY ass home. Thank heavens science can save us from this awful hypothetical scenario. (via Greg Linden)
- Knight Funds outline.io — it’s a public policy simulator that helps people visualize the impact that public policies like health care reform and school budget changes might have on local economies and communities. Simulators are hugely underused way to get public to understand policy debate. (via Julie Starr)
- ZXX Font — designed to be hard to OCR, though a common trick makes it pervious to OCR. Secrecy is not an option on your font menu. (via Beta Knowledge)
Backbone Stack, Automating Card Games, Ozzie on PRISM, and Stuff that Matters
- Our Backbone Stack (Pamela Fox) — fascinating glimpse into the tech used and why.
- Automating Card Games Using OpenCV and Python — My vision for an automated version of the game was simple. Players sit across a table on which the cards are laid out. My program would take a picture of the cards and recognize them. It would then generate valid expression that yielded 24, and then project the answer on to the table.
- Ray Ozzie on PRISM — posted on Hacker News (!). In particular, in this world where “SaaS” and “software eats everything” and “cloud computing” and “big data” are inevitable and already pervasive, it pains me to see how 3rd Party Doctrine may now already be being leveraged to effectively gut the intent of U.S. citizens’ Fourth Amendment rights. Don’t we need a common-sense refresh to the wording of our laws and potentially our constitution as it pertains to how we now rely upon 3rd parties? It makes zero sense in a “services age” where granting third parties limited rights to our private information is so basic and fundamental to how we think, work, conduct and enjoy life. (via Alex Dong)
- Larry Brilliant’s Commencement Speech (HufPo) — speaking to med grads, he’s full of purpose and vision and meaning for their lives. His story is amazing. I wish more CS grads were inspired to work on stuff that matters, and cautioned about adding their great minds to the legion trying to solve the problem of connecting you with brands you love.
In-Browser p2p, Thinking About The Future, Disruptive Tech, and Crowdsourcing Transcription
- ShareFest — peer-to-peer file sharing in the browser. Source on GitHub. (via Andy Baio)
- Media for Thinking the Unthinkable (Bret Victor) — “Right now, today, we can’t see the thing, at all, that’s going to be the most important 100 years from now.” We cannot see the thing. At all. But whatever that thing is — people will have to think it. And we can, right now, today, prepare powerful ways of thinking for these people. We can build the tools that make it possible to think that thing. (via Matt Jones)
- McKinsey Report on Disruptive Technologies (McKinsey) — the list: Mobile Internet; Automation of knowledge work; Internet of Things; Cloud technology; Advanced Robotics; Autonomous and near-autonomous vehicles; Next-generation genomics; Energy storage; 3D Printing; Advanced Materials; Advanced Oil and Gas exploration and recovery; Renewable energy.
- The Only Public Transcript of the Bradley Manning Trial Will be Produced on a Crowd-Funded Typewriter — [t]he fact that a volunteer stenographer is providing the only comprehensive source of information about such a monumental event is pretty absurd.