ENTRIES TAGGED "web"
Fanout Architectures, In-Browser Emulation, Paean to Programmability, and Social Hardware
- Achieving Rapid Response Times in Large Online Services (PDF) — slides from a talk by Jeff Dean on fanout architectures. (via Alex Dong)
- Go Ahead, Mess with Texas Instruments (The Atlantic) — School typically assumes that answers fall neatly into categories of “right” and “wrong.” As a conventional tool for computing “right” answers, calculators often legitimize this idea; the calculator solves problems, gives answers. But once an endorsed, conventional calculator becomes a subversive, programmable computer it destabilizes this polarity. Programming undermines the distinction between “right” and “wrong” by emphasizing the fluidity between the two. In programming, there is no “right” answer. Sure, a program might not compile or run, but making it offers multiple pathways to success, many of which are only discovered through a series of generative failures. Programming does not reify “rightness;” instead, it orients the programmer toward intentional reading, debugging, and refining of language to ensure clarity.
- When A Spouse Puts On Google Glass (NY Times) — Google Glass made me realize how comparably social mobile phones are. [...] People gather around phones to watch YouTube videos or look at a funny tweet together or jointly analyze a text from a friend. With Glass, there was no such sharing.
Autocomplete, Tor Security, News Glitches, Moz Persona
- Tor Users Get Routed (PDF) — research into the security of Tor, with some of its creators as authors. Our results show that Tor users are far more susceptible to compromise than indicated by prior work.
- Glitch News — screencaps from glitches in video news.
- FC4: Persona (Tim Bray) — Mozilla Persona, reminds us just because you’re using a protocol that allows tracking avoidance, that doesn’t mean you’ll get it.
Flexible Layouts, Web Components, Distributed SQL Database, and Reverse-Engineering Dropbox Client
- intention.js — manipulates the DOM via HTML attributes. The methods for manipulation are placed with the elements themselves, so flexible layouts don’t seem so abstract and messy.
- F1: A Distributed SQL Database That Scales — a distributed relational database system built at Google to support the AdWords business. F1 is a hybrid database that combines high availability, the scalability of NoSQL systems like Bigtable, and the consistency and usability of traditional SQL databases. F1 is built on Spanner, which provides synchronous cross-datacenter replication and strong consistency. Synchronous replication implies higher commit latency, but we mitigate that latency by using a hierarchical schema model with structured data types and through smart application design. F1 also includes a fully functional distributed SQL query engine and automatic change tracking and publishing.
- Looking Inside The (Drop)Box (PDF) — This paper presents new and generic techniques, to reverse engineer frozen Python applications, which are not limited to just the Dropbox world. We describe a method to bypass Dropbox’s two factor authentication and hijack Dropbox accounts. Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented. (via Tech Republic)
Web Broken, Android Ads, Password Cracking, and Adobe Brackets
- Bomb in the Garden (Matthew Butterick) — design excellence is inhibited by two structural flaws in the web. First flaw: the web is good at making information free, but terrible at making it expensive. So the web has had to rely largely on an advertising economy, which is weakening under the strain. Second flaw: the process of adopting and enforcing web standards, as led by the W3C, is hopelessly broken. (via Alex Dong)
- Google’s New Play Store Policies on Ads (The Next Web) — the walls of civilisation holding back the hordes of assclowns. Imagine the behaviour responsible for each of these restrictions.
- Inside Password Cracking (Wired) — how pros go about cracking your password once they have the encrypted hash. (And gosh, how those “but I used numbers and symbols!” passwords fall)
- Brackets (Github) — open source web code editor by Adobe.
- Peruvian Archaeologists Use Drones (Guardian) — Small drones have been helping a growing number of researchers produce three-dimensional models of Peruvian sites instead of the usual flat maps – and in days and weeks instead of months and years.
- Drone Crashes Into Crowd at Great Bull Run (WTVR) — just what it says. (via DIY Drones)
- Let’s Make Robots: BoB — instructions on building a bipedal robot. (via Makezine)
Modern Security Ethics, Punk'd Chinese Cyberwarriors, Web Tracing, and Lightweight Server OS
- White Hat’s Dilemma (Google Docs) — amazeballs preso with lots of tough ethical questions for people in the computer field.
- Chinese Hacking Team Caught Taking Over Decoy Water Plant (MIT Tech Review) — Wilhoit went on to show evidence that other hacking groups besides APT1 intentionally seek out and compromise water plant systems. Between March and June this year, 12 honeypots deployed across eight different countries attracted 74 intentional attacks, 10 of which were sophisticated enough to wrest complete control of the dummy control system.
- Web Tracing Framework — Rich tools for instrumenting, analyzing, and visualizing web apps.
- CoreOS — Linux kernel + systemd. That’s about it. CoreOS has just enough bits to run containers, but does not ship a package manager itself. In fact, the root partition is completely read-only, to guarantee consistency and make updates reliable. Docker-compatible.
Transit and Peering, Quick Web Interfaces, Open Source Licensing, and RC Roach
- Why YouTube Buffers (ArsTechnica) — When asked if ISPs are degrading Netflix and YouTube traffic to steer users toward their own video services, Crawford told Ars that “the very powerful eyeball networks in the US (and particularly Comcast and Time Warner Cable) have ample incentive and ability to protect the IP services in which they have economic interests. Their real goal, however, is simpler and richer. They have enormous incentives to build a moat around their high-speed data networks and charge for entry because data is a very high-margin (north of 95 percent for the cable companies), addictive, utility product over which they have local monopoly control. They have told Wall Street they will do this. Yes, charging for entry serves the same purposes as discrimination in favor of their own VOD [video-on-demand], but it is a richer and blunter proposition for them.”
- Ink — MIT-licensed interface kit for quick development of web interfaces, simple to use and expand on.
- Licensing in a Post-Copyright World — This article is opening up a bit of the history of Open Source software licensing, how it seems to change and what we could do to improve it. Caught my eye: Oracle that relicensed Berkeley DB from BSD to APGLv3 [... effectively changing] the effective license for 106 other packages to AGPLv3 as well.
- RC Cockroaches (Vine) — video from Dale Dougherty of Backyard Brains Bluetooth RoboRoach. (via Dale Dougherty)
Security Sensor, Mobile Speed, Rate Limiting, and Self-Assembling Drone
- Canary (IndieGogo) — security sensor with video, motion, temperature, microphone, speaker, accelerometer, and smartphone remote control.
- Page Speed is Only The Beginning — 73% of mobile internet users say they’ve encountered Web pages that are too slow. A 1 second delay can result in a 7% reduction in conversions.
- Rate Limiting and Velocity Checking (Jeff Atwood) — I was shocked how little comprehensive information was out there on rate limiting and velocity checking for software developers, because they are your first and most important line of defense against a broad spectrum of possible attacks. It’s amazing how many attacks you can mitigate or even defeat by instituting basic rate limiting. (via Alex Dong)
- Self-Assembling Multicopter (DIY Drones) — The true accomplishment of this research is that there is not one robot in control – each unit in itself decides what actions to take to keep the group in the air in what’s known as Distributed Flight Array. (via Slashdot)
- Product Strategy Means Saying No — a resource for strength in saying ‘no’ to unplanned features and direction changes. My favourite illustration is for “but my cousin’s neighbour said”. Yes, this.
- git-imerge — incremental merge for git.
- The Paranoid #! Security Guide — Networked-Evil-Maid-Attacks (Attacker steals the actual SED and replaces it with another containing a tojanized OS. On bootup victim enters it’s password which is subsequently send to the attacker via network/local attacker hot-spot. Different method: Replacing a laptop with a similar model [at e.g. airport/hotel etc.] and the attacker’s phone# printed on the bottom of the machine. Victim boots up enters “wrong” password which is send to the attacker via network. Victim discovers that his laptop has been misplaced, calls attacker who now copies the content and gives the “misplaced” laptop back to the owner.)
Technical Bitcoin, Tracking News Flow, Science Advice, and Gov Web Sites
- 6 Technical Things I Learned About Bitcoin (Rusty Russell) — Anonymity is hard, but I was surprised to see blockchain.info’s page about my donation to Unfilter correctly geolocated to my home town! Perhaps it’s a fluke, but I was taken aback by how clear it was. Interesting collection of technical observations about the workings of Bitcoin.
- NIFTY: News Information Flow Tracking, Yay! — watch how news stories mutate and change over time. (via Stijn Debrouwere
- EO Wilson’s Advice for Future Scientists (NPR) — the ideal scientist thinks like a poet and works like a bookkeeper. (via Courtney Johnston)
- Healthcare.gov New Web Model for Government (The Atlantic) — The new site has been built in public for months, iteratively created on Github using cutting edge open-source technologies. Healthcare.gov is the rarest of birds: a next-generation website that also happens to be a .gov.