4878
Don Norman on "Human Error", RISKS Digest Volume 23 Issue 07 2003
It is far too easy to blame people when systems fail. The result is that
over 75% of all accidents are blamed on human error. Wake up people! When
the percentage is that high, it is a signal that something else is at fault
-- namely, the systems are poorly designed from a human point of view. As I
have said many times before (even within these RISKS mailings), if a valve
failed 75% of the time, would you get angry with the valve and simply
continual to replace it? No, you might reconsider the design specs. You would
try to figure out why the valve failed and solve the root cause of the
problem. Maybe it is underspecified, maybe there shouldn't be a valve there,
maybe some change needs to be made in the systems that feed into the valve.
Whatever the cause, you would find it and fix it. The same philosophy must
apply to people.
don-norman  ux  ui  human-interface  human-error  errors  risks  comp.risks  failures 
16 hours ago
Shanzhai 山寨 China & its Contents
As he drinks Sino-coffee for around RMB 10, Comrade X might well be wearing the latest ‘ZARE’ couture while watching the TV news streaming on his HiPhone.[2] Back in Guangdong, his girlfriend — a sales consultant at a small stall in one of Shenzhen’s many wholesale electronics markets — sports a ‘high-end replica’ 高仿 Louis Vuitton bag and makes a living selling ‘domestically produced’ 国产 and ‘smuggled’ 水货 smartphones. The imitation products that festoon the couple’s lives are part of ‘shanzhai 山寨 China’.

Shanzhai, the word means roughly ‘mass-produced imitation goods’, has created a Chinese landscape that is littered with products derided by the media, Chinese and international, as ‘copycat’, ‘guerrilla counterfeits’ and ‘knockoffs’, all the work of thieves.[3] Those who feel that their intellectual property and copyright has been infringed by shanzhai producers describe the products as ‘rubbish’, ‘piracy in disguise’ and ‘hooligan’.[4] Regardless of such righteous outrage, shanzhai — the producers, the products and the mentality — continues to flourish as an essential, quasi-legitimate shadow dimension of the Chinese economy. And, in practical terms, shanzhai products give disenfranchised ‘non-consumers’ of the orthodox economy — that is, people who would like to own but can’t afford the ‘original’ products — cut-price access to high-end technologies, as well as offering aspirational shoppers consumer satisfaction.
shanzai  china  fakes  consumerism  hiphone  smartphones  copycat  knockoffs  imitation  consumption 
19 hours ago
Do algorithms reveal sexual orientation or just expose our stereotypes?
'A study claiming that artificial intelligence can infer sexual orientation from facial images caused a media uproar in the Fall of 2017. [...] Michal Kosinski, who co-authored the study with fellow researcher Yilun Wang, initially expressed surprise, calling the critiques “knee-jerk” reactions. However, he then proceeded to make even bolder claims: that such AI algorithms will soon be able to measure the intelligence, political orientation, and criminal inclinations of people from their facial images alone.'

'In [this paper], we have shown how the obvious differences between lesbian or gay and straight faces in selfies relate to grooming, presentation, and lifestyle  —  that is, differences in culture, not in facial structure. [...] We’ve demonstrated that just a handful of yes/no questions about these variables can do nearly as good a job at guessing orientation as supposedly sophisticated facial recognition AI. Therefore — at least at this point — it’s hard to credit the notion that this AI is in some way superhuman at “outing” us based on subtle but unalterable details of our facial structure.'
culture  facial-recognition  ai  papers  facial-structure  sexual-orientation  lgbt  computer-vision 
20 hours ago
The Death of Microservice Madness in 2018
Quite a good set of potential gotchas, which I've run into myself, including:

'Real world systems often have poorly defined boundaries'
'The complexities of state are often ignored'
'The complexitities of communication are often ignored'
'Versioning can be hard'
'Microservices can be monoliths in disguise'
architecture  devops  microservices  services  soa  coding  monoliths  state  systems 
20 hours ago
The likely user interface which led to Hawaii's false-alarm incoming-ballistic-missile alert on Saturday 2018-01-13
@supersat on Twitter:

"In case you're curious what Hawaii's EAS/WEA interface looks like, I believe it's similar to this. Hypothesis: they test their EAS authorization codes at the beginning of each shift and selected the wrong option."

This is absolutely classic enterprisey, government-standard web UX -- a dropdown template selection and an easily-misclicked pair of tickboxes to choose test or live mode.
testing  ux  user-interfaces  fail  eas  hawaii  false-alarms  alerts  nuclear  early-warning  human-error 
20 hours ago
‘It Can’t Be True.’ Inside the Semiconductor Industry’s Meltdown
“Our first priority has been to have a complete mitigation in place,” said Intel’s Parker. “We’ve delivered a solution.” Some in the cybersecurity community aren’t so sure. Kocher, who helped discover Spectre, thinks this is just the beginning of the industry’s woes. Now that new ways to exploit chips have been exposed, there’ll be more variations and more flaws that will require more patches and mitigation.
"This is just like peeling the lid off the can of worms," he said.
meltdown  spectre  speculative-execution  security  exploits  intel  amd  cpus 
yesterday
Brain Cells Share Information With Virus-Like Capsules - The Atlantic
...a gene called Arc which is active in neurons, and plays a vital role in the brain. A mouse that’s born without Arc can’t learn or form new long-term memories. If it finds some cheese in a maze, it will have completely forgotten the right route the next day. “They can’t seem to respond or adapt to changes in their environment,” says Shepherd, who works at the University of Utah, and has been studying Arc for years. “Arc is really key to transducing the information from those experiences into changes in the brain.”

Despite its importance, Arc has been a very difficult gene to study. Scientists often work out what unusual genes do by comparing them to familiar ones with similar features—but Arc is one-of-a-kind. Other mammals have their own versions of Arc, as do birds, reptiles, and amphibians. But in each animal, Arc seems utterly unique—there’s no other gene quite like it. And Shepherd learned why when his team isolated the proteins that are made by Arc, and looked at them under a powerful microscope.

He saw that these Arc proteins assemble into hollow, spherical shells that look uncannily like viruses. “When we looked at them, we thought: What are these things?” says Shepherd. They reminded him of textbook pictures of HIV, and when he showed the images to HIV experts, they confirmed his suspicions. That, to put it bluntly, was a huge surprise. “Here was a brain gene that makes something that looks like a virus,” Shepherd says.

That’s not a coincidence. The team showed that Arc descends from an ancient group of genes called gypsy retrotransposons, which exist in the genomes of various animals, but can behave like their own independent entities.* They can make new copies of themselves, and paste those duplicates elsewhere in their host genomes. At some point, some of these genes gained the ability to enclose themselves in a shell of proteins and leave their host cells entirely. That was the origin of retroviruses—the virus family that includes HIV.
brain  evolution  retroviruses  viruses  genes  arc  gag  proteins  memory  biology 
3 days ago
google/highwayhash: Fast strong hash functions: SipHash/HighwayHash
HighwayHash: 'We have devised a new way of mixing inputs with AVX2 multiply and permute instructions. The multiplications are 32x32 -> 64 bits and therefore infeasible to reverse. Permuting equalizes the distribution of the resulting bytes. The internal state occupies four 256-bit AVX2 registers. Due to limitations of the instruction set, the registers are partitioned into two 512-bit halves that remain independent until the reduce phase. The algorithm outputs 64 bit digests or up to 256 bits at no extra cost. In addition to high throughput, the algorithm is designed for low finalization cost. The result is more than twice as fast as SipTreeHash.

We also provide an SSE4.1 version (80% as fast for large inputs and 95% as fast for short inputs), an implementation for VSX on POWER and a portable version (10% as fast). A third-party ARM implementation is referenced below.

Statistical analyses and preliminary cryptanalysis are given in https://arxiv.org/abs/1612.06257.'

(via Tony Finch)
siphash  highwayhash  via:fanf  hashing  hashes  algorithms  mac  google  hash 
3 days ago
The Stress of Remote Working – Martin De Wulf – Medium
There is a lot of good to say about remote working, and I see a lot of rabid defence of the practice. That said, I have been working remotely for a little more than 5 years now, and I now must acknowledge that it does not come without stress. This might come as a surprise for some, but in the end, I think that remote working has taken some toll on me over the last two years, especially when I went almost fully remote for a year.


I have to say, I agree with this 100% -- I spent a few years remote working full time, and by the end of it I was absolutely delighted to return to a mainly office-based job.
business  work  life  coding  teleworking  remote-work  stress  anxiety  mental-health 
4 days ago
[1801.02780] Rogue Signs: Deceiving Traffic Sign Recognition with Malicious Ads and Logos
Well, so much for that idea.
We propose a new real-world attack against the computer vision based systems of autonomous vehicles (AVs). Our novel Sign Embedding attack exploits the concept of adversarial examples to modify innocuous signs and advertisements in the environment such that they are classified as the adversary's desired traffic sign with high confidence. Our attack greatly expands the scope of the threat posed to AVs since adversaries are no longer restricted to just modifying existing traffic signs as in previous work. Our attack pipeline generates adversarial samples which are robust to the environmental conditions and noisy image transformations present in the physical world. We ensure this by including a variety of possible image transformations in the optimization problem used to generate adversarial samples. We verify the robustness of the adversarial samples by printing them out and carrying out drive-by tests simulating the conditions under which image capture would occur in a real-world scenario. We experimented with physical attack samples for different distances, lighting conditions, and camera angles. In addition, extensive evaluations were carried out in the virtual setting for a variety of image transformations. The adversarial samples generated using our method have adversarial success rates in excess of 95% in the physical as well as virtual settings.
signs  road-safety  roads  traffic  self-driving-cars  cars  avs  security  machine-learning  computer-vision  ai 
4 days ago
Collision Course: Why This Type Of Road Junction Will Keep Killing Cyclists
This aspect of road design had never occurred to me, but once explained it makes sense. Great article on the design of an oblique crossroads junction and how it's unexpectedly dangerous due to human factors and car design.
“Human error” may be real, but so are techniques to mitigate or eliminate its effects — and driver training is poor when it comes to equipping people with those techniques, let alone habituating them. (And let alone reviewing knowledge of those techniques every few years.)
cars  cycling  road-safety  safety  accidents  traffic  junctions  road-design  design  human-error  human-factors 
5 days ago
Post-apocalyptic life in American health care
My god, this is so dysfunctional.

'I observe that American health care organizations can no longer operate systematically, so participants are forced to act in the communal mode, as if in the pre-modern world.
Health care is one leading edge of a general breakdown in systematicity — while, at the same time, employing sophisticated systematic technologies.
For complex health care problems, I recommend hiring a consultant to provide administrative (not medical!) guidance.'

via Craig.
bureaucracy  healthcare  health  systems  us-politics  insurance  medicine  dysfunctional  fail  fiasco  via:craig 
6 days ago
Random with care
Some tips about RNGs and their usage

(via Tony Finch)
coding  random  math  rngs  prngs  statistics  distributions 
10 days ago
Aadhaar’s Dirty Secret Is Out, Anyone Can Be Added as a Data Admin
If you think your Aadhaar data is only in the hands of those authorised to access the official [Indian national] Aadhaar database, think again. Following up on an investigation by The Tribune, The Quint found that completely random people like you and me, with no official credentials, can access and become admins of the official Aadhaar database (with names, mobile numbers, addresses of every Indian linked to the UIDAI scheme). But that’s not even the worst part. Once you are an admin, you can make ANYONE YOU CHOOSE an admin of the portal. You could be an Indian, you could be a foreign national, none of it matters – the Aadhaar database won’t ask. A person of your choosing would then have access to the data of all 119,22,59,062 Aadhaar cardholders.
aadhaar  security  fail  vulnerabilities  privacy 
11 days ago
Notes from the Intelpocalypse [LWN.net]
What emerges is a picture of unintended processor functionality that can be exploited to leak arbitrary information from the kernel, and perhaps from other guests in a virtualized setting. If these vulnerabilities are already known to some attackers, they could have been using them to attack cloud providers for some time now. It seems fair to say that this is one of the most severe vulnerabilities to surface in some time.

The fact that it is based in hardware makes things significantly worse. We will all be paying the performance penalties associated with working around these problems for the indefinite future. For the owners of vast numbers of systems that cannot be updated, the consequences will be worse: they will remain vulnerable to a set of vulnerabilities with known exploits. This is not a happy time for the computing industry.
hardware  cpus  intel  amd  spectre  meltdown  security 
11 days ago
These stickers make AI hallucinate things that aren’t there - The Verge
The sticker “allows attackers to create a physical-world attack without prior knowledge of the lighting conditions, camera angle, type of classifier being attacked, or even the other items within the scene.” So, after such an image is generated, it could be “distributed across the Internet for other attackers to print out and use.”

This is why many AI researchers are worried about how these methods might be used to attack systems like self-driving cars. Imagine a little patch you can stick onto the side of the motorway that makes your sedan think it sees a stop sign, or a sticker that stops you from being identified up by AI surveillance systems. “Even if humans are able to notice these patches, they may not understand the intent [and] instead view it as a form of art,” the researchers write.
self-driving  cars  ai  adversarial-classification  security  stickers  hacks  vision  surveillance  classification 
11 days ago
Nicole Perlroth's roundup on the Spectre and Meltdown security holes
Excellent roundup -- this really is amazingly bad news for CPU performance and fixability
meltdown  spectre  nicole-perlroth  security  cpu  performance  speculative-execution  intel  amd  arm 
11 days ago
SE Asia travel pro-tip from Naomi Wu
Naomi Wu on Twitter: "Honestly Saccharomyces boulardii solves the problem [of dodgy tummy] for most people, it's what I take when I travel to SE Asia"
food  diarrhoea  s-boulardii  bacterica  digestion  health  travel  se-asia  tips 
12 days ago
These experts figured out why so many bogus patents get approved | Ars Technica
A recent paper published by the Brookings Institution offers fascinating insights into this question. Written by legal scholars Michael Frakes and Melissa Wasserman, the paper identifies three ways the patent process encourages approval of low-quality patents:

The United States Patent and Trademark Office (USPTO) is funded by fees—and the agency gets more fees if it approves an application.

Unlimited opportunities to refile rejected applications means sometimes granting a patent is the only way to get rid of a persistent applicant.

Patent examiners are given less time to review patent applications as they gain seniority, leading to less thorough reviews.

None of these observations is entirely new. For example, we have covered the problems created by unlimited re-applications in the past. But what sets Frakes and Wasserman's work apart is that they have convincing empirical evidence for all three theories.

patents  uspto  swpats  brookings-institution  patenting  law 
12 days ago
The mysterious case of the Linux Page Table Isolation patches | Hacker News
good HN comments on the horrible security bug du jour -- Intel CPUs potentially allowing privileged data leaks cross-VM and cross-process
lpt  linux  vm  intel  cpus  security 
12 days ago
Webdoctor.ie
An online doctor appointment -- you fill out a questionnaire, are interviewed via VC, and receive any prescription you need. Recommended by devxda on the ITC slack
doctor  medicine  ireland  services  health 
12 days ago
Steven Bellovin on Bitcoin
When you engineer a system for deployment you build it to meet certain real-world goals. You may find that there are tradeoffs, and that you can't achieve all of your goals, but that's normal; as I've remarked, "engineering is the art of picking the right trade-off in an overconstrained environment". For any computer-based financial system, one crucial parameter is the transaction rate. For a system like Bitcoin, another goal had to be avoiding concentrations of power. And of course, there's transaction privacy.

There are less obvious factors, too. These days, "mining" for Bitcoins requires a lot of computations, which translates directly into electrical power consumption. One estimate is that the Bitcoin network uses up more electricity than many countries. There's also the question of governance: who makes decisions about how the network should operate? It's not a question that naturally occurs to most scientists and engineers, but production systems need some path for change.

In all of these, Bitcoin has failed. The failures weren't inevitable; there are solutions to these problems in the acdemic literature. But Bitcoin was deployed by enthusiasts who in essence let experimental code escape from a lab to the world, without thinking about the engineering issues—and now they're stuck with it. Perhaps another, better cryptocurrency can displace it, but it's always much harder to displace something that exists than to fill a vacuum.
steven-bellovin  bitcoin  tech  software  systems  engineering  deployment  cryptocurrency  cypherpunks 
14 days ago
RFC 2322: Management of IP numbers by peg-dhcp
This RFC describes a protocol to dynamically hand out ip-numbers on field networks and small events that don't necessarily have a clear organisational body.


ie. using clothes pegs!
pegs  dhcp  hacks  rfcs  hip97  hip  protocols  clothespegs 
24 days ago
Electric Vehicle Home Charger Grant
new SEAI grant for EV charger points; allows second-hand cars as well, from 2018 onwards
cars  driving  seai  grants  ireland  evs 
25 days ago
Google Maps’s Moat
pretty cool stuff from Google, has to be said
google  maps  apple  tom-tom  data  big-data  ml  mapping 
26 days ago
What Gamergate should have taught us about the 'alt-right'
Spot on, from a year ago:

Prominent critics of the Trump administration need to learn from Gamergate. They need to be prepared for abuse, for falsified concerns, invented grassroots campaigns designed specifically to break, belittle, or disgrace. Words and concepts will be twisted, repackaged and shared across forums, stripping them of meaning. Gamergate painted critics as censors, the far-right movement claims critics are the real racists.

Perhaps the true lesson of Gamergate was that the media is culturally unequipped to deal with the forces actively driving these online movements. The situation was horrifying enough two years ago, it is many times more dangerous now.
politics  fascism  gamergate  history  alt-right  milo  fake-news  propaganda  nazis  racism  misogyny 
27 days ago
High Volume Ingest
some design principles behind Circonus' time series data store
circonus  time-series  irondb  databases  storage  architecture  coding 
27 days ago
How Syria's White Helmets became victims of an online propaganda machine | World news | The Guardian
The way the Russian propaganda machine has targeted the White Helmets is a neat case study in the prevailing information wars. It exposes just how rumours, conspiracy theories and half-truths bubble to the top of YouTube, Google and Twitter search algorithms.

“This is the heart of Russian propaganda. In the old days they would try and portray the Soviet Union as a model society. Now it’s about confusing every issue with so many narratives that people can’t recognise the truth when they see it,” said David Patrikarakos, author of War in 140 Characters: How Social Media is Reshaping Conflict in the 21st Century.
propaganda  white-helmets  russia  disinfo  syria  facebook  assad  google  youtube  fud  algorithms 
27 days ago
The Real Danger To Civilization Isn’t AI. It’s Runaway Capitalism
The idea of superintelligence is such a poorly defined notion that one could envision it taking almost any form with equal justification: a benevolent genie that solves all the world’s problems, or a mathematician that spends all its time proving theorems so abstract that humans can’t even understand them. But when Silicon Valley tries to imagine superintelligence, what it comes up with is no-holds-barred capitalism.

[....] I realized that we are already surrounded by machines that demonstrate a complete lack of insight, we just call them corporations. Corporations don’t operate autonomously, of course, and the humans in charge of them are presumably capable of insight, but capitalism doesn’t reward them for using it. On the contrary, capitalism actively erodes this capacity in people by demanding that they replace their own judgment of what “good” means with “whatever the market decides.”
capitalism  silicon-valley  ai  superintelligence  future  ted-chiang  sf 
28 days ago
Checkup
'Simple uptime monitoring: distributed, self-hosted health checks and status pages' -- stores in S3
go  ops  monitoring  uptime  health-checks  status-pages  status  golang  s3 
28 days ago
extremely detailed writeup on a secondhand Nissan LEAF
'2015 Nissan LEAF, 24kWh Acenta model' -- with specifics of cost, usage in Ireland, charging times, etc. Super-detailed!
nissan  leaf  secondhand  driving  cars  evs 
4 weeks ago
It's official, ADSL works over wet string
So, there you go, ADSL over 2m of literal "wet string". Well done all for testing this. It shows the importance of handling faults that seem to just be "low speed".
adsl  faults  hacks  funny  networking  dsl  telecoms 
4 weeks ago
The Mirai Botnet Was Part of a College Student Minecraft Scheme
The truth, as made clear in that Alaskan courtroom Friday — and unsealed by the Justice Department on Wednesday—was even stranger: The brains behind Mirai were a 21-year-old Rutgers college student from suburban New Jersey and his two college-age friends from outside Pittsburgh and New Orleans. All three—Paras Jha, Josiah White, and Dalton Norman, respectively—admitted their role in creating and launching Mirai into the world.

Originally, prosecutors say, the defendants hadn’t intended to bring down the internet—they had been trying to gain an advantage in the computer game Minecraft. “They didn’t realize the power they were unleashing,” says FBI supervisory special agent Bill Walton. "This was the Manhattan Project."


(via Nelson)
minecraft  botnets  mirai  security  rutgers  ddos 
4 weeks ago
auto53
'The missing link between AWS AutoScaling Groups and Route53 [...] solves the issue of keeping a route53 zone up to date with the changes that an autoscaling group might face.'
auto53  route-53  dns  aws  amazon  ops  hostnames  asg  autoscaling 
4 weeks ago
AWS CodeBuild Plugin - Jenkins - Jenkins Wiki
Trigger AWS CodeBuild jobs as build steps for a Jenkins project. :thinking_face_emoji:
jenkins  hacks  aws  codebuild  build  coding  ci 
4 weeks ago
Internet protocols are changing
per @mnot. HTTP/2; TLS 1.3; QUIC and UDP; and DOH (DNS over HTTP!)
crypto  encryption  http  https  protocols  http2  tls  quic  udp  tcp  dns  tunnelling 
4 weeks ago
The Case for Learned Index Structures
'Indexes are models: a B-Tree-Index can be seen as a model to map a key to the position of a record within a sorted array, a Hash-Index as a model to map a key to a position of a record within an unsorted array, and a BitMap-Index as a model to indicate if a data record exists or not. In this exploratory research paper, we start from this premise and posit that all existing index structures can be replaced with other types of models, including deep-learning models, which we term learned indexes. The key idea is that a model can learn the sort order or structure of lookup keys and use this signal to effectively predict the position or existence of records. We theoretically analyze under which conditions learned indexes outperform traditional index structures and describe the main challenges in designing learned index structures. Our initial results show, that by using neural nets we are able to outperform cache-optimized B-Trees by up to 70% in speed while saving an order-of-magnitude in memory over several real-world data sets. More importantly though, we believe that the idea of replacing core components of a data management system through learned models has far reaching implications for future systems designs and that this work just provides a glimpse of what might be possible.'

Excellent follow-up thread from Henry Robinson: https://threadreaderapp.com/thread/940344992723120128

'The fact that the learned representation is more compact is very neat. But also it's not really a surprise that, given the entire dataset, we can construct a more compact function than a B-tree which is *designed* to support efficient updates.' [...] 'given that the model performs best when trained on the whole data set - I strongly doubt B-trees are the best we can do with the current state-of-the art.'
data-structures  ml  google  b-trees  storage  indexes  deep-learning  henry-robinson 
4 weeks ago
Canarytokens.org - Quick, Free, Detection for the Masses
similar to honeytokens -- detect breaches by access attempts to unique addresses
security  honeypots  honeytokens  canary  canarytokens 
5 weeks ago
In first, 3-D printed objects connect to WiFi without electronics
This. is. magic.

Physical motion—pushing a button, laundry soap flowing out of a bottle, turning a knob, removing a hammer from a weighted tool bench—triggers gears and springs elsewhere in the 3-D printed object that cause a conductive switch to intermittently connect or disconnect with the antenna and change its reflective state. Information—in the form of 1s and 0s—is encoded by the presence or absence of the tooth on a gear. Energy from a coiled spring drives the gear system, and the width and pattern of gear teeth control how long the backscatter switch makes contact with the antenna, creating patterns of reflected signals that can be decoded by a WiFi receiver.
magic  wifi  whoa  3d-printing  objects  plastic  gears  springs 
5 weeks ago
Handling GDPR: How to make Kafka Forget
How do you delete (or redact) data from Kafka? The simplest way to remove messages from Kafka is to simply let them expire. By default Kafka will keep data for two weeks and you can tune this as required. There is also an Admin API that lets you delete messages explicitly if they are older than some specified time or offset. But what if we are keeping data in the log for a longer period of time, say for Event Sourcing use cases or as a source of truth? For this you can make use of  Compacted Topics, which allow messages to be explicitly deleted or replaced by key.


Similar applies to Kinesis I would think.
kafka  kinesis  gdpr  expiry  deleting  data  privacy 
5 weeks ago
Theresa May's Blue Monday -- Fintan O’Toole
Having backed down, May was then peremptorily informed that she was not even allowed to back down. She left her lunch with the president of the European Commission, Jean-Claude Juncker, to take a phone call from the DUP’s Arlene Foster, who told her that the deal she had just made was unacceptable. May then had to go back in and tell Juncker that she could not agree to what she had just agreed to. It is a scarcely credible position for a once great state to find itself in: its leader does not even have the power to conduct a dignified retreat.
eu  ireland  brexit  uk  theresa-may  dup  politics  ec  fintan-otoole 
5 weeks ago
Using AWS Batch to Generate Mapzen Terrain Tiles · Mapzen
Using this setup on AWS Batch, we are able to generate more than 3.75 million tiles per minute and render the entire world in less than a week! These pre-rendered tiles get stored in S3 and are ready to use by anyone through the AWS Public Dataset or through Mapzen’s Terrain Tiles API.
mapzen  mapping  tiles  batch  aws  s3  lambda  docker 
5 weeks ago
AMERICAN AIRLINES 737MAX8: “LIKE A FLYING PRISON”
Quite unusual to see an honest review of travelling coach-class on an internal US flight. This is a massive stinker:

“I admit American isn’t my favourite airline, but this has made me seriously re-evaluate ever travelling on them again. And it won’t be economy. If this is Americans idea of their future standards, they can keep it. Aviation enthusiasts might find it really interesting- I felt like I was in a flying prison”.
coach  travel  aa  airlines  737  boeing  reviews  comfort 
5 weeks ago
VLC in European Parliament's bug bounty program
This was not something I expected:
The European Parliament has approved budget to improve the EU’s IT infrastructure by extending the free software security audit programme (FOSSA) and by including a bug bounty approach in the programme.

The Commission intends to conduct a small-scale "bug bounty" activity on open-source software with companies already operating in the market. The scope of this action is to:

Run a small-scale "bug bounty" activity for open source software project or library for a period of up to two months maximum;
The purpose of the procedure is to provide the European institutions with open source software projects or libraries that have been properly screened for potential vulnerabilities;
The process must be fully open to all potential bug hunters, while staying in-line with the existing Terms of Service of the bug bounty platform.
vlc  bug-bounties  security  europe  europarl  eu  ep  bugs  oss  video  open-source 
6 weeks ago
AWS re:invent 2017: Container Networking Deep Dive with Amazon ECS (CON401) // Practical Applications
Another re:Invent highlight to watch -- ECS' new native container networking model explained
reinvent  aws  containers  docker  ecs  networking  sdn  ops 
6 weeks ago
Bella Caledonia: A Wake-Up Call
Swathes of the British elite appeared ignorant of much of Irish history and the country’s present reality. They seemed to have missed that Ireland’s economic dependence on exports to its neighbour came speedily to an end after both joined the European Economic Community in 1973. They seemed unacquainted with Ireland’s modern reality as a confident, wealthy, and internationally-oriented nation with overwhelming popular support for EU membership. Repeated descriptions of the border as a “surprise” obstacle to talks betrayed that Britain had apparently not listened, or had dismissed, the Irish government’s insistence in tandem with the rest of the EU since April that no Brexit deal could be agreed that would harden the border between Ireland and Northern Ireland.
The British government failed to listen to Ireland throughout history, and it was failing to listen still.
europe  ireland  brexit  uk  ukip  eu  northern-ireland  border  history 
6 weeks ago
South Pole Ice Tunnels – Antarctica - Atlas Obscura
'One of the strangest of these monuments consists of the body of an atrophied White Sturgeon and a handwritten account of its journey. The fish had arrived in 1992 at McMurdo Station (a US base located at the edge of Antarctica and the Ross Sea) and had been destined for a remote Russian station called Vostok. However, the Russians gifted the sturgeon to American scientists who later discarded it after it had languished uneaten in a freezer for several months. It was from the trash dump that a garbage processing crew reclaimed the sturgeon, and it then made its way from location to location across Antarctica. It finally became enshrined in the tunnels beneath the South Pole where it greets visitors from a ledge chiseled in the ice.'
south-pole  pole  big-dead-place  shrines  funny  sturgeons  antarctica  amundsen-scott-station  mcmurdo  vostok 
6 weeks ago
Sonarr
newsgroup/torrent TV PVR automation. looks neat
pvr  tv  automation  usenet  bittorrent 
6 weeks ago
Meet the man who deactivated Trump’s Twitter account
Legend!
His last day at Twitter was mostly uneventful, he says. There were many goodbyes, and he worked up until the last hour before his computer access was to be shut off. Near the end of his shift, the fateful alert came in. This is where Trump’s behavior intersects with Duysak’s work life. Someone reported Trump’s account on Duysak’s last day; as a final, throwaway gesture, he put the wheels in motion to deactivate it. Then he closed his computer and left the building.
twitter  trump  bahtiyar-duysak  abuse  reporting  funny 
6 weeks ago
The Impenetrable Program Transforming How Courts Treat DNA Evidence | WIRED
'So the lab turned to TrueAllele, a program sold by Cybergenetics, a small company dedicated to helping law enforcement analyze DNA where regular lab tests fail. They do it with something called probabilistic genotyping, which uses complex mathematical formulas to examine the statistical likelihood that a certain genotype comes from one individual over another. It’s a type of DNA testing that’s becoming increasingly popular in courtrooms. '

[...] 'But now legal experts, along with Johnson’s advocates, are joining forces to argue to a California court that TrueAllele—the seemingly magic software that helped law enforcement analyze the evidence that tied Johnson to the crimes—should be forced to reveal the code that sent Johnson to prison. This code, they say, is necessary in order to properly evaluate the technology. In fact, they say, justice from an unknown algorithm is no justice at all.'
law  justice  trueallele  software  dna  evidence  statistics  probability  code-review  auditing 
6 weeks ago
Introducing the Amazon Time Sync Service
Well overdue; includes Google-style leap smearing
time-sync  time  aws  services  ntp  ops 
6 weeks ago
Introducing AWS Fargate – Run Containers without Managing Infrastructure
now that's a good announcement. Available right away running atop ECS; EKS in 2018
eks  ecs  fargate  aws  services  ops  containers  docker 
6 weeks ago
Fine Art Prints – The Public Domain Review
This is amazing -- "museum quality" prints of favourites from the PDR archives, featuring Paul Klee, William Blake, ukiyo-e from Hiroshige, Goya, and even Athanasius Kircher
prints  to-get  fine-art  public-domain  art  william-blake  ukiyo-e  hiroshige  goya  klee 
6 weeks ago
creepy fake motion-detector cameras in AirBnBs
Jason Scott on Twitter: "In "oh, that's a thing now" news, a colleague of mine thought it odd that there was a single "motion detector" in his AirBNB in the bedroom and voila, it's an IP camera connected to the web. (He left at 3am, reported, host is suspended, colleague got refund.)"
airbnb  motion-detectors  cameras  surveillance  creepy  privacy 
6 weeks ago
Tansplaining
/tanˈspleɪn/ - verb informal - (of a British journalist or political type) explaining Irish history and politics to an Irish person, in a manner regarded as condescending, patronizing, and often incorrect.
politics  lols  funny  tansplaining  black-and-tans  history  uk  brexit  dictionary  neologisms 
7 weeks ago
UK government planning to require age verification for access to porn
This thread has pointed out the unintentional side effect which I hadn't considered: this database of user auth info and their porn habits will be an incredibly valuable target for foreign governments and hackers, and a single foreign porn company owns the AV service they are potentially planning to use for it.

"if they can't find a way to de-link identities from usage, this is a monumental national security risk and it's beyond insane they're even considering it. "Sorry Prime Minister, Russia now knows what porn every MP, civil servant and clearance holder watches and when, and we don't know how much of it they've given to Wikileaks. In retrospect, having the world's most obvious SIGINT target built in PHP and hosted in the Cayman Islands by an uncleared foreign 25 year old working for a porn company probably wasn't the best idea".'
age  verification  porn  uk  politics  censorship  security  national-security  wikileaks  russia 
7 weeks ago
Brutal London
'A book about London's gorgeous, brutalist architecture includes dainty DIY papercraft models to make yourself' -- awesome
brutalist  architecture  london  papercraft  models  barbican 
7 weeks ago
Parental Controls & Internet Filtering — Circle
this looks interesting; internet time limits and per-user/per-device content filtering, for kids
apps  kids  android  ios  circle  filtering  family  parenting 
7 weeks ago
Spam is back | The Outline
it’s 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link. It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam. Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. Last year, a Chicago resident sued the Trump campaign for allegedly sending unsolicited text message spam; this past November, ZDNet reported that voters were being inundated with political text messages they never signed up for. Apps can be horrid spam vectors, too — TechCrunch writer Jordan Crook wrote in April about how she idly downloaded an app called Gather that promptly spammed everyone in her contact list. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven’t helped. Meanwhile, you, me, and everyone we know is being plagued by robocalls. “There is no recourse for me,” lamented Troy Doliner, a student in Boston who gets robocalls every day. “I am harassed by a faceless entity that I cannot track down.”
“I think we had a really unique set of circumstances that created this temporary window where spam was in remission,” said Finn Brunton, an assistant professor at NYU who wrote Spam: A Shadow History of the Internet, “and now we’re on the other side of that, with no end in sight.”


(via Boing Boing)
spam  privacy  email  social-media  web  robocalls  phone  ethereum  texts  abuse 
7 weeks ago
Tech Leaders Dismayed by Weaponization of Social Media - IEEE Spectrum
“We have passed the fail-safe point,” McNamee said. “I don’t think we can get back to the Silicon Valley that I loved. At this point we just have to save America.”
propaganda  fake-news  facebook  twitter  social-media  us-politics  brexit  internet  russia  silicon-valley  usa 
8 weeks ago
Unicomp, Inc.
'I think you want a Unicomp [...] They bought the old IBM model M factory line, it's a model M with USB' -- a classic IBM-style clacky full size keyboard -- https://twitter.com/SwartzCr/status/932678394021535751
keyboards  clacky  model-m  ibm  history  hardware  usb 
8 weeks ago
Cordyceps even creepier than at first thought
Hughes’s team found that fungal cells infiltrate the ant’s entire body, including its head, but they leave its brain untouched. There are other parasites that manipulate their hosts without destroying their brains, says Kelly Weinersmith from Rice University. For example, one flatworm forms a carpet-like layer over the brain of the California killifish, leaving the brain intact while forcing the fish to behave erratically and draw the attention of birds—the flatworm’s next host. “But manipulation of ants by Ophiocordyceps is so exquisitely precise that it is perhaps surprising that the fungus doesn't invade the brain of its host,” Weinersmith says. [....]

So what we have here is a hostile takeover of a uniquely malevolent kind. Enemy forces invading a host’s body and using that body like a walkie-talkie to communicate with each other and influence the brain from afar. Hughes thinks the fungus might also exert more direct control over the ant’s muscles, literally controlling them “as a puppeteer controls as a marionette doll.” Once an infection is underway, he says, the neurons in the ant’s body—the ones that give its brain control over its muscles—start to die. Hughes suspects that the fungus takes over. It effectively cuts the ant’s limbs off from its brain and inserts itself in place, releasing chemicals that force the muscles there to contract. If this is right, then the ant ends its life as a prisoner in its own body. Its brain is still in the driver’s seat, but the fungus has the wheel.
biology  gross  cordyceps  fungi  fungus  ants  zombies  infection  brain  parasites 
8 weeks ago
IBM urged to avoid working on 'extreme vetting' of U.S. immigrants
ICE wants to use machine learning technology and social media monitoring to determine whether an individual is a “positively contributing member of society,” according to documents published on federal contracting websites. More than 50 civil society groups and more than 50 technical experts sent separate letters on Thursday to the Department of Homeland Security saying the vetting program as described was “tailor-made for discrimination” and contending artificial intelligence was unable to provide the information ICE desired.
civil-rights  politics  usa  trump  ice  ibm  civil-liberties  immigration  discrimination  racism  social-media 
8 weeks ago
S3 Inventory Adds Apache ORC output format and Amazon Athena Integration
Interesting to see Amazon are kind of putting their money behind ORC as a new public data interchange format with this.

Update: the Amazon senior PM for Athena and EMR says: 'Actually, we like both ORC and Parquet. Athena can process both ORC and Parquet, and teams can choose if they want to use either.' -- https://twitter.com/abysinha/status/932700622540849152
orc  formats  data  interchange  s3  athena  output 
8 weeks ago
Quad9
Quad9 is a free, recursive, anycast DNS platform that provides end users robust security protections, high-performance, and privacy. 

Security: Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting malware or phishing sites. Whenever a Quad9 user clicks on a website link or types in an address into a web browser, Quad9 will check the site against the IBM X-Force threat intelligence database of over 40 billion analyzed web pages and images. Quad9 also taps feeds from 18 additional threat intelligence partners to block a large portion of the threats that present risk to end users and businesses alike. 

Performance: Quad9 systems are distributed worldwide in more than 70 locations at launch, with more than 160 locations in total on schedule for 2018. These servers are located primarily at Internet Exchange points, meaning that the distance and time required to get answers is lower than almost any other solution. These systems are distributed worldwide, not just in high-population areas, meaning users in less well-served areas can see significant improvements in speed on DNS lookups. The systems are “anycast” meaning that queries will automatically be routed to the closest operational system. 

Privacy: No personally-identifiable information is collected by the system. IP addresses of end users are not stored to disk or distributed outside of the equipment answering the query in the local data center. Quad9 is a nonprofit organization dedicated only to the operation of DNS services. There are no other secondary revenue streams for personally-identifiable data, and the core charter of the organization is to provide secure, fast, private DNS


Awesome!
quad9  resolvers  dns  anycast  ip  networking  privacy  security 
8 weeks ago
Why is this company tracking where you are on Thanksgiving?
Creepy:
To do this, they tapped a company called SafeGraph that provided them with 17 trillion location markers for 10 million smartphones.
The data wasn’t just staggering in sheer quantity. It also appears to be extremely granular. Researchers “used this data to identify individuals' home locations, which they defined as the places people were most often located between the hours of 1 and 4 a.m.,” wrote The Washington Post. [....]
This means SafeGraph is looking at an individual device and tracking where its owner is going throughout their day. A common defense from companies that creepily collect massive amounts of data is that the data is only analyzed in aggregate; for example, Google’s database BigQuery, which allows organizations to upload big data sets and then query them quickly, promises that all its public data sets are “fully anonymized” and “contain no personally-identifying information.” In multiple press releases from SafeGraph’s partners, the company’s location data is referred to as “anonymized,” but in this case they seem to be interpreting the concept of anonymity quite liberally given the specificity of the data.
Most people probably don’t realize that their Thanksgiving habits could end up being scrutinized by strangers.
It’s unclear if users realize that their data is being used this way, but all signs point to no. (SafeGraph and the researchers did not immediately respond to questions.) SafeGraph gets location data from “from numerous smartphone apps,” according to the researchers.
safegraph  apps  mobile  location  tracking  surveillance  android  iphone  ios  smartphones  big-data 
8 weeks ago
« earlier      
abuse ai algorithms amazon analytics android anti-spam apache apple apps architecture art automation aws banking big-data bitcoin blocking books bugs build business cap cars cassandra censorship children china cli cloud coding compression concurrency containers copyright crime crypto culture cycling data data-protection data-structures databases dataviz debugging deployment design devops distcomp distributed dns docker dublin ec2 email eu europe exploits facebook fail false-positives fault-tolerance filesharing filtering food fraud funny future games gaming gc gchq git github go google government graphics graphs hacking hacks hadoop hardware hashing health history home http https images internet ios ip iphone ireland isps java javascript jobs journalism jvm kafka kids lambda languages latency law legal libraries life linux load-balancing logging machine-learning malware mapping maps medicine memory messaging metrics microsoft ml mobile money monitoring movies mp3 music mysql netflix network networking news nosql nsa open-source ops optimization outages packaging papers patents pdf performance phones photos piracy politics presentations privacy programming protocols python realtime recipes redis reference reliability replication research ruby russia s3 safety scala scalability scaling scams science search security shopping slides snooping social-media society software space spam sql ssl startups statistics storage streaming surveillance swpats sysadmin tcp tech testing time tips tls tools travel tuning tv twitter ui uk unix us-politics via:fanf via:nelson video web wifi work youtube

Copy this bookmark:



description:


tags: