5190
Bitcoin must die
If Bitcoin were to cease trading tomorrow, 0.5% of the world’s electricity demand would simply disappear. This is roughly equivalent to the output of ten coal-fired power plants, emitting 50 million tonnes of CO2 per year – which would cover one year’s worth of the carbon emission cuts required to limit temperature rises this century to 2C. It is not a solution by itself, but it would be a good year’s work. Bitcoin is made from ashes, and if ashes were legal tender, humanity would burn everything in sight and call it progress.
environment  bitcoin  ecology  future  earth  cryptocurrencies  pow  electricity  climate-change 
yesterday
A Soyuz "ballistic re-entry" which subjected the crew to 21 g
At the time when the safety system initiated separation the spacecraft was already pointed downward toward Earth, which accelerated its descent significantly. Instead of the expected acceleration in such an emergency situation of 15 g (147 m/s²), the cosmonauts experienced up to 21.3 g (209 m/s²).[2] Despite very high overloading, the capsule's parachutes opened properly and slowed the craft to a successful landing after a flight of only 21 minutes.
spaceflight  soyuz  accidents  history  cosmonauts 
4 days ago
Opinion | When Your Boss Is an Algorithm - The New York Times
I have learned that drivers at ride-hailing companies may have the freedom and flexibility of gig economy work, but they are still at the mercy of a boss — an algorithmic boss. 
Data and algorithms are presented as objective, neutral, even benevolent: Algorithms gave us super-convenient food delivery services and personalized movie recommendations. But Uber and other ride-hailing apps have taken the way Silicon Valley uses algorithms and applied it to work, and that’s not always a good thing.
algorithms  uber  gig-economy  work 
4 days ago
Querying OpenStreetMap Buildings with AWS Athena – door2door Engineering
Well this is damn cool:
AWS not only made OpenStreetMap planet data available on S3, but it also made it query-able with Athena. Pretty cool, no? Now, in theory, you can just construct an SQL query, send it to Athena, and then do whatever you want with the results. No more:

Updating OSM planet data yourself; it gets updated on AWS whenever OSM publishes it, once a week.

Transforming the data into a query-able format; Athena handles that for you.

Query/request frequency limits (it’s still AWS though, so other limitations might apply 💸 💸)

At door2door, we had a pretty straight-forward use-case for this: we needed to get buildings in specific regions based only on where they were, and transform those buildings into GeoJSON that we can attach our data to, and visualize on the front-end on top of our base map.
athena  osm  buildings  aws  geodata  mapping  maps  door2door  cool  hacks 
5 days ago
'We're doomed': Mayer Hillman on the climate reality no one else will dare mention | Environment | The Guardian
Well this is terrifying.
Can civilisation prolong its life until the end of this century? “It depends on what we are prepared to do.” He fears it will be a long time before we take proportionate action to stop climatic calamity. “Standing in the way is capitalism. Can you imagine the global airline industry being dismantled when hundreds of new runways are being built right now all over the world? It’s almost as if we’re deliberately attempting to defy nature. We’re doing the reverse of what we should be doing, with everybody’s silent acquiescence, and nobody’s batting an eyelid.”
climate  capitalism  environment  future  scary  mayer-hillman 
5 days ago
IPCC 1.5 degrees target requires massive carbon dioxide removal technology efforts
The grimmest prognosis in the draft report is in the details of the effort it would take to actually limit warming to 1.5°C. Countries won’t just have to give up fossil fuels and stop emitting greenhouse gases; they’ll have to pull carbon dioxide straight out of the air.

“All pathways that limit global warming to 1.5°C with limited or no overshoot project the use of carbon dioxide removal (CDR),” according to the report. And not just a little, but a lot, upward of 1,000 gigatons of carbon dioxide removed from the atmosphere by the end of the century. This will require machines that scrub carbon dioxide out of the air as well as biofuels coupled with carbon capture and sequestration. These tactics have their own energy demands and environmental drawbacks, and we may not be able to deploy them in time.

“CDR deployment of several hundreds of [gigatons of CO2] is subject to multiple feasibility and sustainability constraints,” according to the IPCC report.
cdr  co2  greenhouse-gases  climate-change  technology  ipcc  un 
6 days ago
How To Survive The Coming Century
New Scientist article from 2009 with a rather terrifying map of the 4-degrees-warmer Earth
earth  new-scientist  climate  fear 
6 days ago
Amazon scraps secret AI recruiting tool that showed bias against women | Reuters
Amazon’s computer models were trained to vet applicants by observing patterns in resumes submitted to the company over a 10-year period. Most came from men, a reflection of male dominance across the tech industry. […] Amazon’s system taught itself that male candidates were preferable. It penalized resumes that included the word “women’s,” as in “women’s chess club captain.” And it downgraded graduates of two all-women’s colleges, according to people familiar with the matter.’


nice demo of algorithmic bias right there. Worrying that there are plenty of other places carrying on with the concept though....
algorithmic-bias  amazon  hiring  resumes  bias  feminism  machine-learning  ml 
7 days ago
A Controversial Virus Study Shows Flaws in How Science Is Done - The Atlantic
Absent clearer guidelines, the burden falls on the scientific enterprise to self-regulate—and it isn’t set up to do that well. Academia is intensely competitive, and “the drivers are about getting grants and publications, and not necessarily about being responsible citizens,” says Filippa Lentzos from King’s College London, who studies biological threats. This means that scientists often keep their work to themselves for fear of getting scooped by their peers. Their plans only become widely known once they’ve already been enacted, and the results are ready to be presented or published. This lack of transparency creates an environment where people can almost unilaterally make decisions that could affect the entire world.

Take the horsepox study [the main topic of this article]. Evans was a member of a World Health Organization committee that oversees smallpox research, but he only told his colleagues about the experiment after it was completed. He sought approval from biosafety officers at his university, and had discussions with Canadian federal agencies, but it’s unclear if they had enough ethical expertise to fully appreciate the significance of the experiment. “It’s hard not to feel like he opted for agencies that would follow the letter of the law without necessarily understanding what they were approving,” says Kelly Hills, a bioethicist at Rogue Bioethics.

She also sees a sense of impulsive recklessness in the interviews that Evans gave earlier this year. Science reported that he did the experiment “in part to end the debate about whether recreating a poxvirus was feasible.” And he told NPR that “someone had to bite the bullet and do this.” To Hills, that sounds like I did it because I could do it. “We don’t accept those arguments from anyone above age 6,” she says.
the-atlantic  science  news  smallpox  horsepox  diseases  danger  risk  academia  papers  publish-or-perish  bioethics  ethics  biology  genetics 
7 days ago
When It’s Too Late to Stop Fascism, According to Stefan Zweig | The New Yorker
The destruction of a symbolic edifice—a blaze that caused no loss of life—became the pretext for the government to begin terrorizing its own civilian population. That fateful conflagration took place less than thirty days after Hitler became Chancellor. The excruciating power of Zweig’s memoir lies in the pain of looking back and seeing that there was a small window in which it was possible to act, and then discovering how suddenly and irrevocably that window can be slammed shut.
fascism  europe  stefan-zweig  politics  history  germany  nazis 
9 days ago
Wild camping spots - Google My Maps
A GMaps version of the list of wild camping spots around Ireland
gmaps  google  mapping  wild-camping  camping  ireland 
9 days ago
archive.org C64 software library
Pretty amazing that these can be credibly emulated in a browser now!
c=64  history  commodore  vice  web  internet-archive  gaming  games 
11 days ago
What to Look for in Java 8 Code
Great advice from Trisha Gee on J8 features and how to code-review code which uses them
java8  java  code-review  coding 
12 days ago
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Bloomberg
Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. [...] investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.
chips  security  technology  china  subcontracting  business  hardware  hacking  amazon  supermicro  manufacturing  supply-chains 
13 days ago
Running high-scale web applications on Amazon EC2 Spot Instances
AppNext's setup looks like quite good practice for a CPU-bound fleet
appnext  spot-instances  ec2  scalability  aws  ops  architecture 
14 days ago
This is how cyber attackers stole £2.26m from Tesco Bank customers | ZDNet
What a shitshow.
Poor design of Tesco Bank debit cards played a significant role in creating security vulnerabilities that led to thousands of customers having their accounts emptied. One of these involved the PAN numbers -- the 16-digit card number sequence used to identify all debit cards.

Tesco Bank inadvertently issued debit cards with sequential PAN numbers. This increased the likelihood that the attackers would find the next PAN number in the sequence.

It took 21 hours after the attack began before Tesco Bank's Fraud Strategy Team was informed about the incident.

Only after what the FCA describes as a "series of errors" -- including Tesco Bank's Financial Crime Operations Team sending an email to the wrong address, instead of making a phone call as procedure requires -- was the fraud team made aware of the attack.

In all that time, nothing had been done to stop the attacks, with fraudulent transactions continuing to siphon money from accounts as the bank received more and more calls from worried customers.
tesco  fail  tesco-bank  banking  pan-numbers  debit-cards  security  fraud  uk 
14 days ago
Kubernetes: The Surprisingly Affordable Platform for Personal Projects
At the beginning of the year I spent several months deep diving on Kubernetes for a project at work. As an all-inclusive, batteries-included technology for infrastructure management, Kubernetes solves many of the problems you're bound to run into at scale. However popular wisdom would suggest that Kubernetes is an overly complex piece of technology only really suitable for very large clusters of machines; that it carries a large operational burden and that therefore using it for anything less than dozens of machines is overkill.

I think that's probably wrong. Kubernetes makes sense for small projects and you can have your own Kubernetes cluster today for as little as $5 a month.


(via Tony Finch)
via:fanf  deployment  howto  kubernetes  ops  projects  hacks  clustering 
14 days ago
The 2018 Nobel Prize is a reminder of the outrageous cost of curing cancer
The penny drops:
One final disturbing aspect of the cancer cost conundrum: Public money helped pay for many of the drugs that patients can’t afford to access.

In a recent analysis, published in the journal PNAS, researchers found that American tax dollars helped fund the basic research that went into every single one of the drugs approved by the Food and Drug Administration between 2010 and 2016 — including several cancer immunotherapies. All told, $100 billion in National Institutes of Health research grants helped advance the science behind those drugs.

So the Nobel Prize this week is a reminder of the great promise of these drugs — and the incredible, lifesaving science that led to their discoveries. But it should also be a moment to reflect on who is benefiting from them and who isn’t. How will the 1.7 million Americans who are diagnosed with cancer per year gain access if prices keep rising and we don’t address this cost conundrum soon?
cancer  immunotherapy  drugs  costs  money  pharma  science  medicine  research 
15 days ago
Amazon S3 Announces Selective Cross-Region Replication Based on Object Tags

Amazon S3 Cross-Region Replication (CRR) now supports object filtering based on S3 object tags. This allows you to identify individual objects using S3 object tags for automatic replication across AWS Regions for compliance and/or data protection.

CRR is an Amazon S3 feature that automatically replicates every object uploaded to an S3 bucket to a destination bucket in a different AWS Region that you choose. S3 object tags are key-value pairs applied to S3 objects that allow you to better organize, secure, and manage your data stored in S3. By using S3 object tags to determine which objects to replicate using CRR, you now have fine grained control to selectively replicate your storage to another AWS Region to backup critical data for compliance and disaster recovery.
aws  s3 
16 days ago
Defcon Voting Village report: Bug in one system could “flip Electoral College” | Ars Technica
ES&S strike again:
Today, six prominent information-security experts who took part in DEF CON's Voting Village in Las Vegas last month issued a report on vulnerabilities they had discovered in voting equipment and related computer systems. One vulnerability they discovered—in a high-speed vote-tabulating system used to count votes for entire counties in 23 states—could allow an attacker to remotely hijack the system over a network and alter the vote count, changing results for large blocks of voters. "Hacking just one of these machines could enable an attacker to flip the Electoral College and determine the outcome of a presidential election," the authors of the report warned.

The machine in question, the ES&S M650, is used for counting both regular and absentee ballots. The device from Election Systems & Software of Omaha, Nebraska, is essentially a networked high-speed scanner like those used for scanning standardized-test sheets, usually run on a network at the county clerk's office. Based on the QNX 4.2 operating system—a real-time operating system developed and marketed by BlackBerry, currently up to version 7.0—the M650 uses Iomega Zip drives to move election data to and from a Windows-based management system. It also stores results on a 128-megabyte SanDisk Flash storage device directly mounted on the system board. The results of tabulation are output as printed reports on an attached pin-feed printer.

The report authors—Matt Blaze of the University of Pennsylvania, Jake Braun of the University of Chicago, David Jefferson of the Verified Voting Foundation, Harri Hursti and Margaret MacAlpine of Nordic Innovation Labs, and DEF CON founder Jeff Moss—documented dozens of other severe vulnerabilities found in voting systems. They found that four major areas of "grave and undeniable" concern need to be addressed urgently. One of the most critical is the lack of any sort of supply-chain security for voting machines—there is no way to test the machines to see if they are trustworthy or if their components have been modified.
fail  security  evoting  vote-tabulation  us-politics  voting-machines 
19 days ago
Estonia sues Gemalto for 152 mln euros over ID card flaws
Estonia’s Police and Border Guard Board (PPA) said in a statement Gemalto had created private key codes for individual cards, leaving the government IDs vulnerable to external cyber attack, rather than embedding it on the card’s chip as promised. “It turned out that our partner had violated this principle for years, and we see this as a very serious breach of contract,” PPA’s deputy director-general Krista Aas said in the statement.


If true, this is a big problem...
gemalto  fail  security  smartcards  estonia  chip-cards 
19 days ago
randomised prefixes in S3 are no longer necessary to improve performance
This S3 request rate performance increase removes any previous guidance to randomize object prefixes to achieve faster performance. That means you can now use logical or sequential naming patterns in S3 object naming without any performance implications.


Having said that, it sounds like they may still help to a degree anyway.
s3  coding  architecture  aws  tips 
20 days ago
How Triplebyte solved its office Wi-Fi problems
This is good general wi-fi infrastructure advice for home use too
internet  networking  wifi  ethernet  routers  ops 
20 days ago
Do not fall into Oracle's Java 11 trap
The key part of the terms is as follows:

You may not: use the Programs for any data processing or any commercial, production, or internal business purposes other than developing, testing, prototyping, and demonstrating your Application;

The trap is as follows:

Download Oracle JDK (because that is what you've always done, and it is what the web-search tells you);
Use it in production (because you didn't realise the license changed);
Get a nasty phone call from Oracle's license enforcement teams demanding lots of money

In other words, Oracle can rely on inertia from Java developers to cause them to download the wrong (commercial) release of Java. Unless you read the text/warnings/legalese very carefully you might not even realise Oracle JDK is now commercial, and that you are therefore liable to pay Oracle for Java.

java  licensing  openjdk  open-source  oracle  software  jdk  jre 
21 days ago
Common Cyborg | Jillian Weise | Granta
Fantastic essay:
When I tell people I am a cyborg, they often ask if I have read Donna Haraway’s ‘A Cyborg Manifesto’. Of course I have read it. And I disagree with it. The manifesto, published in 1985, promised a cyberfeminist resistance. The resistance would be networked and coded by women and for women to change the course of history and derange sexism beyond recognition. Technology would un-gender us. Instead, it has been so effective at erasing disabled women that even now, in conversation with many feminists, I am no longer surprised that disability does not figure into their notions of bodies and embodiment. Haraway’s manifesto lays claim to cyborgs (‘we are all cyborgs’) and defines the cyborg unilaterally through metaphor. To Haraway, the cyborg is a matter of fiction, a struggle over life and death, a modern war orgy, a map, a condensed image, a creature without gender. The manifesto coopts cyborg identity while eliminating reference to disabled people on which the notion of the cyborg is premised. Disabled people who use tech to live are cyborgs. Our lives are not metaphors.


(Via Tony Finch)
via:dotat  cyborg  technology  feminism  essay  disability  tech  jillian-weise  granta 
22 days ago
Dublin Bikes Animated
lots of nice graphs and dataviz around Dublin Bikes usage
bikes  cycling  dublin  dataviz  cool 
22 days ago
25 Years of WIRED Predictions: Why the Future Never Arrives
These early views of the sharing economy were accurate depictions of the moment, but poor visions of the future. Within a few short years, many of those Uber drivers would be stuck paying off their cars in sub-minimum-wage jobs with no benefits. What began as an earnest insight about bits and atoms quickly turned into an arbitrage opportunity for venture capitalists eager to undercut large, lucrative markets by skirting regulations. To meet the growth and monetization demands of investors, yesterday’s sharing economy became today’s gig economy.
advertising  future  technology  futurism  predictions  wired  web2.0  history  1990s  2000s 
23 days ago
Credit reference agency Equifax fined for security breach
The ICO fines Equifax £500K, the maximum amount possible under the old Data Protection Act (via Privacy Kit)
via:privacy-kit  ico  equifax  privacy  data-protection  uk  penalties  law 
27 days ago
Peter Flynn caused the first 404
Now that's a great bit of web trivia :) "[UCC's] first webmaster was the first person to ever break a link on the web, when he moved the location of a webpage on UCC's servers without telling TimBL. Such a change resulted in the need to error-handle such an occurrence, and the 404 was born"
404  history  http  web  peter-flynn  ucc  irish-web  trivia 
27 days ago
Cindy Sridharan on Twitter: NanoLog by Ousterhout et al.

- just formatting a log typically takes on the order of 1µs!

- nanolog achieves high throughput by shifting work out of runtime hot path into compilation + post-execution phases


Basically records symbolic form of logs, and uses a post-processor after the fact to generate readable text.
logging  ops  coding  performance 
29 days ago
Kebab-Case
TIL! In other words spelling identifiers-like-this, Lisp style
kebab-case  case  lisp  identifiers  coding  terminology 
29 days ago
Muting some magic keywords fixes the Twitter timeline
Apparently, turning off some of the shittier recent features:
Muting suggest_recycled_tweet_inline and suggest_activity_tweet actually has fixed my timeline. It's all chronological and there are barely any "x and y liked" tweets.
twitter  feature-creep  muting  hacks 
29 days ago
mblaze-much/MANIFESTO.md
Danny O'Brien's manifesto for an update of his notmuch-based mail setup. watching with interest
email  mail  notmuch  sup  muas  hacking  unix  cli  mh 
4 weeks ago
Surprisingly Little Evidence for the Accepted Wisdom About Teeth - The New York Times
Turns out there is little evidence for many dental practices:
A systematic review in 2011 concluded that, in adults, toothbrushing with flossing versus toothbrushing alone most likely reduced gingivitis, or inflammation of the gums. But there was really weak evidence that it reduced plaque in the short term. There was no evidence that it reduced cavities. That’s pretty much what we learned recently.
teeth  dentistry  dental  health  medicine  statistics  science 
4 weeks ago
Notes on some artefacts
Five or six years ago, around the time most people seemed to be spending almost all of their time on the internet, I began to notice a particular kind of online phenomenon, one that I did not have a terminology for. I started to call these moments “artefacts”, borrowing a term from photography that describes the machine-created distortions and ghosts that corrupt digital imagery. “An unintended alteration in data” is one definition, but this new kind of “artefact” was expanding beyond sporadic instances and becoming a persistent sub-theme in discourse at large.

The result was a type of semiotic collapse, one that first found its fullest expression in the absurdity of the 2016 presidential campaign, when news stories fabricated in Macedonia found a wider reach than The Washington Post. Countermeasures to interference in the coming 2018 congressional election look ineffectual, perhaps deliberately so.
artefacts  fake-news  bots  weird  2018  trump  politics 
4 weeks ago
A definitive blood test for post-infectious irritable bowel syndrome?: Expert Review of Gastroenterology & Hepatology: Vol 10, No 11
Very interesting! This paper and the one at https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0126438 discuss the increasing evidence that some kinds of IBS may be caused by post-infection autoimmune activity triggered by a gastroenteritis infection -- this matches the thing which put me on a restricted diet a few years ago.
digestion  ibs  medicine  health  diet  fodmap  gastroenteritis  papers 
4 weeks ago
Google spent $60 million on building Content ID
That's how much it costs to build a not-particularly-accurate UGC copyright filter:
Google’s new report takes aim at this claim. It asserts that Content ID is a highly effective solution, with over 98 percent of copyright management on YouTube happening through Content ID, and just 2 percent coming from humans filing copyright removal notices. Google also says the music industry opts to monetize more than 95 percent of its copyright claims, meaning they leave the videos up on the service. It claims a whopping half of the music industry's YouTube revenue comes from fan content — covers, remixes, dance versions, etc. — claimed via Content ID. The report also puts a hard figure on how much Google has spent so far on Content ID: $60 million.
filtering  copyright  eu  article-13  copyfight  content-id  google  web  ugc 
4 weeks ago
Troy Hunt: The Effectiveness of Publicly Shaming Bad Security
Now I don't know how much of this change was due to my public shaming of their security posture, maybe they were going to get their act together afterward anyway. Who knows. However, what I do know for sure is that I got this DM from someone not long after that post got media attention (reproduced with their permission):

Hi Troy, I just want to say thanks for your blog post on the Natwest HTTPS issue you found that the BBC picked up on. I head up the SEO team at a Media agency for a different bank and was hitting my head against a wall trying to communicate this exact thing to them after they too had a non secure public site separate from their online banking. The quote the BBC must have asked from them prompted the change to happen overnight, something their WebDev team assured me would cost hundreds of thousands of pounds and at least a year to implement! I was hitting my head against the desk for 6 months before that so a virtual handshake of thanks from my behalf! Thanks!
business  internet  security  social-media  shame  troy-hunt  bad-press  spin  shaming 
5 weeks ago
UIDAI’s Aadhaar Software Hacked, ID Database Compromised, Experts Confirm
The authenticity of the data stored in India's controversial Aadhaar identity database, which contains the biometrics and personal information of over 1 billion Indians, has been compromised by a software patch that disables critical security features of the software used to enrol new Aadhaar users, a three month-long investigation by HuffPost India reveals.

The patch—freely available for as little as Rs 2,500 (around $35)— allows unauthorised persons, based anywhere in the world, to generate Aadhaar numbers at will, and is still in widespread use.

This has significant implications for national security at a time when the Indian government has sought to make Aadhaar numbers the gold standard for citizen identification, and mandatory for everything from using a mobile phone to accessing a bank account.
security  aadhaar  identity  india  privacy  databases  data-privacy 
5 weeks ago
Software as Craft: software delivery and open source in a Cloud & Enterprise world
Niall Murphy sends this on:
Microsoft is very pleased to welcome Maggie Pint and Dr. Nicole Forsgren to our new campus, to talk about open source and the deep connections between how software is written, and how successful it is.

For those of you who are not aware, Maggie Pint is a software engineering lead in Azure’s Production Infrastructure Engineering (PIE) organization. Maggie’s team works on improving the engineering systems experience for Microsoft’s web-focused developers. She co-ordinates open source and inner source education and execution through Azure PIE. Outside of her day job, Maggie maintains the popular Moment.js JavaScript library, and is the JS Foundation’s delegate to TC39, the standards committee for JavaScript. She is passionate about dogs, coffee, the JavaScript language, and helping others live open source values in their day-to-day work.

Dr. Nicole Forsgren is the co-founder and Chief Scientist of the DevOps Research and Assessment joint venture with Jez Humble and Gene Kim, also well-known leaders in the DevOps community. She is best known as a co-author of Accelerate: The Science of Lean Software and DevOps and lead investigator for the largest-scale DevOps studies undertaken to date. She is also member of the ACM Queue editorial board, a research affiliate for a number of universities, and earned her PhD in Management Information Systems from the University of Arizona.

This event comprises two public technical talks, with an intended audience of a few hundred software and systems professionals, including technical managers and SREs.
software  coding  open-source  microsoft  maggie-pint  nicole-forsgren  azure 
5 weeks ago
'The Internet of Garbage' by Sarah Jeong
Sarah Jeong's 2015 book is now free:

'I think The Internet of Garbage still provides a useful framework to begin to
talk about our new dystopia, and it continues to be surprisingly relevant in many
ways. But I wrote the book with a tone of optimism I did not feel even at the time,
hoping that by reaching the well-meaning policy teams across Silicon Valley, I
might be able to spark change for the better.
Not only did that change never quite solidify, but the coordinated,
orchestrated harassment campaigns of Gamergate that I very briefly touch on in
Chapter Two have since overtaken our national political and cultural
conversations. These twisted knots of lies, deflection, and rage are not just some
weird and terrible online garbage. They shadow executive orders, court rulings,
even the newly appointed judiciary. They will haunt us for years to come. We are
all victims of fraud in the marketplace of ideas.
I hope that in the very near future, I will be putting out a second edition of
The Internet of Garbage. In that future edition, I hope to grapple with advertising
incentives, engagement traps, international propaganda wars, the American crisis
in free speech coinciding with the rise of platform power, and search engine
optimization as the new paradigm of speech.
In the meantime, I am putting out The Internet of Garbage 1.5 as an interim
edition. I wish it were more helpful in our present reality. But as imperfect a tool
as it is, I figure we all need as much help as we can get. '
dystopia  fake-news  internet  spam  harrassment  abuse  twitter  gamergate  politics  books  free  to-read 
6 weeks ago
Science Europe – cOAlition S
cOAlition S signals the commitment to implement, by 1 January 2020, the necessary measures to fulfil its main principle: “By 2020 scientific publications that result from research funded by public grants provided by participating national and European research councils and funding bodies, must be published in compliant Open Access Journals or on compliant Open Access Platforms.”

The 11 national research funding organisations that form cOAlition S have agreed to implement the 10 principles of Plan S in a coordinated way, together with the European Commission including the ERC. Other research funders from across the world, both public and private, are invited to join cOAlition S.


I am extremely happy to see SFI on this list!

(Via Cathal Garvey)
sfi  ireland  funding  science  open-access  open  papers  journals  via:cathalgarvey 
6 weeks ago
Biohackers Encoded Malware in a Strand of DNA
a group of researchers from the University of Washington has shown for the first time that it’s possible to encode malicious software into physical strands of DNA, so that when a gene sequencer analyzes it the resulting data becomes a program that corrupts gene-sequencing software and takes control of the underlying computer.
hacking  malware  security  sequencing  genome  biohacking  dna 
6 weeks ago
Mastodon and the challenges of abuse in a federated system
Similar to this thread by CJ Silverio, I’m not thinking about this in terms of whether Wil Wheaton or his detractors were right or wrong. Rather, I’m thinking about how this incident demonstrates that a large-scale harassment attack by motivated actors is not only possible in the fediverse, but is arguably easier than in a centralized system like Twitter or Facebook, where automated tools can help moderators to catch dogpiling as it happens.

As someone who both administrates and moderates Mastodon instances, and who believes in Mastodon’s mission to make social media a more pleasant and human-centric place, this post is my attempt to define the attack vector and propose strategies to prevent it in the future.
mastodon  abuse  twitter  wilw  harassment  moderation 
6 weeks ago
Linocuts by Gail Brodholt
scenes from London transit infrastructure. There's a fantastic 1960s vibe off these
london  tube  public-transport  prints  art  gail-brodholt  via:mltshp 
6 weeks ago
Unsupervised machine translation: A novel approach to provide fast, accurate translations for more languages – Facebook Code
Training an MT model without access to any translation resources at training time (known as unsupervised translation) was the necessary next step. Research we are presenting at EMNLP 2018 outlines our recent accomplishments with that task. Our new approach provides a dramatic improvement over previous state-of-the-art unsupervised approaches and is equivalent to supervised approaches trained with nearly 100,000 reference translations. To give some idea of the level of advancement, an improvement of 1 BLEU point (a common metric for judging the accuracy of MT) is considered a remarkable achievement in this field; our methods showed an improvement of more than 10 BLEU points.

This is an important finding for MT in general and especially for the majority of the 6,500 languages in the world for which the pool of available translation training resources is either nonexistent or so small that it cannot be used with existing systems. For low-resource languages, there is now a way to learn to translate between, say, Urdu and English by having access only to text in English and completely unrelated text in Urdu – without having any of the respective translations.
unsupervised-learning  ml  machine-learning  ai  translation  facebook 
6 weeks ago
Google Online Security Blog: Introducing the Tink cryptographic software library
Tink aims to provide cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Tink is built on top of existing libraries such as BoringSSL and Java Cryptography Architecture, but includes countermeasures to many weaknesses in these libraries, which were discovered by Project Wycheproof, another project from our team.
With Tink, many common cryptographic operations such as data encryption, digital signatures, etc. can be done with only a few lines of code.
tink  google  java  c++  boringssl  ssl  jca  crypto 
6 weeks ago
This Music Theory Professor Just Showed How Stupid and Broken Copyright Filters Are - Motherboard
Kaiser then decided to test Google’s system more fully. He opened a new YouTube account named Labeltest, and began sharing additional examples of copyright-free music.

“I quickly received Content ID notifications for copyright-free music by Bartok, Schubert, Puccini, and Wagner,” Kaiser said. “Again and again, YouTube told me that I was violating the copyright of these long-dead composers, despite all of my uploads existing in the public domain.”

Google’s Content ID is the result of more than $100 million in investment funds and countless development hours. Yet Kaiser found the system was largely incapable of differentiating between copyrighted music and content in the public domain. And the appeals process that Google has erected to tackle these false claims wasn’t any better.
content-id  copyright  copyright-filtering  youtube  fail  google  public-domain  ip  music  filtering  bartok  schubert  wagner  puccini 
6 weeks ago
How network clients need to participate in fault tolerance
Top tips on best practices here:
Colm's thread on shuffle sharding reminded me of how important it is that clients participate in fault tolerance, and how frustrated I get when a client library *doesn't* do this by default in my application. Let's talk about some best practices!


Bottom line: use Hystrix :)
retries  fault-tolerance  networking  tcp  http  exponential-backoff  ip 
6 weeks ago
Yahoo! are scanning your email contents and selling data to advertisers
For example: Amazon will no longer mail full receipt text as advertisers were believed to be extracting it
yahoo  privacy  email  mail  amazon 
7 weeks ago
Surgical team collaborates with McLaren F1 to improve processes
On the screen was a motor racing grand prix and, as they watched, the two men became aware of the similarities between the handover disciplines from theatre to intensive care and what they were seeing in the pit of a Formula One racing team.

From that moment began a collaboration between the leaders of Great Ormond Street's surgical and intensive care units, first with the McLaren F1 racing team and then with Ferrari's team chief Jan Todt, technical guru Ross Brawn and, in particular, race technical director Nigel Stepney.

They worked together at their home base in Modena, Italy, in the pits of the British Grand Prix and in the Great Ormond Street theatre and intensive care ward.

The major restructuring of the patient handover procedure, resulting directly from the input of the F1 pit technicians, will soon be described in two scientific publications.

"It is not too early to say that, when we look at the number of critical instances we encounter, they have reduced markedly since we introduced the modified training protocol developed from what we have learned from Formula 1," said Prof Elliott.

The single A4 sheet of paper, which contained the flow diagram of Ferrari's pit procedure, became several pages of twice that size when Mr Stepney and his colleagues at Ferrari were confronted with the critical transfer from operating theatre to recovery room at Great Ormond Street.
collaboration  cross-discipline  surgery  formula-1  mclaren  pitstops  cardiac 
7 weeks ago
Why Love Generative Art?
Or as jwz put it, a brief history of generative art
art  generative-art  computer-art  algorithms  graphics  via:jwz 
7 weeks ago
Fixing Slow Macbook WIFI Reconnect after sleep – airbag moments
A command line hack to fix the common Macbook wifi problem where wifi won't reconnect after opening the lid without a manual reconnect
wifi  macbooks  mbp  hardware  apple  hacks  cli  sleep 
7 weeks ago
Russian Trolls Used Vaccine Debate to Sow Discord, Study Finds - The New York Times
But instead of picking a side, researchers said, the trolls and bots they programmed hurled insults at both pro- and anti-vaccine advocates. Their only intent, the study concluded, seemed to be to raise the level of hostility.

“You see this pattern,” said David A. Broniatowski, a computer engineer at George Washington University and lead author of the study, which was published Thursday in the American Journal of Public Health. “On guns, or race, these accounts take opposite sides in lots of debates. They’re about sowing discord.”


So the Russian strategy is basically more of a "Hail Eris" than a "Hail Mary"?
russia  trolls  discord  vaccination  health  internet 
7 weeks ago
"Aungier Street -- Revitalising a Historic Neighbourhood"
interesting doc from 2013 from Dublin City Council describing the Aungier St / Stephen St / South Great Georges' Street neighbourhood of D2/D8, covering the archaeological digs next door to the Swrve office
d2  d8  dublin  history  archaeology  aungier-street 
7 weeks ago
The Great Chinese Art Heist
Liu seems ambivalent toward the plight of burgled museums, especially a place like the Fontainebleau, which he says holds more looted Chinese art than any other institution on earth and advertises the collection's origins as plunder from the sacking of the Old Summer Palace. “Displaying these objects in European museums is like a theft itself—they're just showing it off without concern,” Liu said. “I know that we won't get everything back in my lifetime,” he continued. “We will never give up, we will never stop—no matter the effort. We need [the Chinese] people to see that everything that belonged to us is coming back.”


It's very hard to feel sympathy for the European museums, to be honest....
art  crime  antiquities  heritage  patrimony  china  asia  colonialism  repatriation 
7 weeks ago
One in five genetics papers contains errors thanks to Microsoft Excel | Science | AAAS
'Autoformatting in Microsoft Excel has caused many a headache — but now, a new study shows that one in five genetics papers in top scientific journals contains errors from the program, The Washington Post reports. The errors often arose when gene names in a spreadsheet were automatically changed to calendar dates or numerical values.'
science  microsoft  excel  spreadsheets  autoformatting  clippy  fail  papers  genetics 
7 weeks ago
spotify/dockerfile-maven: A set of Maven tools for dealing with Dockerfiles
'a Maven plugin and extension which help to seamlessly integrate Docker with Maven. The design goals are:

Don't try to do anything fancy. Dockerfiles are how you build Docker projects; that's what this plugin uses. They are mandatory.

Make the Docker build process integrate with the Maven build process. If you bind the default phases, when you type mvn package, you get a Docker image. When you type mvn deploy, your image gets pushed.

Make the goals remember what you are doing. You can type mvn dockerfile:build and later mvn dockerfile:tag and later mvn dockerfile:push without problems. This also eliminates the need for something like mvn dockerfile:build -DalsoPush; instead you can just say mvn dockerfile:build dockerfile:push.

Integrate with the Maven build reactor. You can depend on the Docker image of one project in another project, and Maven will build the projects in the correct order. This is useful when you want to run integration tests involving multiple services.'

Looks very nice and well-run -- shame it's Maven instead of Gradle...
java  docker  maven  build  coding  packaging 
8 weeks ago
Filter before you parse: faster analytics on raw data with Sparser
Super fast JSON parsing. Has some interesting similarities to some code I wrote in SpamAssassin, as it turns out!
json  parsing  performance  coding  algorithms 
8 weeks ago
The BARR-C:2018 Embedded C Coding Standard
'Barr Group's Embedded C Coding Standard was developed to minimize bugs in firmware by focusing on practical rules that keep bugs out--while also improving the maintainability and portability of embedded software. The coding standard details a set of guiding principles as well as specific naming conventions and other rules for the use of data types, functions, preprocessor macros, variables and much more. Individual rules that have been demonstrated to reduce or eliminate certain types of bugs are highlighted. In this latest version, BARR-C:2018, the stylistic coding rules have been fully harmonized with MISRA C: 2012, while helping embedded system designers reduce defects in firmware written in C and C++.'
embedded  c  coding  standards  style-guides  misra  c++ 
9 weeks ago
Nosferatu is only viewable today due to piracy
'In 1922 a German court ordered all prints and negatives of Nosferatu destroyed following a copyright dispute with the widow of Bram Stoker. The film only exists today because of piracy. One copy survived and somehow found it's way to America, where Dracula was already in the public domain. That's it. That's the only reason you've ever seen the granddaddy of all horror movies.'
dracula  bram-stoker  nosferatu  piracy  licensing  movies  history 
9 weeks ago
Hacker Finds Hidden 'God Mode' on Old VIA C3 x86 CPUs
Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents. He found one — US8341419 — that mentioned jumping from ring 3 to ring 0 and protecting the machine from exploits of model-specific registers (MSRs), manufacturer-created commands that are often limited to certain chipsets.

Domas followed the "trail of breadcrumbs," as he put it, from one patent to another and figured out that certain VIA chipsets were covered by the patents. Then he collected many old VIA C3 machines and spent weeks fuzzing code.

He even built a testing rig consisting of seven Nehemiah-based thin clients hooked up to a power relay that would power-cycle the machines every couple of minutes, because his fuzzing attempts would usually crash the systems. After three weeks, he had 15 GB of log data — and the instructions to flip on the backdoor in the hidden RISC chip.

(via Nelson)
cpu  via  x86  fuzzing  security  nehemiah  via:nelson 
9 weeks ago
Anatomy of a tabloid Fortnite front page story
Interesting writeup of how the UK tabloids concoct their scare stories, rustling up "victims" and paying them and their agents fees of thousands of pounds
fortnite  pokemon-go  gaming  tabloids  uk  newspapers  truth  the-sun  games 
9 weeks ago
People Think This Whole QAnon Conspiracy Theory Is A Prank On Trump Supporters
This, if true, is the most gloriously Discordian thing ever.
"Let us take for granted, for a while, that QAnon started as a prank in order to trigger right-wing weirdos and have a laugh at them. There's no doubt it has long become something very different. At a certain level it still sounds like a prank. But who's pulling it on whom?" they [Roberto Bui, Giovanni Cattabriga, and Federico Guglielmi] said.
q  conspiracy  politics  trump  qanon  luther-blissett  discordianism  wu-ming  funny  crazy 
9 weeks ago
ncw/rclone
"rsync for cloud storage" - Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files
backup  github  sync  cloud  s3  storage  rsync  rclone  google  aws  dropbox  backblaze  yandex  onedrive 
9 weeks ago
Fonez - Pre-owned Phones
Galway-based refurb phone retailer, recommended by co-worker Ciaran where he picked up his Pixel
phones  ireland  shopping  mobile 
9 weeks ago
How I gained commit access to Homebrew in 30 minutes
If I were a malicious actor, I could have made a small, likely unnoticed change to the openssl formulae, placing a backdoor on any machine that installed it.

If I can gain access to commit in 30 minutes, what could a nation state with dedicated resources achieve against a team of 17 volunteers? How many private company networks could be accessed? How many of these could be used to escalate to large scale data breaches? What other package management systems have similar weaknesses?

This is my growing concern, and it’s been proven time and time again that package managers, and credential leaks, are a weak point in the security of the internet, and that supply chain attacks are a real and persistent threat. This is not a weakness in Homebrew, but rather a systemic problem in the industry, and one where we need more security research.
homebrew  github  security  jenkins  credentials  scary 
9 weeks ago
Humanitarian OpenStreetMap Team | Fast, Powerful, and Practical: New Technology for Aerial Imagery in Disaster Response
Aerial imagery can play an important role in disaster response operations, enabling response teams to identify and prioritize hardest-hit areas, conduct damage assessments, and plan response activities. Existing tools make this relatively easy in connected environments; users can browse high-resolution satellite imagery catalogs and download the relevant imagery, and can process drone imagery using online tools. Current solutions don’t work well in disconnected environments, however. Even offline tools lack the storage space and processing power to be effective for addressing large areas.

This blog post shows how rugged, portable Amazon Web Services (AWS) servers can be turned into a kit that’s mega-powerful, deployable, and purpose-built for post-disaster imagery operations. This can help humanitarians and government agencies to more accurately and efficiently conduct damage assessments and identify hardest-hit areas, potentially making a real difference in the aftermath of a natural disaster.
snowball  aws  humanitarian  emergency-response  osm  openstreetmap  mapping  aid  disasters 
july 2018
"Haskell is very simple"
niftierideology on twitter:
Haskell is very simple. Everything is composed of Functads which are themselves a Tormund of Gurmoids, usually defined over the Devons. All you have to do is stick one Devon inside a Tormund and it yields Reverse Functads (Actually Functoids) you use to generate Unbound Gurmoids.
haskell  functors  functads  tormund-of-gurmoids  jargon  funny  satire  coding  languages 
july 2018
15 Key Takeaways from the Serverless Talk at AWS Startup Day
Best current practices for AWS Lambda usage. (still pretty messy/hacky/Rube-Goldberg-y from the looks of it tbh)
aws  lambda  serverless  ops  hacks  amazon 
july 2018
« earlier      
abuse ads ai algorithms amazon analytics android anti-spam apache apple apps architecture art automation aws banking big-data bitcoin books bugs build business cars cassandra censorship children china cli coding compression concurrency containers copyright crime crypto culture cycling data data-protection data-structures databases dataviz debugging deployment design devops distcomp distributed dns docker driving dublin ec2 email eu europe exploits facebook fail false-positives fault-tolerance filesharing filtering food fraud funny future games gaming gc gchq git github go google government graphics hacking hacks hadoop hardware hashing health history home http https images internet ios ip iphone ireland isps java javascript journalism jvm kafka kids lambda languages latency law legal libraries life linux load-balancing logging machine-learning malware mapping maps medicine memory metrics microsoft ml mobile money monitoring movies mp3 music mysql netflix network networking news nosql nsa open-source ops optimization outages packaging papers patents pdf performance phones photos piracy politics presentations privacy programming protocols python recipes redis reliability replication research ruby russia s3 safety scala scalability scaling scams science search security shopping silicon-valley slides snooping social-media society software space spam sql ssl startups statistics storage streaming surveillance swpats sysadmin tcp tech technology testing time tips tls tools travel tuning tv twitter ui uk unix us-politics via:fanf via:nelson video web wifi work youtube

Copy this bookmark:



description:


tags: