5282
httpbin(1): HTTP Client Testing Service
Testing an HTTP Library can become difficult sometimes. RequestBin is fantastic for testing POST requests, but doesn't let you control the response. This exists to cover all kinds of HTTP scenarios. Additional endpoints are being considered.
http  httpbin  networking  testing  web  coding  hacks 
september 2015
Evolution of Babbel’s data pipeline on AWS: from SQS to Kinesis
Good "here's how we found it" blog post:

Our new data pipeline with Kinesis in place allows us to plug new consumers without causing any damage to the current system, so it’s possible to rewrite all Queue Workers one by one and replace them with Kinesis Workers. In general, the transition to Kinesis was smooth and there were not so tricky parts.
Another outcome was significantly reduced costs – handling almost the same amount of data as SQS, Kinesis appeared to be many times cheaper than SQS.
aws  kinesis  kafka  streaming  data-pipelines  streams  sqs  queues  architecture  kcl 
september 2015
Stormpot
an object pooling library for Java. Use it to recycle objects that are expensive to create. The library will take care of creating and destroying your objects in the background. Stormpot is very mature, is used in production, and has done over a trillion claim-release cycles in testing. It is faster and scales better than any competing pool.


Apache-licensed, and extremely fast: https://medium.com/@chrisvest/released-stormpot-2-4-eeab4aec86d0
java  stormpot  object-pooling  object-pools  pools  allocation  gc  open-source  apache  performance 
september 2015
‘I wish to register a complaint’: know your consumer rights before the fight
Conor Pope on the basics of consumer law -- and how to complain -- in Ireland
consumer  ireland  irish-times  articles  law 
september 2015
The Pixel Factory
amazing slideshow/WebGL demo talking about graphics programming, its maths, and GPUs
maths  graphics  webgl  demos  coding  algorithms  slides  tflops  gpus 
september 2015
The Alternative Universe Of Soviet Arcade Games
Unlike machines in the West, every single machine that was produced during Soviet-era Russia had to align with Marxist ideology. [...] The most popular games were created to teach hand-eye coordination, reaction speed, and logical, focused thinking. Not unlike many American games, these games were influenced by military training, crafted to teach and instill patriotism for the state by making the human body better, stronger, and more willful. It also means no high scores, no adrenaline rushes, or self-serving feather-fluffing as you add your hard-earned initials to the list of the best. In Communist Russia, there was no overt competition.
high-scores  communism  russia  cccp  ussr  arcade-games  games  history 
september 2015
You're probably wrong about caching
Excellent cut-out-and-keep guide to why you should add a caching layer. I've been following this practice for the past few years, after I realised that #6 (recovering from a failed cache is hard) is a killer -- I've seen a few large-scale outages where a production system had gained enough scale that it required a cache to operate, and once that cache was damaged, bringing the system back online required a painful rewarming protocol. Better to design for the non-cached case if possible.
architecture  caching  coding  design  caches  ops  production  scalability 
september 2015
Large Java HashMap performance overview
Large HashMap overview: JDK, FastUtil, Goldman Sachs, HPPC, Koloboke, Trove – January 2015 version
java  performance  hashmap  hashmaps  optimization  fastutil  hppc  jdk  koloboke  trove  data-structures 
september 2015
what3emojis?
Is it too late to replace Eircode?
Addresses are hard. Who can remember street addresses or latitude/longitude pairs? You could do much better with three totally random English words, but then there’s that pesky language barrier. No system is perfect, except for emoji.
eircode  maps  parody  via:nelson  location  geocoding  mapping  pile-of-poo 
september 2015
Diffy: Testing services without writing tests
Play requests against 2 versions of a service. A fair bit more complex than simply replaying logged requests, which took 10 lines of a shell script last time I did it
http  testing  thrift  automation  twitter  diffy  diff  soa  tests 
september 2015
Spot Bid Advisor
analyzes Spot price history to help you determine a bid price that suits your needs.
ec2  aws  spot  spot-instances  history 
september 2015
Algorithmist
The Algorithmist is a resource dedicated to anything algorithms - from the practical realm, to the theoretical realm. There are also links and explanation to problemsets.


A wiki for algorithms. Not sure if this is likely to improve on Wikipedia, which of course covers the same subject matter quite well, though
algorithms  reference  wikis  coding  data-structures 
september 2015
Gmail supports animated emoji in e-mail subjects
Currently only used in spam, naturally. (via Hilary Mason)
spam  gmail  animation  gif  base64  emojis  goomojis 
september 2015
S3QL
a file system that stores all its data online using storage services like Google Storage, Amazon S3, or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X.
S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. Furthermore, S3QL has additional features like compression, encryption, data de-duplication, immutable trees and snapshotting which make it especially suitable for online backup and archival.
S3QL is designed to favor simplicity and elegance over performance and feature-creep. Care has been taken to make the source code as readable and serviceable as possible. Solid error detection and error handling have been included from the very first line, and S3QL comes with extensive automated test cases for all its components.
filesystems  aws  s3  storage  unix  google-storage  openstack 
september 2015
GoTTY
'a simple command line tool that turns your CLI tools into web applications'
cli  terminal  web  tools  unix 
september 2015
Malware infecting jailbroken iPhones stole 225,000 Apple account logins | Ars Technica

KeyRaider, as the malware family has been dubbed, is distributed through a third-party repository of Cydia, which markets itself as an alternative to Apple's official App Store. Malicious code surreptitiously included with Cydia apps is creating problems for people in China and at least 17 other countries, including France, Russia, Japan, and the UK. Not only has it pilfered account data for 225,941 Apple accounts, it has also disabled some infected phones until users pay a ransom, and it has made unauthorized charges against some victims' accounts.


Ouch. Not a good sign for Cydia
cydia  apple  security  exploits  jailbreaking  ios  iphone  malware  keyraider  china 
september 2015
Using Samsung's Internet-Enabled Refrigerator for Man-in-the-Middle Attacks
Whilst the fridge implements SSL, it FAILS to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. This includes those made to Google's servers to download Gmail calendar information for the on-screen display. So, MITM the victim's fridge from next door, or on the road outside and you can potentially steal their Google credentials.


The Internet of Insecure Things strikes again.
iot  security  fridges  samsung  fail  mitm  ssl  tls  google  papers  defcon 
september 2015
What Are the Worst Airports in the World?
this is a great resource when picking a stopover for a 2-stop flight. Pity "best kids play area" isn't a criterion
airports  comparison  via:boingboing  flying  travel  ranking  world  skytrax 
september 2015
Scaling Analytics at Amplitude
Good blog post on Amplitude's lambda architecture setup, based on S3 and a custom "real-time set database" they wrote themselves.

antirez' comment from a Redis angle on the set database: http://antirez.com/news/92

HN thread: https://news.ycombinator.com/item?id=10118413
lambda-architecture  analytics  via:hn  redis  set-storage  storage  databases  architecture  s3  realtime 
august 2015
What does it take to make Google work at scale? [slides]
50-slide summary of Google's stack, compared vs Facebook, Yahoo!, and open-source-land, with the odd interesting architectural insight
google  architecture  slides  scalability  bigtable  spanner  facebook  gfs  storage 
august 2015
3 Lessons From The Amazon Takedown - Fortune
They are: The leaders we admire aren’t always that admirable; Economic performance and costs trump employee well-being; and people participate in and rationalize their own subjugation.

'In the end, “Amazonians” are not that different from other people in their psychological dynamics. Their company is just a more extreme case of what many other organizations regularly do. And most importantly, let’s locate the problem, if there is one, and its solution where it most appropriately belongs—not with a CEO who is greatly admired (and wealthy beyond measure) running a highly admired company, but with a society where money trumps human well-being and where any price, maybe even lives, is paid for status and success.'

(via Lean)
amazon  work  work-life-balance  life  us  fortune  via:ldoody  ceos  employment  happiness 
august 2015
Beoir.org Community - Recent Attack on McGargles
bizarre conspiracy theory going around about McGargles microbrewery being owned by Molson in an "astroturf craft beer" operation -- they apparently were set up by a bunch of ex-Molson employees. Their beer is getting stickered in off-licenses. Mental!
beer  craft-beer  ireland  mcgargles  conspiracy-theories  bizarre  beoir 
august 2015
Vegemite May Power The Electronics Of The Future
Professor Marc in het Panhuis at the ARC Centre of Excellence for Electromaterials Science figured out that you can 3D print the paste and use it to carry current, effectively creating Vegemite bio-wires. What does this mean? Soon you can run electricity through your food. “The iconic Australian Vegemite is ideal for 3D printing edible electronics,” said the professor. “It contains water so it’s not a solid and can easily be extruded using a 3D printer. Also, it’s salty, so it conducts electricity.”


I'm sure the same applies for Marmite...
vegemite  marmite  3d-printing  electronics  bread  food  silly 
august 2015
London Calling: Two-Factor Authentication Phishing From Iran
some rather rudimentary anti-2FA attempts, presumably from Iranian security services
authentication  phishing  security  iran  activism  2fa  mfa 
august 2015
grsecurity
Open source security team has had enough of embedded-systems vendors taking the piss with licensing:
This announcement is our public statement that we've had enough. Companies in the embedded industry not playing by the same rules as every other company using our software violates users' rights, misleads users and developers, and harms our ability to continue our work. Though I've only gone into depth in this announcement on the latest trademark violation against us, our experience with two GPL violations over the previous year have caused an incredible amount of frustration. These concerns are echoed by the complaints of many others about the treatment of the GPL by the embedded Linux industry in particular over many years.

With that in mind, today's announcement is concerned with the future availability of our stable series of patches. We decided that it is unfair to our sponsors that the above mentioned unlawful players can get away with their activity. Therefore, two weeks from now, we will cease the public dissemination of the stable series and will make it available to sponsors only. The test series, unfit in our view for production use, will however continue to be available to the public to avoid impact to the Gentoo Hardened and Arch Linux communities. If this does not resolve the issue, despite strong indications that it will have a large impact, we may need to resort to a policy similar to Red Hat's, described here or eventually stop the stable series entirely as it will be an unsustainable development model.
culture  gpl  linux  opensource  security  grsecurity  via:nelson  gentoo  arch-linux  gnu 
august 2015
toxy
toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions. It was mainly designed for fuzzing/evil testing purposes, when toxy becomes particularly useful to cover fault tolerance and resiliency capabilities of a system, especially in service-oriented architectures, where toxy may act as intermediate proxy among services.

toxy allows you to plug in poisons, optionally filtered by rules, which essentially can intercept and alter the HTTP flow as you need, performing multiple evil actions in the middle of that process, such as limiting the bandwidth, delaying TCP packets, injecting network jitter latency or replying with a custom error or status code.
toxy  proxies  proxy  http  mitm  node.js  soa  network  failures  latency  slowdown  jitter  bandwidth  tcp 
august 2015
Chinese scammers are now using Stingray tech to SMS-phish
A Stingray-style false GSM base station, hidden in a backpack; presumably they detect numbers in the vicinity, and SMS-spam those numbers with phishing messages. Reportedly the scammers used this trick in "Guangzhou, Zhuhai, Shenzhen, Changsha, Wuhan, Zhengzhou and other densely populated cities".

Dodgy machine translation:
March 26, Zhengzhou police telecommunications fraud cases together, for the first time seized a small backpack can hide pseudo station equipment, and arrested two suspects. Yesterday, the police informed of this case, to remind the general public to pay attention to prevention.

“I am the landlord, I changed number, please rent my wife hit the bank card, card number ×××, username ××.” Recently, Jiefang Road, Zhengzhou City Public Security Bureau police station received a number of cases for investigation brigade area of ​​the masses police said, frequently received similar phone scam messages. Alarm, the police investigators to determine: the suspect may be in the vicinity of twenty-seven square, large-scale use of mobile pseudo-base release fraudulent information. [...]

Yesterday afternoon, the Jiefang Road police station, the reporter saw the portable pseudo-base is made up of two batteries, a set-top box the size of the antenna box and a chassis, as well as a pocket computer composed together at most 5 kg.


(via t byfield and Danny O'Brien)
via:mala  via:tbyfield  privacy  scams  phishing  sms  gsm  stingray  base-stations  mobile  china 
august 2015
Mining High-Speed Data Streams: The Hoeffding Tree Algorithm
This paper proposes a decision tree learner for data streams, the Hoeffding Tree algorithm, which comes with the guarantee that the learned decision tree is asymptotically nearly identical to that of a non-incremental learner using infinitely many examples. This work constitutes a significant step in developing methodology suitable for modern ‘big data’ challenges and has initiated a lot of follow-up research. The Hoeffding Tree algorithm has been covered in various textbooks and is available in several public domain tools, including the WEKA Data Mining platform.
hoeffding-tree  algorithms  data-structures  streaming  streams  cep  decision-trees  ml  learning  papers 
august 2015
Docker image creation, tagging and traceability in Shippable
this is starting to look quite impressive as a well-integrated Docker-meets-CI model; Shippable is basing its builds off Docker baselines and is automatically cutting Docker images of the post-CI stage. Must take another look
shippable  docker  ci  ops  dev  continuous-integration 
august 2015
Sorting out graph processing
Some nice real-world experimentation around large-scale data processing in differential dataflow:
If you wanted to do an iterative graph computation like PageRank, it would literally be faster to sort the edges from scratch each and every iteration, than to use unsorted edges. If you want to do graph computation, please sort your edges.

Actually, you know what: if you want to do any big data computation, please sort your records. Stop talking sass about how Hadoop sorts things it doesn't need to, read some papers, run some tests, and then sort your damned data. Or at least run faster than me when I sort your data for you.
algorithms  graphs  coding  data-processing  big-data  differential-dataflow  radix-sort  sorting  x-stream  counting-sort  pagerank 
august 2015
Non-Celiac Gluten Sensitivity May Not Exist
The data clearly indicated that a nocebo effect, the same reaction that prompts some people to get sick from wind turbines and wireless internet, was at work here. Patients reported gastrointestinal distress without any apparent physical cause. Gluten wasn't the culprit; the cause was likely psychological. Participants expected the diets to make them sick, and so they did.
gluten  placebo  nocebo  food  science  health  diet  gluten-free  fodmaps 
august 2015
Miller
'like sed, awk, cut, join, and sort for name-indexed data such as CSV'


Written in "modern C" with zero runtime dependencies. Looks great
cli  csv  unix  miller  tsv  data  tools 
august 2015
My wife found my email in the Ashley Madison database
On misdirected emails and the potential side-effects:
The reasons why these people give out my email instead of one that they can access have always been a bit mysterious to me. It’s one thing to save yourself some spam by using a throwaway address. But why use someone else’s for correspondence you actually want to receive? The closest I’ve come to a working theory is that a lot of them, having been slow off the mark to obtain their own gmail, have addresses like eratliff75@gmail.com. Either they believe they can leave off the numbers and receive the messages anyway, or they often simply forget. That or the E. Ratliffs of the world just view eratliff@gmail.com as some kind of shared resource.
email  mail  ashley-madison  gmail  mistakes  misdirected-email 
august 2015
Analysis of PS4's security and the state of hacking
FreeBSD jails and Return-Oriented Programming:
Think of [Return-Oriented Programming] as writing a new chapter to a book, using only words that have appeared at the end of sentences in the previous chapters.
ps4  freebsd  jails  security  exploits  hacking  sony  rop  return-oriented-programming 
august 2015
How gaming terminology is part of modern mainstream Chinese slang
A few years ago, my mom called to ask for my advice on webcams. She explained (in the English-peppered Chinese that's the official language of our Chinese-American household) that some of her friends had started sharing videos of themselves singing karaoke. She thought she could do better. "我想给她们PK一下," she remarked: "I want to PK them a little."
china  language  gaming  pk 
august 2015
How your entire financial life will be stored in a new 'digital vault' - Telegraph
In a move to make it easier to open bank accounts and Isas, people will be asked to share all of their accounts, tax records and personal details with a central service.
To check someone's identity, a company would then ask potential customers a series of questions and check the answers against the information in the vault. The checks would replace the current system in which new customers must send by post copies of their passports, cross-signed by a friend, along with bank statements and utility bills.


hahahaha NO FUCKING WAY.
bills  banking  uk  tax  privacy  digital-vault  accounts  authentication  identity-theft  bad-ideas 
august 2015
Call me Maybe: Chronos
Chronos (the Mesos distributed scheduler) comes out looking pretty crappy here
aphyr  mesos  chronos  cron  scheduling  outages  ops  jepsen  testing  partitions  cap 
august 2015
buildfarm_deployment/cleanup_docker_images.py
Cleanup old/obsolete Docker images in a repo.
disk-space  ops  docker  cleanup  cron 
august 2015
rwasa
our full-featured, high performance, scalable web server designed to compete with the likes of nginx. It has been built from the ground-up with no external library dependencies entirely in x86_64 assembly language, and is the result of many years' experience with high volume web environments. In addition to all of the common things you'd expect a modern web server to do, we also include assembly language function hooks ready-made to facilitate Rapid Web Application Server (in Assembler) development.
assembly  http  performance  https  ssl  x86_64  web  ops  rwasa  tls 
august 2015
Recommender Systems (Machine Learning Summer School 2014 @ CMU)
Extremely authoritative slide deck on building a recommendation system, from Xavier Amatriain, Research/Engineering Manager at Netflix
netflix  recommendations  recommenders  ml  machine-learning  cmu  clustering  algorithms 
august 2015
The reusable holdout: Preserving validity in adaptive data analysis
Useful stats hack from Google: "We show how to safely reuse a holdout data set many times to validate the results of adaptively chosen analyses."
statistics  google  reusable-holdout  training  ml  machine-learning  data-analysis  holdout  corpus  sampling 
august 2015
Food Blogger Mehreen And Anges De Sucre's Patisserie Owner Reshmi Bennett In Online War Over #BloggerBlackmail
I can't believe this is the state of food blogging in the UK and Ireland. full-on payola for reviews. See also @damienmulley's excellent rant on the subject in this country: https://twitter.com/damienmulley/status/633353368757497858 -- there's even rate cards for positive review tweets/posts/facebook updates etc.
food  blogging  restaurants  uk  bakeries  reviews  payola  blogger-blackmail  pr 
august 2015
Someone discovered that the Facebook iOS application is composed of over 18,000 classes. : programming
_FBGraphQLConnectionStorePersistentPageLoaderOperationDelegate-Protocol.h
_FBReactionAcornSportsContentSettingsSetShouldNotPushNotificationsMutationCall.h
FBBoostedComponentCreateInputDataCreativeObjectStorySpecLinkDataCallToActionValue.h
FBEventUpdateNotificationSubscriptionLevelMutationOptimisticPayloadFactoryProtocol-Protocol.h


I just threw up a little.

See also https://www.facebook.com/notes/facebook-engineering/under-the-hood-dalvik-patch-for-facebook-for-android/10151345597798920 , in which the FB Android devs happily reveal that they hot-patch the Dalvik VM at runtime to work around a limit -- rather than refactoring their app.
facebook  horrors  coding  ios  android  dalvik  hot-patching  apps 
august 2015
GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies
Holy shit.
Air-gapped networks are isolated, separated both logically and physically from public networks. Although the feasibility of invading such systems has been demonstrated in recent years, exfiltration of data from air-gapped networks is still a challenging task. In this paper we present GSMem, a malware that can exfiltrate data through an air-gap over cellular frequencies. Rogue software on an infected target computer modulates and transmits electromagnetic signals at cellular frequencies by invoking specific memory-related instructions and utilizing the multichannel memory architecture to amplify the transmission. Furthermore, we show that the transmitted signals can be received and demodulated by a rootkit placed in the baseband firmware of a nearby cellular phone.
gsmem  gsm  exfiltration  air-gaps  memory  radio  mobile-phones  security  papers 
august 2015
What the hell is going on with SoundCloud?
tl;dr: major labels.
Despite having revenue coming in from ads and subscriptions, SoundCloud still relies on outside investment. While the company received $150 million in a funding round at the end of last year, it pales next to the reported $526 million Spotify gained in June, and if one report is to be believed, SoundCloud is running very low on cash. Furthermore, sources suggest that potential investors are waiting to see what happens with Sony and Universal before ploughing in more money. With the high sums reported to be involved, it’s a stalemate that could potentially break the company whether it decides to pay or not.
soundcloud  music  mp3  copyright  sony  universal  spotify  funding  startups 
august 2015
The world beyond batch: Streaming 101 - O'Reilly Media
To summarize, in this post I’ve:

Clarified terminology, specifically narrowing the definition of “streaming” to apply to execution engines only, while using more descriptive terms like unbounded data and approximate/speculative results for distinct concepts often categorized under the “streaming” umbrella.

Assessed the relative capabilities of well-designed batch and streaming systems, positing that streaming is in fact a strict superset of batch, and that notions like the Lambda Architecture, which are predicated on streaming being inferior to batch, are destined for retirement as streaming systems mature.

Proposed two high-level concepts necessary for streaming systems to both catch up to and ultimately surpass batch, those being correctness and tools for reasoning about time, respectively.

Established the important differences between event time and processing time, characterized the difficulties those differences impose when analyzing data in the context of when they occurred, and proposed a shift in approach away from notions of completeness and toward simply adapting to changes in data over time.

Looked at the major data processing approaches in common use today for bounded and unbounded data, via both batch and streaming engines, roughly categorizing the unbounded approaches into: time-agnostic, approximation, windowing by processing time, and windowing by event time.
streaming  batch  big-data  lambda-architecture  dataflow  event-processing  cep  millwheel  data  data-processing 
august 2015
minimaxir/big-list-of-naughty-strings
Late to this one -- a nice list of bad input (Unicode zero-width spaces, etc) for testing
testing  strings  text  data  unicode  utf-8  tests  input  corrupt 
august 2015
Sweary Australian Mountains
This is great. Featuring Mount Buggery:
There were no tracks of any sort until they reached Mt Howitt and Stewart, perhaps not quite as fit as he could have been, was finding the going tough after the descent from Mt Speculation. Faced with the prospect of yet another laborious climb he exploded with the words 'What another bugger! I'll call this mountain Mt Buggery.'


and Mount Arsehole:
"We always called it Mt Arsehole... Then they came along with all their fancy bloody maps and ideas. Changed it to Mt Arthur. Christ knows why. Bastard of a place anyway!"
swearing  australia  mount-buggery  mount-arsehole  nsw  victoria  places  history  names  mountains 
august 2015
Preventing Dependency Chain Attacks in Maven
using a whitelist of allowed dependency JARs and their SHAs
security  whitelisting  dependencies  coding  jar  maven  java  jvm 
august 2015
Somewhere Over the Rainbow: How to Make Effective Use of Colors in Meteorological Visualizations
Linked from the "Improving the Weather On Twitter" post -- choosing the "best" colour scheme for meteorological visualization. Great dataviz resource post
dataviz  colour  color  meteorological  weather  nws  papers  rgb  hcl 
august 2015
Improving The Weather On Twitter
lovely open-source dataviz improvement for near-term historical rainfall-radar images
dataviz  weather  rain  rainfall  radar  nws  twitter  bots  graphics  ui 
august 2015
The Travis CI Blog: Making Travis CI a Family-Friendly Place to Work: Our Maternity and Paternity Leave for US Employees
This is excellent -- I wish more companies took this attitude. Applause for Travis CI.
after a couple of weeks of research, we made a decision to offer our expectant mothers AND fathers:

2 weeks before the due date paid at 100% (optional, but recommended);
20 weeks for normal births paid at 100%;
24 weeks for births with complications paid at 100%;
Flexible working hours after the 20/24 weeks are complete (part-time arrangements can be made);
Your job will be here for you when you return.

When we relayed this information to the two US employees, one became a little teary because her last employer (a much bigger and older company), didn't offer anything. This being her second child, it was a huge relief to know she was going to have paid time off with flexibility upon return. While it was a great reaction, it shouldn't happen this way. If you value your employees, you should value their need for time away. At the same time, if you want to hire someone, whether or not they are already pregnant should be irrelevant.


Well exceeding even the Irish maternity leave entitlements, since it covers fathers too. And this is a startup!
travisci  startups  work  life  family  kids  paternity-leave  maternity-leave 
august 2015
Care.data and access to UK health records: patient privacy and public trust
'In 2013, the United Kingdom launched care.data, an NHS England initiative to combine patient records, stored in the machines of general practitioners (GPs), with information from social services and hospitals to make one centralized data archive. One aim of the initiative is to gain a picture of the care being delivered between different parts of the healthcare system and thus identify what is working in health care delivery, and what areas need greater attention and resources. This case study analyzes the complications around the launch of care.data. It explains the historical context of the program and the controversies that emerged in the course of the rollout. It explores problems in management and communications around the centralization effort, competing views on the safety of “anonymous” and “pseudonymous” health data, and the conflicting legal duties imposed on GPs with the introduction of the 2012 Health and Social Care Act. This paper also explores the power struggles in the battle over care.data and outlines the tensions among various stakeholders, including patients, GPs, the Health and Social Care Information Centre (HSCIC), the government, privacy experts and data purchasers. The predominant public policy question that emerges from this review centers on how best to utilize technological advances and simultaneously strike a balance between the many competing interests around health and personal privacy.'
care.data  privacy  healthcare  uk  nhs  trust  anonymity  anonymization  gps  medicine 
august 2015
background doc on the Jeep hack
"Remote Exploitation of an Unaltered Passenger Vehicle", by Dr. Charlie Miller (cmiller@openrce.org) and Chris Valasek (cvalasek@gmail.com). QNX, unauthenticated D-Bus, etc.

'Since a vehicle can scan for other vulnerable vehicles and the exploit doesn’t require any user interaction, it would be possible to write a worm. This worm would scan for vulnerable vehicles, exploit them with their payload which would scan for other vulnerable vehicles, etc. This is really interesting and scary. Please don’t do this. Please.'
jeep  hacks  exploits  d-bus  qnx  cars  safety  risks 
august 2015
Amazon EC2 2015 Benchmark: Testing Speeds Between AWS EC2 and S3 Regions
Here we are again, a year later, and still no bloody percentiles! Just amateurish averaging. This is not how you measure anything, ffs. Still, better than nothing I suppose
fail  latency  measurement  aws  ec2  percentiles  s3 
august 2015
Reddit comments from a nuclear-power expert
Reddit user "Hiddencamper" is a senior nuclear reactor operator in the US, and regularly posts very knowledgeable comments about reactor operations, safety procedures, and other details. It's fascinating (via Maciej)
via:maciej  nuclear-power  nuclear  atomic  power  energy  safety  procedures  operations  history  chernobyl  scram 
august 2015
"A Review Of Criticality Accidents, 2000 Revision"
Authoritative report from LANL on accidents involving runaway nuclear reactions over the years from 1945 to 1999, around the world. Illuminating example of how incident post-mortems are handled in other industries, and (of course) fascinating in its own right
criticality  nuclear  safety  atomic  lanl  post-mortems  postmortems  fission 
august 2015
Advantages of Monolithic Version Control
another Dan Luu post -- good summary of the monorepo's upside
monorepo  git  mercurial  versioning  source-control  coding  dependencies 
august 2015
A collection of postmortems
A well-maintained list with a potted description of each one (via HN)
postmortems  ops  uptime  reliability 
august 2015
How Irish Navy’s expertise saved 367 from 30-second sinking in Mediterranean
War-game exercises saved the day:
As the Ribs made their assessment of the situation and began reassuring those on board that help was at hand, the hopelessly overloaded vessel suddenly listed and sank. The sinking took just over 30 seconds. In those 30 seconds, the Captain of the LE Niamh took a number of instant command decisions that saved hundreds of lives. Most of the refugees cannot swim. Their life expectancy in the water would be measured in seconds.
The crew of the Ribs immediately began throwing orange lifejackets into the water – encouraging the now frenzied and milling survivors to cling to them. Individuals, then groups clung to the lifejackets – and one another – as the Ribs rallied around trying to keep the floating human mass from dispersal into wider waters and almost certain death.
In the meantime, the commander of the LE Niamh managed to manoeuvre close in to the survivors where spare life-rafts were launched into the water. These 25-man inflatable life-rafts were specifically ordered and kept on board the LE Niamh following a “war-gaming” exercise, where the officers and crew envisaged such a nightmare scenario. Had this forward planning not taken place – there would have been no such extra inflatable lifeboats on board.
war-gaming  planning  navy  ireland  mediterranean  sea  boats  refugees  migration  drowning  liferafts 
august 2015
"Hate-Selling"
coining a term for the awful buyer's experience on sites like car-hire or air-travel websites
hate-selling  conversion  marking  upselling  travel  web  consumer 
august 2015
This Is My Jam shutting down
but, crucially, with an Andy-Baio-approved archival process. Nicely done -- this is a good example of how to do it
api  archiving  music  mp3  this-is-my-jam  archival  shutdown 
august 2015
Ironman 70.3 Road Closures
plenty of stuff out of bounds in Dublin tomoz
dublin  races  ironman  roads  traffic 
august 2015
IrishCycle.com on the Irish Times' terrible victim-blaming anti-cycling op-ed
Even if The Irish Times wants to deny that it has engaged in victim blaming at a high level, it has also clearly errored in fact in a very significant way. It would be more forgiving if this was an isolated editorial. But it’s after two days of wrong or misleading coverage, which now seems to be a trend with the newspaper with unbalanced articles or headlines negatively focusing on cycle routes.
irish-times  newspapers  op-eds  cycling  dublin  ireland  safety 
august 2015
Implementing Efficient and Reliable Producers with the Amazon Kinesis Producer Library - AWS Big Data Blog
Good advice on production-quality, decent-scale usage of Kinesis in Java with the official library: batching, retries, partial failures, backoff, and monitoring. (Also, jaysus, the AWS Cloudwatch API is awful, looking at this!)
kpl  aws  kinesis  tips  java  batching  streaming  production  cloudwatch  monitoring  coding 
august 2015
How to get your water tested for lead in Dublin
Ossian has written up this very informative post:
Irish Water is writing to thousands of people living in Dublin this week to warn them that their water is supplied through lead pipes. Irish Water says that most people receiving these letters have a level of lead in their water which is above safe limits. So, if you get one of these letters how do you get your water tested? Irish Water is refusing to supply test kits or to test everyone’s water who asks. However the HSE’s Public Analyst Lab has told me that they will test water for lead for a fee of €10.
ossian-smyth  dun-laoghaire  dublin  drinking-water  water  lead  green  hse  irish-water  health 
august 2015
The Netflix Test Video
Netflix' official test video -- contains various scenarios which exercise frequent tricky edge cases in video compression and playback; A/V sync, shades of black, running water, etc.
networking  netflix  streaming  video  compression  tests 
august 2015
India lifts porn ban after widespread outrage - BBC News
After a brief couple of days.
News of the ban caused a furore on Indian social media, with several senior politicians and members of civil society expressing their opposition to the move. The Indian government said that it was merely complying with the Supreme Court order and was committed to the freedom of communication on the Internet. "I reject with contempt the charge that it is a Talibani government, as being said by some of the critics. Our government supports free media, respects communication on social media and has respected freedom of communication always," Mr Prasad told PTI.
india  porn  filtering  isps  internet  web  child-porn  censorship 
august 2015
8,000 sq ft start-up meeting space revealed for Dublin
Neat. this is a good location for post-work user-group meetups and the like (via Oisin)
via:oisin  meetups  meetings  ulster-bank  dublin  startups  chq 
august 2015
Inside the sad, expensive failure of Google+
"It was clear if you looked at the per user metrics, people weren’t posting, weren't returning and weren’t really engaging with the product," says one former employee. "Six months in, there started to be a feeling that this isn’t really working." Some lay the blame on the top-down structure of the Google+ department and a leadership team that viewed success as the only option for the social network. Failures and disappointing data were not widely discussed. "The belief was that we were always just one weird feature away from the thing taking off," says the same employee.
google  google+  failures  post-mortems  business  facebook  social-media  fail  bureaucracy  vic-gundotra 
august 2015
New study shows Spain’s “Google tax” has been a disaster for publishers
A study commissioned by Spanish publishers has found that a new intellectual property law passed in Spain last year, which charges news aggregators like Google for showing snippets and linking to news stories, has done substantial damage to the Spanish news industry.

In the short-term, the study found, the law will cost publishers €10 million, or about $10.9 million, which would fall disproportionately on smaller publishers. Consumers would experience a smaller variety of content, and the law "impedes the ability of innovation to enter the market." The study concludes that there's no "theoretical or empirical justification" for the fee.
google  news  publishing  google-tax  spain  law  aggregation  snippets  economics 
august 2015
« earlier      later »
abuse ads ai algorithms amazon analytics android anti-spam apache apple apps architecture art automation aws banking big-data bitcoin books bugs build business cars cassandra censorship children china cli coding compression concurrency containers copyright crime crypto culture cycling data data-protection data-structures databases dataviz debugging deployment design devops distcomp distributed dns docker driving dublin ec2 email eu europe exploits facebook fail false-positives filesharing filtering food fraud funny future games gaming gc gchq git github go google government graphics hacking hacks hadoop hardware hashing health history home http https images internet ios ip iphone ireland isps java javascript journalism jvm kafka kids lambda languages latency law legal libraries life linux load-balancing logging machine-learning malware mapping maps medicine memory metrics microsoft ml mobile money monitoring movies mp3 music mysql netflix network networking news nosql nsa open-source ops optimization outages packaging papers patents pdf performance phones photos piracy politics presentations privacy programming protocols python recipes redis reliability replication research ruby russia s3 safety scala scalability scaling scams science search security shopping silicon-valley slides snooping social-media software space spam ssl startups statistics storage streaming surveillance swpats sysadmin tcp tech technology testing time tips tls tools travel tuning tv twitter ui uk unix us-politics via:fanf via:nelson video web wifi work youtube

Copy this bookmark:



description:


tags: