5278
Champagne Mojitos Recipe - John Besh
sounds like a decent party starter:
This puckery drink is prepared with rum and fresh mint like a classic mojito, but New Orleans chef John Besh makes it holiday-worthy by topping it with a splash of Champagne.
cocktails  recipes  champagne  mojito  sugar  water  rum  lime  mint  sparkling-wine 
may 2016
Kodak Had a Secret Nuclear Reactor Loaded With Enriched Uranium Hidden In a Basement
non-proliferation? what's that?
Kodak's purpose for the reactor wasn't sinister: they used it to check materials for impurities as well as neutron radiography testing. The reactor, a Californium Neutron Flux multiplier (CFX) was acquired in 1974 and loaded with three and a half pounds of enriched uranium plates placed around a californium-252 core. The reactor was installed in a closely guarded, two-foot-thick concrete walled underground bunker in the company's headquarters, where it was fed tests using a pneumatic system. According to the company, no employees were ever in contact with the reactor. Apparently, it was operated by atomic fairies and unicorns.
kodak  nuclear  safety  non-proliferation  scary  rochester  reactors 
may 2016
Historic computers look super sexy in this new photo series by Docubyte and Ink
Wow, these look amazing:
The IBM 1401 and Alan Turing’s Pilot ACE (shown below) are among the computers featured in the series by photographer Docubyte and production studio Ink.
ibm  computers  history  tech  docubyte  ink  bletchley-park 
may 2016
In Oracle v. Google, a Nerd Subculture Is on Trial
“The G part stands for GNU?” Alsup asked in disbelief.
“Yes,” said Schwartz on the stand.
“That doesn’t make any sense,” said the 71-year-old Clinton appointee.
law  gnu  gpl  licensing  java  oracle  sun  apis  ip 
may 2016
Key Metrics for Amazon Aurora | AWS Partner Network (APN) Blog
Very DataDog-oriented, but some decent tips on monitorable metrics here
datadog  metrics  aurora  aws  rds  monitoring  ops 
may 2016
World’s first vanity gTLD goes live
".richardli". TLDs are now officially beyond a joke
tld  absurd  fail  gtlds  domains  dns  vanity  richard-li 
may 2016
Social Network Algorithms Are Distorting Reality By Boosting Conspiracy Theories | Co.Exist | ideas + impact
In his 1962 book, The Image: A Guide to Pseudo-Events in America, former Librarian of Congress Daniel J. Boorstin describes a world where our ability to technologically shape reality is so sophisticated, it overcomes reality itself. "We risk being the first people in history," he writes, "to have been able to make their illusions so vivid, so persuasive, so ‘realistic’ that they can live in them."
algorithms  facebook  ethics  filtering  newsfeed  conspiracy-theories  twitter  viral  crazy 
may 2016
Ireland will need referendum to create EU court for patents
omg. Sean "Irish SOPA" Sherlock dealing with the important issues once again -- in this case the bloody "Unified Patent Court"
patents  eu  sean-sherlock  absurd  referenda  ireland  ip 
may 2016
About to leave UPC due to (lack of) port forwarding - Boards.ie
Virgin Media/UPC seem to have silently deployed an IPv6 "carrier-grade NAT" setup called "DS-Lite" -- ie. all customers now get just a routable IPv6 address, and share a small pool of IPv4 NATs. This breaks a multitude of useful services, including UDP IPSec VPNs it seems
udp  vpns  isps  virgin-media  virgin  ireland  ds-lite  ipv6  tunnelling  networking  nat  ipv4 
may 2016
Virgin Media Ireland hate people working from home
What the hell, Virgin?
Section 12: Use of Virtual Private Network (VPN)
As stated above, the Virgin Media Services are for residential use only and we do not support the use of VPN. If we find you are using VPN we may instruct you to stop using it and you must comply with this request. This is in order to prevent problems with our network and other Internet users.
virgin-media  virgin  upc  isps  ireland  teleworking  telecommuting  home  vpns  vpn 
may 2016
CD at LMAX: Testing into Production and Back Again
Chock-full of excellent build/test ideas from LMAX's Continuous Delivery setup. Lots of good ideas to steal
testing  lmax  build  test  continuous-delivery  dev 
may 2016
Open Whisper Systems >> Blog >> Reflections: The ecosystem is moving
Very interesting post on federation vs centralization for new services:
One of the controversial things we did with Signal early on was to build it as an unfederated service. Nothing about any of the protocols we've developed requires centralization; it's entirely possible to build a federated Signal Protocol based messenger, but I no longer believe that it is possible to build a competitive federated messenger at all.
development  encryption  communication  network-effects  federation  signal  ip  protocols  networking  smtp  platforms 
may 2016
Dublin & Wicklow Walks » Family Walks
These are a great selection. Gonna be doing one of these every weekend if possible, now that the 2 year old can just about handle it ;)
wicklow  walking  dublin  nature  family  activities 
may 2016
Chinese censorship: arbitrary rule changes are a form of powerful intermittent reinforcement
China's Internet censors are capricious and impossible to predict -- but this isn't because China's censors are incompetent, rather, they're tapping into one of the most powerful forms of conditioning, the uncertainty born of intermittent reinforcement. [...] As C Custer writes at Tech in Asia, this caprice is by design: by not specifying a set of hard and fast rules, but rather the constant risk of being taken down for crossing some invisible line, China's censors inspire risk-aversion in people who rely on the net to be heard or earn their livings. It's what Singaporeans call "out of bounds," the unspecified realm of things you mustn't, shouldn't or won't want to enter.
risk  risk-aversion  censorship  control  china  politics  enforcement  crime  self-censorship 
may 2016
plainas/tq
command line utility that performs an HTML element selection on HTML content passed to the stdin. Using css selectors that everybody knows. Since input comes from stdin and output is sent to stdout, it can easily be used inside traditional UNIX pipelines to extract content from webpages and html files. tq provides extra formating options such as json-encoding or newlines squashing, so it can play nicely with everyones favourite command line tooling.
tq  linux  unix  cli  command-line  html  parsing  css  tools 
may 2016
Rebel Without A Call.
Purpose-built in 1898, the telephone exchange in Temple Bar was Dublin’s first automatic telephone exchange. Much like its newer neighbor, Internet House, it stood as a technological beacon shining through the luddite fog.

With this in mind the Irish Citizen Army targeted the Telephone Exchange in 1916 as one of the communication hubs for the island. While many of us grew up learning of a history of ‘blood sacrifice’ and the futility of the Easter Rising, the truth is that the attack was meticulously planned both militarily and logistically.

Sixty communication points around Dublin were hit in an effort to cut off all contact between British military forces within Ireland and to the ‘mainland’. The hope being that reserves and reinforcements would be delayed or misinformed.[...] Unfortunately for the rebels they could not take the Temple Bar exchange. A failure that would prove disastrous.
temple-bar  history  dublin  telephones  communications  1916 
may 2016
Apple Stole My Music. No, Seriously.
some amazingly terrible product decisions here. Deleting local copies of unreleased WAV files -- on the assumption that the user will simply listen to them streamed down from Apple Music -- that is astonishingly bad, and it's amazing they didn't consider the "freelance composer" use case at all. (via Tony Finch)
apple  music  terrible  wav  sound  copyright  streaming  apple-music  design  product  fail 
may 2016
​Why I Hate Security, Computers, and the Entire Modern Banking System | Motherboard
I am honestly amazed the US banking system still works this way, after over a decade of rampant identity theft:
I cannot count the number of times I’ve freely given out my routing and account numbers—in emails, in webforms, in paperwork. This is because it’s necessary for other people to know my routing number and account number in order for them to send me money. But apparently, with that same information, they can also snatch money straight from my account. What kind of insane system is this? There’s two factor authentication, there’s one factor authentication, and then there’s this, which I think I can call zero factor authentication.
identity-theft  phishing  banking  banks  usa  authentication  2fa  0fa  security 
may 2016
BTrDB: Optimizing Storage System Design for Timeseries Processing
interesting, although they punt to Ceph for storage and miss out the chance to make a CRDT
storage  trees  data-structures  timeseries  delta-delta-coding  encoding  deltas 
may 2016
brixsystem
This conceptual collection consists of eight 6:1 scale versions of classic LEGO bricks, each fully functional in one way or the other. Including eight matching photo montages, a homage to the box cover art for the classic "Legoland Space" line. Hultén - "Like most people, I was raised by Lego. For this project, I chose to work with a set of decorated bricks from the iconic 79-87 "Legoland Space" line. These were bricks that would trigger my imagination as a child. 25 years have passed, and they still trigger"


ERMAHGERD (faints)
space-lego  lego  cool  art  bricks  wood  devices  want 
may 2016
Waste charges unpaid by 50% of residents in city litter blackspot
as Paul McDonnell noted: this one line tells you everything you need to know about DCC's ability to enforce the rules: 'in some of the bags inspected previously issued litter fines were found'. Pathetic
littering  dublin  northside  dcc  law  enforcement  rubbish  bins 
may 2016
The Challenges of Container Configuration // Speaker Deck
Some good advice on Docker metadata/config from Gareth Rushgrove
docker  metadata  configuration  build  devops  dev  containers  slidfes 
may 2016
The Airplane Seating Arrangement that Triggers 'Air Rage'
The presence of a first-class cabin, and having to walk through it to get to economy, is a triggering factor for "air rage" incidents:

As lead researcher Katherine DeCelles explained to Gizmodo, airplanes are like a miniature version of class-based society. “It’s a small world of the greater society that we live in, though one that’s greatly concentrated,” she said. Traveling by plane is stressful enough, but DeCelles believes that seating inequality on airplanes often serves as “the straw that breaks the camel’s back,” and that air rage can be partly explained and understood through the lens of social inequality.
air-rage  first-class  flying  air  travel  anger  economy 
may 2016
raboof/nethogs: Linux 'net top' tool
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.
nethogs  cli  networking  performance  measurement  ops  linux  top 
may 2016
Go best practices, six years in
from Peter Bourgon. Looks like a good list of what to do and what to avoid
go  golang  best-practices  coding  guidelines 
may 2016
Wikipedia’s Piracy Police Are Ruining the Developing World's Internet Experience | Motherboard
Oh dear.
The Wikimedia Foundation told me last month that it has been aware of people using Wikipedia Zero for file sharing for about a year, and says that there are no plans to pull out of any countries because of piracy. But that hasn’t stopped rogue Wiki users from suggesting it anyway, and members of the task force have gotten Wikimedia Bangladesh to plead with the pirates to stop contributing to an “increasingly negative perception of Bangladesh in many different sectors.”
wikipedia  wikimedia  bangladesh  filesharing  piracy  wikipedia-zero  copyright 
may 2016
Ex-surgeon duped into being €100k drug mule
Oh man. This is so sad:

Soriano, who had travelled to Ireland from Bogota via Panama and Paris, told customs officials that a red bag he was carrying contained a gift for banking officials which would facilitate the transfer of a $2.3m inheritance from a long-lost relative he had never heard of until recently. He was very co-operative with the officials and agreed to allow them x-ray and examine the bag. It was found to contain 1.86kg of cocaine in three packets.

Sgt Finnegan said gardaí were initially sceptical that Soriano could have fallen for the scam but, as interviews went on, they became aware that there were underlying issues. Gardaí found documentation that Soriano had printed out about other phishing scams. He said that he knew they were scams but he was lonely and would respond to them for “a little bit of fun”. Sgt Finnegan said that, despite this, he remained adamant that the inheritance was still due to be claimed.


Bizarrely not the first prominent surgeon to fall victim to 419 scammers.
419  scams  cocaine  smuggling  surgeons  phishing  dementia 
may 2016
Uploading, Resizing and Serving images with Google Cloud Platform — Google Cloud Platform — Community — Medium
Cropping, scaling, and resizing images on the fly, for free, with GAE. Great service, wish AWS had something similar
App Engine API has a very useful function to extract a magic URL for serving the images when uploaded into the Cloud Storage. get_serving_url() returns a URL that serves the image in a format that allows dynamic resizing and cropping, so you don’t need to store different image sizes on the server. Images are served with low latency from a highly optimized, cookieless infrastructure.
gae  google  app-engine  images  scaling  cropping  image-processing  thumbnails  google-cloud 
may 2016
Let Them Make Noise: A ‘Dining Club’ Invites Toddlers - NYTimes.com
This is a great idea. I miss eating out, and this is why:
Throughout our three-hour meal, babies cried, mothers nursed, toddlers shrieked and farro grains flew, but the atmosphere was surprisingly leisurely. There was no reason to be self-conscious about a crying-nursing-dancing child because everyone knew every other parent was in the same boat. Or would be in a few seconds. So we relaxed and ate. This is not fine dining as I once knew it, and that’s O.K. That’s what date night is for. But my daughter got her first lesson in how to behave at a fancy restaurant. And I got to finish a delicious meal while it was still warm, toddler in tow.
kids  food  restaurants  eating  children  toddlers 
may 2016
CoreOS and Prometheus: Building monitoring for the next generation of cluster infrastructure
Ooh, this is a great plan. :applause:
Enabling GIFEE — Google Infrastructure for Everyone Else — is a primary mission at CoreOS, and open source is key to that goal. [....]

Prometheus was initially created to handle monitoring and alerting in modern microservice architectures. It steadily grew to fit the wider idea of cloud native infrastructure. Though it was not intentional in the original design, Prometheus and Kubernetes conveniently share the key concept of identifying entities by labels, making the semantics of monitoring Kubernetes clusters simple. As we discussed previously on this blog, Prometheus metrics formed the basis of our analysis of Kubernetes scheduler performance, and led directly to improvements in that code. Metrics are essential not just to keep systems running, but also to analyze and improve application behavior.

All things considered, Prometheus was an obvious choice for the next open source project CoreOS wanted to support and improve with internal developers committed to the code base.
monitoring  coreos  prometheus  metrics  clustering  ops  gifee  google  kubernetes 
may 2016
A poem about Silicon Valley, made up of Quora questions about Silicon Valley

Why do so many startups fail?
Why are all the hosts on CouchSurfing male?
Are we going to be tweeting for the rest of our lives?
Why do Silicon Valley billionaires choose average-looking wives?

What makes a startup ecosystem thrive?
What do people plan to do once they’re over 35?
Is an income of $160K enough to survive?
What kind of car does Mark Zuckerberg drive?

Are the real estate prices in Palo Alto crazy?
Do welfare programs make poor people lazy?
What are some of the biggest lies ever told?
How do I explain Bitcoin to a 6-year-old?

Why is Powdered Alcohol not successful so far?
How does UberX handle vomiting in the car?
Is being worth $10 million considered ‘rich’?
What can be causing my upper lip to twitch?

Why has crowdfunding not worked for me?
Is it worth pre-ordering a Tesla Model 3?
How is Clinkle different from Venmo and Square?
Can karma, sometimes, be unfair?

Why are successful entrepreneurs stereotypically jerks?
Which Silicon Valley company has the best intern perks?
What looks easy until you actually try it?
How did your excretions change under a full Soylent diet?

What are alternatives to online dating?
Is living in small apartments debilitating?
Why don’t more entrepreneurs focus on solving world hunger?
What do you regret not doing when you were younger?
funny  tech  poetry  silicon-valley  humour  bitcoin  soylent  2016 
april 2016
Linux kernel bug delivers corrupt TCP/IP data to Mesos, Kubernetes, Docker containers — Vijay Pandurangan
Bug in the "veth" driver skips TCP checksums. Reminder: app-level checksums are important
checksums  tcp  veth  ethernet  drivers  linux  kernel  bugs  docker 
april 2016
The Make: Weekend Projects Thumbnail Guide To Soldering
man, I wish I had this 30 years ago. now I know what stuff I need to get to make my occasional solders less of a PITA
soldering  gadgets  tools  workbench  make  fixing  diy 
april 2016
Public preferences for electronic health data storage, access, and sharing – evidence from a pan-European survey | Journal of the American Medical Informatics Association
Results: We obtained 20 882 survey responses (94 606 preferences) from 27 EU member countries. Respondents recognized the benefits of storing electronic health information, with 75.5%, 63.9%, and 58.9% agreeing that storage was important for improving treatment quality, preventing epidemics, and reducing delays, respectively. Concerns about different levels of access by third parties were expressed by 48.9% to 60.6% of respondents. On average, compared to devices or systems that only store basic health status information, respondents preferred devices that also store identification data (coefficient/relative preference 95% CI = 0.04 [0.00-0.08], P = 0.034) and information on lifelong health conditions (coefficient = 0.13 [0.08 to 0.18], P < 0.001), but there was no evidence of this for devices with information on sensitive health conditions such as mental and sexual health and addictions (coefficient = −0.03 [−0.09 to 0.02], P = 0.24). Respondents were averse to their immediate family (coefficient = −0.05 [−0.05 to −0.01], P = 0.011) and home care nurses (coefficient = −0.06 [−0.11 to −0.02], P = 0.004) viewing this data, and strongly averse to health insurance companies (coefficient = −0.43 [−0.52 to 0.34], P < 0.001), private sector pharmaceutical companies (coefficient = −0.82 [−0.99 to −0.64], P < 0.001), and academic researchers (coefficient = −0.53 [−0.66 to −0.40], P < 0.001) viewing the data.

Conclusions: Storing more detailed electronic health data was generally preferred, but respondents were averse to wider access to and sharing of this information. When developing frameworks for the use of electronic health data, policy makers should consider approaches that both highlight the benefits to the individual and minimize the perception of privacy risks.


Via Antoin.
privacy  data  medicine  health  healthcare  papers  via:antoin 
april 2016
Some great factoids about Glasnevin Cemetery
local landmark and significant chunk of Dublin history. I like this one:
Another odd thing was that people from Dublin had to be buried before noon. This was due to the fact that many funerals stopping at the gate would end up so late in the pub the gates would be closed. A number of times the sextant would open up in the morning to find a coffin or two aganst the gates. For years I thought this was made up but it turns out to be true. A friend had a copy of the cemetary bye laws from (I think) around 1908 and it was in there. I think the rule was if you lived within 7 miles of the GPO you had to be buried before 12 noon.
death  burial  graveyards  glasnevin  dublin  history  d11 
april 2016
Typeset In The Future: Alien
Amazing deep dive into the graphic design of 1980s sci-fi classic, Alien, in particular Ron Cobb's_Semiotic Standard For All Commercial Trans-Stellar Utility Lifter And Heavy Element Transport Spacecraft_ and its application aboard the Weylan-Yutani Nostromo
fonts  typography  movies  cinema  alien  sf  history  1980s  ron-cobb  graphic-design 
april 2016
Bodyhackers are all around you, they’re called women
I have two cyborg implants. One is in my hand, and it lets my unlock phones and doors by waving at them. The other is in my uterus, and it lets me control my own fertility.
bodyhacking  iuds  implants  cyborg  feminism  birth-control 
april 2016
Exclusive: SWIFT bank network says aware of multiple cyber fraud incidents
"SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions' back-offices, PCs or workstations connected to their local interface to the SWIFT network," the group warned customers on Monday in a notice seen by Reuters.


Ouch. They seem to be indicating that they're all phishing/impersonation-based attacks.
phishing  swift  banking  hacks  exploits  banks  security 
april 2016
Bots won't replace apps. Better apps will replace apps
As I’ll explain, messenger apps’ apparent success in fulfilling such a surprising array of tasks does not owe to the triumph of “conversational UI.” What they’ve achieved can be much more instructively framed as an adept exploitation of Silicon Valley phone OS makers’ growing failure to fully serve users’ needs, particularly in other parts of the world. Chat apps have responded by evolving into “meta-platforms.” Many of the platform-like aspects they’ve taken on to plaster over gaps in the OS actually have little to do with the core chat functionality. Not only is “conversational UI” a red herring, but as we look more closely, we’ll even see places where conversational UI has breached its limits and broken down.
apps  bots  chatops  chat  ui  messaging  silicon-valley  agents  alexa  siri  phones 
april 2016
The Rise of Pirate Libraries
The history of this is fascinating:
Today’s pirate libraries have their roots in the work of Russian academics to digitize texts in the 1990s. Scholars in that part of the world had long had a thriving practice of passing literature and scientific information underground, in opposition to government censorship—part of the samizdat culture, in which banned documents were copied and passed hand to hand through illicit channels. Those first digital collections were passed freely around, but when their creators started running into problems with copyright, their collections “retreated from the public view,” writes Balázs Bodó, a piracy researcher based at the University of Amsterdam. “The text collections were far too valuable to simply delete,” he writes, and instead migrated to “closed, membership-only FTP servers.” [....]

There’s always been osmosis within the academic community of copyrighted materials from people with access to scholar without. “Much of the life of a research academic in Kazakhstan or Iran or Malaysia involves this informal diffusion of materials across the gated walls of the top universities,” he says.
pirates  pirate-libraries  libraries  archival  history  russia  ussr  samizdat  samizdata  academia  papers 
april 2016
I am Alex St. John’s Daughter, and He is Wrong About Women in Tech — Medium
Great, great post from Amilia St. John, responding to the offensive sexist crap spewed by her father, Alex St. John
sexism  career  tech  amilia-st-john  alex-st-john  jobs  work  feminism 
april 2016
Anti-innovation: EU excludes open source from new tech standards
EC up to its old anti-competitive tricks:
The European Commission is surprisingly coy about what exactly ['open'] means in this context. It is only on the penultimate page of the ICT Standardisation Priorities document that we finally read the following key piece of information: "ICT standardisation requires a balanced IPR [intellectual property rights] policy, based on FRAND licensing terms."

It's no surprise that the Commission was trying to keep that particular detail quiet, because FRAND licensing—the acronym stands for "fair, reasonable, and non-discriminatory"—is incompatible with open source, which will therefore find itself excluded from much of the EU's grand new Digital Single Market strategy. That's hardly a "balanced IPR policy."
open-source  open  frand  eu  ec 
april 2016
How I Hacked Facebook, and Found Someone's Backdoor Script
Great writeup of a practical pen test. Those crappy proprietary appliances that get set up "so the CEO can read his email on the road" etc. are always a weak spot
facebook  hacking  security  exploits  pen-tests  backdoors 
april 2016
Building a Regex Search Engine for DNA | Hacker News
The original post is pretty mediocre -- a search engine which handles a corpus of "thousands" of plasmids from "a scientist's personal library", and which doesn't handle fuzzy matches? I think that's called grep -- but the HN comments are good
grep  regular-expressions  hacker-news  strings  dna  genomics  search  elasticsearch 
april 2016
[Updated] Using a Dyson hand dryer is like setting off a viral bomb in a bathroom | Ars Technica
Clumping the data from all six heights together, the Dyson produced 60 times more plaques than the warm air dryer and 1,300 times more than paper towels. Of the viruses launched by the jet dryer, 70 percent were at the height of a small child’s face.


(vomit)
gross  hand-dryers  dyson  fail  health  bathroom 
april 2016
Darts, Dice, and Coins
Earlier this year, I asked a question on Stack Overflow about a data structure for loaded dice. Specifically, I was interested in answering this question: "You are given an n-sided die where side i has probability pi of being rolled. What is the most efficient data structure for simulating rolls of the die?"

This data structure could be used for many purposes. For starters, you could use it to simulate rolls of a fair, six-sided die by assigning probability 1616 to each of the sides of the die, or a to simulate a fair coin by simulating a two-sided die where each side has probability 1212 of coming up. You could also use this data structure to directly simulate the total of two fair six-sided dice being thrown by having an 11-sided die (whose faces were 2, 3, 4, ..., 12), where each side was appropriately weighted with the probability that this total would show if you used two fair dice. However, you could also use this data structure to simulate loaded dice. For example, if you were playing craps with dice that you knew weren't perfectly fair, you might use the data structure to simulate many rolls of the dice to see what the optimal strategy would be. You could also consider simulating an imperfect roulette wheel in the same way.

Outside the domain of game-playing, you could also use this data structure in robotics simulations where sensors have known failure rates. For example, if a range sensor has a 95% chance of giving the right value back, a 4% chance of giving back a value that's too small, and a 1% chance of handing back a value that's too large, you could use this data structure to simulate readings from the sensor by generating a random outcome and simulating the sensor reading in that case.

The answer I received on Stack Overflow impressed me for two reasons. First, the solution pointed me at a powerful technique called the alias method that, under certain reasonable assumptions about the machine model, is capable of simulating rolls of the die in O(1)O(1) time after a simple preprocessing step. Second, and perhaps more surprisingly, this algorithm has been known for decades, but I had not once encountered it! Considering how much processing time is dedicated to simulation, I would have expected this technique to be better- known. A few quick Google searches turned up a wealth of information on the technique, but I couldn't find a single site that compiled together the intuition and explanation behind the technique.


(via Marc Brooker)
via:marcbrooker  algorithms  probability  algorithm  coding  data-structures  alias  dice  random 
april 2016
Amazon S3 Transfer Acceleration
The AWS edge network has points of presence in more than 50 locations. Today, it is used to distribute content via Amazon CloudFront and to provide rapid responses to DNS queries made to Amazon Route 53. With today’s announcement, the edge network also helps to accelerate data transfers in to and out of Amazon S3. It will be of particular benefit to you if you are transferring data across or between continents, have a fast Internet connection, use large objects, or have a lot of content to upload.

You can think of the edge network as a bridge between your upload point (your desktop or your on-premises data center) and the target bucket. After you enable this feature for a bucket (by checking a checkbox in the AWS Management Console), you simply change the bucket’s endpoint to the form BUCKET_NAME.s3-accelerate.amazonaws.com. No other configuration changes are necessary! After you do this, your TCP connections will be routed to the best AWS edge location based on latency.  Transfer Acceleration will then send your uploads back to S3 over the AWS-managed backbone network using optimized network protocols, persistent connections from edge to origin, fully-open send and receive windows, and so forth.
aws  s3  networking  infrastructure  ops  internet  cdn 
april 2016
The Melancholy Mystery of Lullabies - NYTimes.com
Fascinating article on lullabies:

One way a mother might bond with a newborn is by sharing her joy; another way is by sharing her grief or frustration. We see this in songs across time. A 200-year-old Arabic lullaby still sung today goes:

I am a stranger, and my neighbors are strangers;
I have no friends in this world.
Winter night and the husband is absent.

And an old Spanish lullaby from Asturias, written down by the poet Federico García Lorca, goes:

This little boy clinging so
Is from a lover, Vitorio,
May God, who gave, end my woe,
Take this Vitorio clinging so.

We assume the sound of these songs is sweet, as no lullaby endures without being effective at putting babies to sleep. Think of ‘‘Rock-a-bye Baby,’’ the way it tenderly describes an infant and its cradle falling to the ground: The singer gets to speak a fear, the baby gets to rest; the singer tries to accommodate herself to a possible loss that has for most of human history been rela­tively common, and the baby gets attentive care. In the Arabic and Spanish lullabies, the singers get to say something to the one being — their new burden, their new love — who can’t and won’t judge or discipline them for saying it. When even relatively happy, well-supported people become the primary caretaker of a very small person, they tend to find themselves eddied out from the world of adults. They are never alone — there is always that tiny person — and yet they are often lonely. Old songs let us feel the fellowship of these other people, across space and time, also holding babies in dark rooms.
lullabies  songs  singing  history  folk  babies  children 
april 2016
Detecting the use of "curl | bash" server side
tl;dr:
The better solution is never to pipe untrusted data streams into bash. If you still want to run untrusted bash scripts a better approach is to pipe the contents of URL into a file, review the contents on disk and only then execute it.
bash  security  shell  unix  curl  tcp  buffers 
april 2016
ZIP SIM
Prepaid talk+text+data or data-only mobile SIM cards, delivered to your home or hotel, prior to visiting the US. great service for temporary US business visits
visiting  us  usa  zip-sim  sims  mobile-phones  travel  phones  mobile  travelling  data 
april 2016
The problems with forcing regular password expiry

The new password may have been used elsewhere, and attackers can exploit this too. The new password is also more likely to be written down, which represents another  vulnerability. New passwords are also more likely to be forgotten, and this carries the productivity costs of users being locked out of their accounts, and service desks having to reset passwords.
It’s one of those counter-intuitive security scenarios; the more often users are forced to change passwords, the greater the overall vulnerability to attack. What appeared to be a perfectly sensible, long-established piece of advice doesn’t, it turns out, stand up to a rigorous, whole-system analysis. CESG now recommend organisations do not force regular password expiry.
cesg  recommendations  guidelines  security  passwords  expiry  uk  gchq 
april 2016
Donald Rumsfeld wrote the best memo ever: "Issues w/Various Countries"
Paraphrasing: "I have made a massive mess of US foreign policy and the whole world is falling apart. Have you fixed it for me yet?"

Right in the middle of the biggest Middle Eastern shitstorm ever created, April 7, 2003. Heck of a job, Rummie
donald-rumsfeld  inept  gobshites  korea  pakistan  issues  world-politics  funny  facepalm  george-w-bush  iraq  syria  libya  amazing 
april 2016
Review: Site Reliability Engineering
John "lusis" Vincent reviews the SRE book, not 100% positively
sre  books  reading  reviews  lusis 
april 2016
Canadian Police Obtained BlackBerry’s Global Decryption Key in 2010
According to technical reports by the Royal Canadian Mounted Police that were filed in court, law enforcement intercepted and decrypted roughly one million PIN-to-PIN BlackBerry messages in connection with the probe. The report doesn't disclose exactly where the key — effectively a piece of code that could break the encryption on virtually any BlackBerry message sent from one device to another — came from. But, as one police officer put it, it was a key that could unlock millions of doors.
Government lawyers spent almost two years fighting in a Montreal courtroom to keep this information out of the public record.
canada  crime  encryption  security  blackberry  crypto  rcmp  police  rogers  montreal  rim 
april 2016
A Guide to Naming Variables
good rules of thumb for variable naming, from ex-coworker Jacob Gabrielson
guidelines  rules  naming  variables  coding  style 
april 2016
Google Cloud Status
Ouch, multi-region outage:
At 14:50 Pacific Time on April 11th, our engineers removed an unused GCE IP block from our network configuration, and instructed Google’s automated systems to propagate the new configuration across our network. By itself, this sort of change was harmless and had been performed previously without incident. However, on this occasion our network configuration management software detected an inconsistency in the newly supplied configuration. The inconsistency was triggered by a timing quirk in the IP block removal - the IP block had been removed from one configuration file, but this change had not yet propagated to a second configuration file also used in network configuration management. In attempting to resolve this inconsistency the network management software is designed to ‘fail safe’ and revert to its current configuration rather than proceeding with the new configuration. However, in this instance a previously-unseen software bug was triggered, and instead of retaining the previous known good configuration, the management software instead removed all GCE IP blocks from the new configuration and began to push this new, incomplete configuration to the network.

One of our core principles at Google is ‘defense in depth’, and Google’s networking systems have a number of safeguards to prevent them from propagating incorrect or invalid configurations in the event of an upstream failure or bug. These safeguards include a canary step where the configuration is deployed at a single site and that site is verified to still be working correctly, and a progressive rollout which makes changes to only a fraction of sites at a time, so that a novel failure can be caught at an early stage before it becomes widespread. In this event, the canary step correctly identified that the new configuration was unsafe. Crucially however, a second software bug in the management software did not propagate the canary step’s conclusion back to the push process, and thus the push system concluded that the new configuration was valid and began its progressive rollout.
multi-region  outages  google  ops  postmortems  gce  cloud  ip  networking  cascading-failures  bugs 
april 2016
Improving Our Engineering Interview Process
Foursquare on hiring. 'we forgo technical phone interviews whenever possible. They’re typically unpleasant for everyone involved and we felt like the environment of a phone screen wasn’t conducive to learning about a candidate’s abilities comprehensively. Instead we give out a take-home exercise that takes about three hours.'
hiring  interviewing  foursquare  hr  phone-screens  tech  jobs 
april 2016
Open Sourcing Dr. Elephant: Self-Serve Performance Tuning for Hadoop and Spark
[LinkedIn] are proud to announce today that we are open sourcing Dr. Elephant, a powerful tool that helps users of Hadoop and Spark understand, analyze, and improve the performance of their flows.


neat, although I've been bitten too many times by LinkedIn OSS release quality at this point to jump in....
linkedin  oss  hadoop  spark  performance  tuning  ops 
april 2016
Rendezvous hashing - Wikipedia, the free encyclopedia

Rendezvous or Highest Random Weight (HRW) hashing[1][2] is an algorithm that allows clients to achieve distributed agreement on a set of k options out of a possible set of n options. A typical application is when clients need to agree on which sites (or proxies) objects are to assigned to. When k is 1, it subsumes the goals of consistent hashing, using an entirely different method.
hrw  hashing  hashes  consistent-hashing  rendezvous-hashing  algorithms  discovery  distributed-computing 
april 2016
Data Protection Mishap Leaves 55M Philippine Voters at Risk
Every registered voter in the Philippines is now susceptible to fraud and other risks after a massive data breach leaked the entire database of the Philippines’ Commission on Elections (COMELEC). While initial reports have downplayed the impact of the leak, our investigations showed a huge number of sensitive personally identifiable information (PII)–including passport information and fingerprint data–were included in the data dump. [....]

Based on our investigation, the data dumps include 1.3 million records of overseas Filipino voters, which included passport numbers and expiry dates. What is alarming is that this crucial data is just in plain text and accessible to everyone. Interestingly, we also found a whopping 15.8 million record of fingerprints and a list of people running for office since the 2010 elections.

In addition, among the data leaked were files on all candidates running on the election with the filename VOTESOBTAINED. Based on the filename, it reflects the number of votes obtained by the candidate. Currently, all VOTESOBTAINED file are set to have NULL as figure.

fingerprints  biometrics  philippines  authentication  data-dumps  security  hacks  comelec  e-voting  pii  passports  voting 
april 2016
Gil Tene on benchmarking
'I would strongly encourage you to avoid repeating the mistakes of testing methodologies that focus entirely on max achievable throughput and then report some (usually bogus) latency stats at those max throughout modes. The techempower numbers are a classic example of this in play, and while they do provide some basis for comparing a small aspect of behavior (what I call the "how fast can this thing drive off a cliff" comparison, or "pedal to the metal" testing), those results are not very useful for comparing load carrying capacities for anything that actually needs to maintain some form of responsiveness SLA or latency spectrum requirements.'

Some excellent advice here on how to measure and represent stack performance.

Also: 'DON'T use or report standard deviation for latency. Ever. Except if you mean it as a joke.'
performance  benchmarking  testing  speed  gil-tene  latency  measurement  hdrhistogram  load-testing  load 
april 2016
AWSume
'AWS Assume Made Awesome' -- 'Here are Trek10, we work with many clients, and thus work with multiple AWS accounts on a regular (daily) basis. We needed a way to make managing all our different accounts easier. We create a standard Trek10 administrator role in our clients’ accounts that we can assume. For security we require that the role assumer have multifactor authentication enabled.'
mfa  aws  awsume  credentials  accounts  ops 
april 2016
Koyaanisqatsi trailer recreated using stock footage
'Koyannistocksi is a shot-by-shot remake of the trailer for Godfrey Reggio's Koyaanisqatsi using only stock footage. A testament to Reggio's influence on contemporary motion photography, and the appropriation of his aesthetic by others for commercial means.'

Nailed it. This is why I find it hard to watch Koyaanisqatsi nowadays -- its imagery and style have been stolen by so many other filmmakers.
godfrey-reggio  koyaanisqatsi  ads  remakes  film  stock-footage 
april 2016
Dan Luu reviews the Site Reliability Engineering book
voluminous! still looks great, looking forward to reading our copy (via Tony Finch)
via:fanf  books  reading  devops  ops  google  sre  dan-luu 
april 2016
Internet mapping turned a remote farm into a digital hell
I think this a bit of a legal issue for MaxMind:
The trouble for the Taylor farm started in 2002, when a Massachusetts-based digital mapping company called MaxMind decided it wanted to provide “IP intelligence” to companies who wanted to know the geographic location of a computer to, for example, show the person using it relevant ads or to send the person a warning letter if they were pirating music or movies.
maxmind  fail  location  ip  geodata  gps  mapping  kansas 
april 2016
3d Printing Is Not For You
I would only recommend 3d printing to someone who wanted a hobby, and wanted that hobby to be 3d printing, not "having parts made on a 3d printer". The printing itself is the activity. If you have any other primary motivation your parts will fail more often than they'll succeed.


(via burritojustice)
via:burritojustice  3d-printing  machines  parts  things  hobbies  open-source  funny 
april 2016
Neutered RNG let man rig million dollar lotteries | Ars Technica
A forensic examination found that the generator had code that was installed after the machine had been audited by a security firm that directed the generator not to produce random numbers on three particular days of the year if two other conditions were met. Numbers on those days would be drawn by an algorithm that Tipton could predict [...] All six prizes linked to Tipton were drawn on either Nov. 23 or Dec. 29 between 2005 and 2011.
prng  randomness  security  hacks  exploits  lottery  us  audits  holes 
april 2016
good example of Application-Level Keepalive beating SO_KEEPALIVE
we have now about 100 salt-minions which are installed in remote areas with 3G and satellite connections.

We loose connectivity with all of those minions in about 1-2 days after installation, with test.ping reporting "minion did not return". The state was each time that the minions saw an ESTABLISHED TCP connection, while on the salt-master there were no connection listed at all. (Yes that is correct). Tighter keepalive settings were tried with no result. (OS is linux) Each time, restarting the salt-minion fixes the problem immediately.

Obviously the connections are transparently proxied someplace, (who knows what happens with those SAT networks) so the whole tcp-keepalive mechanism of 0mq fails.


Also notes in the thread that the default TCP timeout for Azure Load Balancer is 4 minutes: https://azure.microsoft.com/en-us/blog/new-configurable-idle-timeout-for-azure-load-balancer/ . The default Linux TCP keepalive doesn't send until 2 hours after last connection use, and it's a system-wide sysctl (/proc/sys/net/ipv4/tcp_keepalive_time).

Further, http://networkengineering.stackexchange.com/questions/7207/why-bgp-implements-its-own-keepalive-instead-of-using-tcp-keepalive notes "some firewalls filter TCP keepalives".
tcp  keep-alive  keepalive  protocol  timeouts  zeromq  salt  firewalls  nat 
april 2016
Hungary proposes anti-crypto law
up to 2 years imprisonment for use of apps for encrypted communication
crypto  hungary  laws  internet  crackdown  encryption 
april 2016
Running Docker on AWS from the ground up
Advantages/disavantages section right at the bottom is good.
ECS, believe it or not, is one of the simplest Schedulers out there. Most of the other alternatives I’ve tried offer all sorts of fancy bells & whistles, but they are either significantly more complicated to understand (lots of new concepts), take too much effort to set up (lots of new technologies to install and run), are too magical (and therefore impossible to debug), or some combination of all three. That said, ECS also leaves a lot to be desired.
aws  docker  ecs  ec2  schedulers 
april 2016
Irish drone register allowed access to personal details of 2,000 members
The breach, which allowed registered users to view names, addresses, email addresses and phone numbers of other people registered on the site, was brought to the attention of the authority on Sunday night.
In a statement to TheJournal.ie, the IAA revealed it was aware of four users who downloaded the file.
fail  drones  ireland  iaa  security 
april 2016
« earlier      later »
abuse ads ai algorithms amazon analytics android anti-spam apache apple apps architecture art automation aws banking big-data bitcoin books bugs build business cars cassandra censorship children china cli coding compression concurrency containers copyright crime crypto culture cycling data data-protection data-structures databases dataviz debugging deployment design devops distcomp distributed dns docker driving dublin ec2 email eu europe exploits facebook fail false-positives filesharing filtering food fraud funny future games gaming gc gchq git github go google government graphics hacking hacks hadoop hardware hashing health history home http https images internet ios ip iphone ireland isps java javascript journalism jvm kafka kids lambda languages latency law legal libraries life linux load-balancing logging machine-learning malware mapping maps medicine memory metrics microsoft ml mobile money monitoring movies mp3 music mysql netflix network networking news nosql nsa open-source ops optimization outages packaging papers patents pdf performance phones photos piracy politics presentations privacy programming protocols python recipes redis reliability replication research ruby russia s3 safety scala scalability scaling scams science search security shopping silicon-valley slides snooping social-media software space spam ssl startups statistics storage streaming surveillance swpats sysadmin tcp tech technology testing time tips tls tools travel tuning tv twitter ui uk unix us-politics via:fanf via:nelson video web wifi work youtube

Copy this bookmark:



description:


tags: