Why Zig When There is Already CPP, D, and Rust? · zig-lang/zig Wiki
Every software project should be this frank & precisely technical about why it exists relative to comparable projects. You can disagree that these are good reasons to use a language, but at least you know the authors thought about it and have technical answers, not just fluffy marketing copy.
programming-languages  systems-programming  via:twitter 
Stuff Matters: Exploring the Marvelous Materials That Shape Our Man-Made World Reprint, Mark Miodownik - AmazonSmile
Finished 2017-10-18. Recommended. Easy reading, surprisingly touching at points. I would perhaps prefer that the second half be bit more detailed & focused; towards the end of the book, he kind of abandons the conceit that each chapter is a deep dive a single material and starts to hop from a relatively shallow treatment of one subject after another (probably this is a symptom of a writer deciding to wrap up the manuscript rather than toughing it out with his original plan).
booklog  finished:2017  materials-science  nonfiction 
New Atheism's Idiot Heirs or 2nd Wave Internet Skepticism | MetaFilter
Bookmarking for the following comments:

One of the things that's caused a lot of soul-searching for me over the last few years is how many things that I felt were positive, or at least gave the benefit of the doubt to (skepticism, video games, anti-authoritarianism, tech, sf, geek culture in general really) have been weaponized in support of the most odious shit. There but for the grace of God go I.

I remember all the arguments that my parents’ generation made about computers “rotting the brain.” I remember defending computers, video games and the internet as ways for friendly nerdy people to meet each other and share ideas all across the world. I wasn’t wrong. But neither were they. Something does rot young brains in the internet, from the worst to the best. Exactly how to describe it and what to do about it, I don’t know.

so true, and so familiar.
internet  culture 
2 days ago
Create a Thriving Workspace: 7 Design Principles for Positive High ... - Anetta Pizag - Google Books
bookmarking less for the book itself than for the related books which emerge by tracing links/refs from this one
productivity-environments  books  to-read-maybe 
2 days ago
MIT 4.605x - Week 3 - Lecture 6.5 - Trade Economies - YouTube
Most interesting note in this lecture: the so-called "Fertile Crescent" was not naturally fertile in a way that mattered to humans. The marshy terrain available ca. 3000 BC offers neither predictable crops (due to floods which are mistimed for reliable agriculture) nor the natural resources (wood, bricks, copper) that were necessary to make society viable. Making the region agriculturally productive required risky, irrigational interventions by large groups of people under strong centralized leadership, and thus the development of cities, and this in turn had to be supported by a far-flung trade network reaching all the way to Romania, Turkey, and Iran.
videos  mit-4.605x  edx  online-courses  architecture  history 
3 days ago
Introducing CRI-O 1.0
Last year, the Kubernetes project introduced its Container Runtime Interface (CRI) -- a plugin interface that gives kubelet (a cluster node agent used to create pods and start containers) the ability to use different OCI-compliant container runtimes, without needing to recompile Kubernetes. Building on that work, the CRI-O project (originally known as OCID) is ready to provide a lightweight runtime for Kubernetes.
kubernetes  via:twitter  devops  linux  containers 
3 days ago
HBO's David Simon on "The Deuce" and Why He Loves Cities - CityLab
Most people are doing comic books and fantasy. I mean, there are a few things in TV that work really well: comedy, people getting killed, and pretty people fucking. Those three things are tried and true when it comes to currency in television. Anything outside of that that manages to succeed is a lucky break. 
tv  urbanism 
3 days ago
VUsion - VUSec
In our previous work, we showed that it is possible to abuse memory deduplication to leak high-entropy information using a side channel. This attack relied on the slow writes to figure out whether a page exists in the system. We further showed that it is possible to abuse the predictability of the merge operation for performing deterministic cross-VM Rowhammer attacks.

In this work, we show that the attack surface of memory deduplication is much larger: it is possible to leak the existence of another page in the system by only reading from memory. Further, it is possible to abuse the predictability of memory reuse even when the merge operation itself is not predictable for Rowhammer attacks, as is the case in some implementations (e.g., Windows).

We use these findings to build a secure memory deduplication system which we call VUsion.
security  operating-systems  timing-attacks 
6 days ago
MIT 4.605x - Week 3 - Lecture 5.3 - Dolmen - YouTube
This one is pretty amusing. Prof. Jarzombek really loves dolmens.
videos  mit-4.605x  edx  online-courses  architecture  history 
7 days ago
Debunking the Stereotype of the Lazy Welfare Recipient: Evidence from Cash Transfer Programs Worldwide1 Abhijit Banerjee, MIT Rema Hanna, Harvard Gabriel Kreindler, MIT Benjamin A. Olken, MIT
Targeted transfer programs for poor citizens have become
increasingly common in the developing world. Yet, a common
concern among policy makers – both in developing as well as
developed countries – is that such programs tend to discourage
work. We re-analyze the data from 7 randomized controlled trials
of government-run cash transfer programs in six developing
countries throughout the world, and find no systematic evidence
that cash transfer programs discourage work.
effective-altruism  research  papers 
10 days ago
Don’t Get Too Comfortable at That Desk - The New York Times
Note that ex-'softie Steven Sinofsky (that, uh, rhymes...) comments that this is a boondoggle for office furniture manufacturers:
via:twitter  productivity-environments 
11 days ago
imageflow = libimageflow + imageflow-server
libimageflow has ~10x the throughput of ImageMagick, yet puts security first. It is correct, fast, and has an evolvable JSON API. Imageflow doesn’t try to be ImageMagick; it supports only the core image operations and web-safe image formats needed by most applications and websites. This focus allows libimageflow to have a tiny and auditable codebase. Unsandboxed ImageMagick is an unacceptable liability for any kind of business.
graphics  rust 
11 days ago
Shenandoah: An open-source concurrent compacting garbage collector for OpenJDK
todo: compare this with the cheng/blelloch realtime concurrent collector

I'm way behind on the state of the art in GC.
garbage-collection  research  papers 
12 days ago
Social Choice Ethics in Artificial Intelligence by Seth D. Baum :: SSRN
A major approach to the ethics of artificial intelligence (AI) is to use social choice, in which the AI is designed to act according to the aggregate views of society. This is found in the AI ethics of “coherent extrapolated volition” and “bottom-up ethics”. This paper shows that the normative basis of AI social choice ethics is weak due to the fact that there is no one single aggregate ethical view of society. Instead, the design of social choice AI faces three sets of decisions: standing, concerning whose ethics views are included; measurement, concerning how their views are identified; and aggregation, concerning how individual views are combined to a single view that will guide AI behavior. These decisions must be made up front in the initial AI design — designers cannot “let the AI figure it out”. Each set of decisions poses difficult ethical dilemmas with major consequences for AI behavior, with some decision options yielding pathological or even catastrophic results. Furthermore, non-social choice ethics face similar issues, such as whether to count future generations or the AI itself. These issues can be more important than the question of whether or not to use social choice ethics. Attention should focus on these issues, not on social choice.

Uh, duh, but it's nice to have someone parse this out.
artificial-intelligence  ethics  philosophy  papers 
12 days ago
Resources from talk "Converting HDDs into accidental microphones" Ekoparty 2017
security  timing-attacks  hardware 
12 days ago
The 1802 Membership Card Computer
The Membership Card is a reproduction of the original Popular Electronics Elf computer, repackaged to fit in a pocket-sized Altoids(R) tin. It is entirely built with 1980's parts and technology. It uses only common low-cost through-hole parts (no custom ICs or surface-mount assembly). To use it, you don't need a modern PC, or megabytes of proprietary software. Now you can learn about computers right from the ground up, and really understand how they work!

I honestly feel that more people would benefit from having the experience of using and hacking on a computing system that can, to some reasonable extent, be understood. Most developers today build on top of towering stacks of opaque (yet leaky!), flaky, and poorly designed abstractions. Stack Overflow has replaced proper documentation and manuals and people think that as long as there is a voodoo incantation to do the most common things, a system is adequately usable; some even prefer learning the voodoo incantations to properly described semantics.
hardware  hacks  retrocomputing  education 
13 days ago
[1710.00551] Another Flip in the Wall of Rowhammer Defenses
The Rowhammer bug allows unauthorized modification of bits in DRAM cells from unprivileged software, enabling powerful privilege-escalation attacks. Sophisticated Rowhammer countermeasures have been presented, aiming at mitigating the Rowhammer bug or its exploitation. However, the state of the art provides insufficient insight on the completeness of these defenses.
In this paper, we present novel Rowhammer attack and exploitation primitives, showing that even a combination of all defenses is ineffective. Our new attack technique, one-location hammering, breaks previous assumptions on requirements for triggering the Rowhammer bug, i.e., we do not hammer multiple DRAM rows but only keep one DRAM row constantly open. Our new exploitation technique, opcode flipping, bypasses recent isolation mechanisms by flipping bits in a predictable and targeted way in userspace binaries. We replace conspicuous and memory-exhausting spraying and grooming techniques with a novel reliable technique called memory waylaying. Memory waylaying exploits system-level optimizations and a side channel to coax the operating system into placing target pages at attacker-chosen physical locations. Finally, we abuse Intel SGX to hide the attack entirely from the user and the operating system, making any inspection or detection of the attack infeasible. Our Rowhammer enclave can be used for coordinated denial-of-service attacks in the cloud and for privilege escalation on personal computers. We demonstrate that our attacks evade all previously proposed countermeasures for commodity systems.

Yes, ECC makes this attack much harder; authors are somewhat vague on whether it renders it impractical.

See Section IX for some news on why Intel SGX is a bad idea.
security  hardware  exploits  via:twitter 
14 days ago
Code is not literature
solid, although I think I would phrase this as "code is a form of literature unlike prose or poetry, and much more like machine schematics or mathematical proofs, and demands to be 'read' differently"
programming  literate-programming 
14 days ago
Alex Soul Rots💀☠️🎃 on Twitter: "Alibaba censors sex toys and guess what...it rules. https://t.co/wyTbmegZXH"
Reminds me of when Street View launched its anonymization pipeline and blurred out horses, car grilles, etc. Computer vision always do this, perhaps until general AI is a reality. Will it ever cease to be funny to us?
computer-vision  humor  alibaba  tweet-threads-that-should-be-blog-posts 
14 days ago
Why gun violence research has been shut down for 20 years - The Washington Post
In 1996, the Republican-majority Congress threatened to strip funding from the Centers for Disease Control and Prevention unless it stopped funding research into firearm injuries and deaths. The National Rifle Association accused the CDC of promoting gun control. As a result, the CDC stopped funding gun-control research — which had a chilling effect far beyond the agency, drying up money for almost all public health studies of the issue nationwide.
science  politics  united-states  firearms  public-health 
15 days ago
Buildroot - Making Embedded Linux Easy
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation.
linux  devops 
17 days ago
« earlier      
academia advice america apple architecture art articles artificial-intelligence asian-american-issues attention-dynamics bay-area biology blog-posts blogs book-reviews booklog books bullshit business calendars california capitalism career-advice catosphere cats child-development china civil-liberties climate-change cloud-computing coding-boot-camps comics comics-strips computational-geometry computer-games computer-graphics computer-science computer-vision computing confederate-states-of-america conservatism corruption crime cryptocurrency cryptography css culture data-structures databases demographics design devops digital-art distributed-systems docker ebooks economic-inequality economics education edx environment evolution exploits facebook fantasy-fiction feminism fiction film finance finished:2006 finished:2007 finished:2009 finished:2011 finished:2012 finished:2013 finished:2014 finished:2016 finished:2017 fonts food foreign-policy fred-deboer free-as-in-beer free-as-in-speech free-software funny futurism gadgets game-design game-theory games genetics git google government graphics hacks hardware health higher-education hillary-clinton hiring history hosting housing humor intellectual-property intelligence internet interviews javascript journalism korea labor language law law-enforcement leftism liberalism libertarianism linux luggage machine-learning management maps marketing math media microsoft military mit-4.605x mobile-computing music music-recommendations musiclog new-york-city nonfiction nutrition online-courses operating-systems papers people performance philosophy photography photos plutocracy police politics poverty privacy productivity programming programming-languages propaganda protocols pseudoscience psychology public-policy publishing python racism redecentralize religion rent-seeking republicans research rhetoric rust san-francisco science science-fiction security security-state security-theater sexism sexual-equality sexual-inequality shopping silicon-valley social-engineering social-formation-of-belief social-inequality social-networks social-organization social-science social-software sociopathy software software-architecture software-development software-engineering startups statistics strange-loop surveillance-state talks technological-progress technology technology-industry to-blog to-buy to-read to-read-maybe to-watch todo tools transit trump tweet-threads-that-should-be-blog-posts twitter uber united-states unix urbanism user-interface via:cshalizi via:hackernews via:marginalrevolution via:metafilter via:reddit via:twitter video videos visualization war web-development welfare white-people work writing

Copy this bookmark: