https://www.theguardian.com/technology/2016/dec/28/amazon-refuses-to-let-police-access-suspects-echo-recordings
Just to remind you, the more smart devices you have, the more they listen to you. It’s just a totalitarian state away from being used against you.
Bufferbloat is the undesirable latency that comes from a router or other network equipment buffering too much data.
The Bufferbloat projects provide a webspace for addressing chaotic and laggy network performance. We have a number of projects in flight:
The Request to FCC for Saner Software Policies is a response to Docket ET 15-170 which appears to require vendors to lock down the software in Wi-Fi routers, prohibiting experimentation and field testing of new techniques. Read the Press Release and our Letter to the FCC
The Bufferbloat project has largely addressed latency associated with too much buffering in routers. The CoDel and fq_codel algorithms are the first fundamental advance in the state of the art of network Active Queue Management in many, many years. These algorithms have been deployed in millions of computers, and reduce the induced delay from competing traffic on a bottleneck link to the order of 20 msec.
The Make-Wi-Fi-Fast project, with many of the same team members as the Bufferbloat project, intends to improve Wi-Fi’s speed and use of the spectrum by inserting CoDel/fq_codel into the Wi-Fi queues, and actively measuring the power required for successful transmission, in order to minimize contention and interference on the RF channel.
Source: Bufferbloat.net – Bufferbloat.net
Amazon Lumberyard is a free AAA game engine deeply integrated with AWS and Twitch – with full source.
Source: Amazon Lumberyard – Free AAA Game Engine
Build your own games for free!
The common thought that learning by experience is most effective when it comes to teaching entrepreneurship at university has been challenged in a new study.
An analysis of more than 500 graduates found no significant difference between business schools that offered traditional courses and those that emphasise a ‘learning-by-doing’ approach to entrepreneurship education.
The research challenges the ongoing trend across higher education institutes (HEIs) of focussing on experiential learning, and suggests that universities need to reconsider their approach if they are to increase entrepreneurship among their students.
Ms Inna Kozlinska, research associate at Aston Business School and author of the study, said: “Entrepreneurship education is seen as a major force capable of generating long-term socio-economic changes through developing entrepreneurial, creative, flexible and wise individuals. There is an ongoing shift towards experiential learning in business schools, yet there is little empirical evidence to suggest this approach has better impact than traditional learning.
“This study has shown, contrary to our expectations that ‘learning-by-doing’ approaches do not necessarily lead to better outcomes for students, and were even found to have adverse effects in some instances.
[…]
The study highlights another crucial issue that has not been widely researched up until now: how new entrepreneurial knowledge, skills and attitude relate to further achievements in the professional life of graduates. Contrary to expectations, the attitude of graduates was found to have the most positive effect on employability and entrepreneurial activity. The influence of newly acquired knowledge and skills on graduates was not significant.Ms Kozlinska added: “The findings surrounding the attitudes of successful graduates tend to characterise entrepreneurs: a high level of creativity and self-confidence, strong passion towards entrepreneurship, and tolerance to failure.”
Source: Entrepreneurial experiences ‘no better than textbooks,’ says study
Now, instead of plugging in an address, you can sync up your contacts and choose a friend’s name. The lucky buddy will receive a request from Uber—via push notification if they’re an Uber user, and via text message if they’re not—to provide their location. If they accept, their location is then transmitted to the driver, and it becomes the user’s destination. In other words, if you often find yourself out on the town but too wasted to figure out where to tell your friends to meet you, this feature was made for you.
Of course, any feature that asks for a location is bound to bring up privacy issues, particularly for people who didn’t even sign up for the app in the first place. Uber, however, is dismissive of these concerns.
“We have an entire privacy team that thinks through these questions,” a spokesperson told Gizmodo.
The spokesperson told us that location requests are “static,” and expire after half an hour. For non-Uber users, the company claims the requests disappear after the allotted time; For Uber users, the app will maintain records of where they went, but not who they sent the request to. The spokesperson added that a user must give his or her location every time.
But given Uber’s previous privacy hijinks, these assurances ring just a tad hollow. Earlier this month, the app rolled out a different update that asked users for permission to track them even when they weren’t using the app. A few days later, it was hit with a lawsuit filed by a former employee who claimed that workers used the app to peep on celebrities and former lovers. The lawsuit was particularly troubling given that Uber claimed several years ago that it had already dealt with the problem.
Source: Uber’s Latest Update Is Even Creepier Than Its Last One
Egypt has blocked its residents from accessing encrypted messaging app Signal, according to the application’s developer. Mada Masr, an Egypt-based media organization, reported yesterday that several users took to Twitter over the weekend to report that they could no longer send or receive messages while on Egyptian IP addresses. Open Whisper Systems, the team behind the app, told a user asking about a situation that everything was working just as intended on their end. Now that the company has confirmed that the country is blocking access to Edward Snowden’s preferred messaging app, it has begun working on a way to circumvent the ban. They intend to deploy their solution over the next few weeks.
Source: Egypt has blocked encrypted messaging app Signal
These guys have had a poke around some publically available firmwares and describe how it works
Source: IOActive Labs Research: In Flight Hacking System
We’re excited to announce the release of Project Wycheproof, a set of security tests that check cryptographic software libraries for known weaknesses. We’ve developed over 80 test cases which have uncovered more than 40 security bugs (some tests or bugs are not open sourced today, as they are being fixed by vendors). For example, we found that we could recover the private key of widely-used DSA and ECDHC implementations. We also provide ready-to-use tools to check Java Cryptography Architecture providers such as Bouncy Castle and the default providers in OpenJDK.
Source: Google Online Security Blog: Project Wycheproof
The Beer Judge Certification Program lists 100 styles with defined ranges of alcohol by volume (ABV), bitterness (measured in IBUs, or International Bittering Units), and color (measured using SRM, or Standard Reference Method).Below is a series of charts for all 100 styles. Mouseover any style for more details and commercial examples. Rectangles to the top right corner represent beer that is high in alcohol and high in bitterness. In contrast, a rectangle in the bottom left corner represents a beer that is low in alcohol and low in bitterness.
Source: Charting All the Beer Styles | FlowingData
The new law would allow Thailand authorities to intercept private communication and to censor websites without a court order.
“The bill is very broad and open to interpretation and we will have to see how the government will implement these laws,” said Arthit Suriyawongkul of the Thai Netizen Network, which promotes online freedom.
Source: Hackers hit Thai sites to protest restrictive internet law
In late 2016 reports surfaced that Turkey had ordered ISPs to block access to Tor and several commercial VPN services. On 5 December, ISP industry representatives Turk Internet reported growing pressure to complete the ban, including demands for weekly progress reports on the status of the new technical restrictions. Users started reporting connectivity issues around the same time.
Turkey typically cuts access to individual sites by court order or administrative measure to permanently restrict access to services on grounds of morality and state security. In recent years, the government has also started to shut down social media networks entirely for hours or days during national emergencies and political unrest – a form of network interference that the Turkey Blocks project was founded to investigate.
Internet users in Turkey increasingly resort to VPNs and Tor to circumvent both kinds of censorship, allowing them, for example, to access independent sources of information and seek assistance in the minutes and hours following terror attacks.
Summary of findingsTurkey Blocks finds that the Tor direct access mode is now restricted for most internet users throughout the country; Tor usage via bridges including obfs3 and obfs4 remains viable, although we see indications that obfs3 is being downgraded by some service providers with scope for similar on restrictions obfs4. The restrictions are being implemented in tandem with apparent degradation of commercial VPN service traffic.
Source: Tor blocked in Turkey as government cracks down on VPN use – Turkey Blocks
A transformation is happening in global energy markets that’s worth noting as 2016 comes to an end: Solar power, for the first time, is becoming the cheapest form of new electricity.
This has happened in isolated projects in the past: an especially competitive auction in the Middle East, for example, resulting in record-cheap solar costs. But now unsubsidized solar is beginning to outcompete coal and natural gas on a larger scale, and notably, new solar projects in emerging markets are costing less to build than wind projects, according to fresh data from Bloomberg New Energy Finance.
Source: World Energy Hits a Turning Point: Solar That’s Cheaper Than Wind – Bloomberg
Yahoo has discovered a 3-year-old security breach that enabled a hacker to compromise more than 1 billion user accounts, breaking the company’s own humiliating record for the biggest security breach in history.
The digital heist disclosed Wednesday occurred in August 2013, more than a year before a separate hack that Yahoo announced nearly three months ago . That breach affected at least 500 million users, which had been the most far-reaching hack until the latest revelation.
[…]
In both attacks, the stolen information included names, email addresses, phone numbers, birthdates and security questions and answers. The company says it believes bank-account information and payment-card data were not affected.
But hackers also apparently stole passwords in both attacks. Technically, those passwords should be secure; Yahoo said they were scrambled twice — once by encryption and once by another technique called hashing. But hackers have become adept at cracking secured passwords by assembling huge dictionaries of similarly scrambled phrases and matching them against stolen password databases.
That could mean trouble for any users who reused their Yahoo password for other online accounts. Yahoo is requiring users to change their passwords and invalidating security questions so they can’t be used to hack into accounts. (You may get a reprieve if you’ve changed your password and questions since September.)
Source: Yahoo Suffers World’s Biggest Hack Affecting 1 Billion Users
Privacy Badger is a browser extension that automatically blocks hidden third-party trackers that would otherwise follow you around the web and spy on your browsing habits. Privacy Badger now has approximately 900,000 daily users and counting.
Third-party tracking—that is, when advertisers and websites track your browsing activity across the web without your knowledge, control, or consent—is an alarmingly widespread practice in online advertising. Privacy Badger spots and then blocks third-party domains that seem to be tracking your browsing habits (e.g. by setting cookies that could be used for tracking, or by fingerprinting your browser). If the same third-party domain appears to be tracking you on three or more different websites, Privacy Badger will conclude that the third party domain is a tracker and block future connections to it.
Privacy Badger always tells how many third-party domains it has detected and whether or not they seem to be trackers. Further, users have control over how Privacy Badger treats these domains, with options to block a domain entirely, block just cookies, or allow a domain.
Source: The New and Improved Privacy Badger 2.0 Is Here | Electronic Frontier Foundation
To everyone else, get patching
Source: Dear hackers, Ubuntu’s app crash reporter will happily execute your evil code on a victim’s box
Our Pegasus rocket successfully launched NASA’s Cyclone Global Navigation Satellite System (CYGNSS) from our L-1011 Stargazer aircraft this morning at 8:37 a.m. EST, and completed payload deployment at 8:52 a.m. To learn more about the CYGNSS mission, visit NASA’s blog here.
About the MissionThe three-stage Pegasus XL will be used to deploy eight small satellites for NASA’s Cyclone Global Navigation Satellite System (CYGNSS) mission into a Low-Earth orbit. Pegasus is carried aloft by Orbital ATK’s Stargazer L-1011 aircraft to approximately 40,000 feet over the Atlantic Ocean, where it will be released and free-fall for five seconds before igniting its first stage rocket motor. With its unique delta-shaped wing, Pegasus will deliver these satellites into orbit in a little over 10 minutes.
CYGNSS, developed by the University of Michigan, will probe the inner core of hurricanes to learn about their rapid intensification. CYGNSS is designed to remedy the inability of current remote sensors to see through the heavy rain in the inner core of a hurricane or to observe changes in the storm over short periods of time.
[…]
On April 5, 1990, Orbital ATK began a new era in commercial space flight when our Pegasus rocket was launched from beneath a NASA B-52 aircraft in a mission that originated from Dryden Flight Research Center in California. In the decades since its maiden flight, Pegasus has become the world’s standard for affordable and reliable small launch vehicles. It has conducted 42 missions, launching 86 satellites.
Source: Pegasus XL CYGNSS
This is getting loads of new coverage for being an air launch, but as you can see above, Oribtal ATK have been doing this since 1990 for NASA. Nothing new to see here!
macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. To secure your mac just update it with the December 2016 patches.Anyone including, but not limited to, your colleagues, the police, the evil maid and the thief will have full access to your data as long as they can gain physical access – unless the mac is completely shut down. If the mac is sleeping it is still vulnerable.Just stroll up to a locked mac, plug in the Thunderbolt device, force a reboot (ctrl+cmd+power) and wait for the password to be displayed in less than 30 seconds!
Source: Security | DMA | Hacking: macOS FileVault2 Password Retrieval
Cyber attacks targeting the global bank transfer system have succeeded in stealing funds since February’s heist of $81 million from the Bangladesh central bank as hackers have become more sophisticated in their tactics, according to a SWIFT official and a previously undisclosed letter the organization sent to banks worldwide.
Source: Exclusive: SWIFT confirms new cyber thefts, hacking tactics
When we look very closely at images generated by neural networks, we often see a strange checkerboard pattern of artifacts. It’s more obvious in some cases than others, but a large fraction of recent models exhibit this behavior.
Mysteriously, the checkerboard pattern tends to be most prominent in images with strong colors. What’s going on? Do neural networks hate bright colors? The actual cause of these artifacts is actually remarkably simple, as is a method for avoiding them.
Source: Deconvolution and Checkerboard Artifacts — Distill
A popular method for exploring high-dimensional data is something called t-SNE, introduced by van der Maaten and Hinton in 2008. The technique has become widespread in the field of machine learning, since it has an almost magical ability to create compelling two-dimensonal “maps” from data with hundreds or even thousands of dimensions. Although impressive, these images can be tempting to misread. The purpose of this note is to prevent some common misreadings.
Source: How to Use t-SNE Effectively — Distill
Recurrent neural networks are one of the staples of deep learning, allowing neural networks to work with sequences of data like text, audio and video. They can be used to boil a sequence down into a high-level understanding, to annotate sequences, and even to generate new sequences from scratch!
Source: Attention and Augmented Recurrent Neural Networks — Distill
The Deep Learning textbook is a resource intended to help students and practitioners enter the field of machine learning in general and deep learning in particular. The online version of the book is now complete and will remain available online for free.
Source: Deep Learning
Neural Networks and Deep Learning is a free online book. The book will teach you about:
Neural networks and deep learning currently provide the best solutions to many problems in image recognition, speech recognition, and natural language processing. This book will teach you many of the core concepts behind neural networks and deep learning.
Source: Neural networks and deep learning
Several interactive visualizations of a generative model of handwriting. Some are fun, some are serious.
Source: Experiments in Handwriting with a Neural Network — Distill
