Tags > security
Four short links: 21 December 2011 - Be a Data Hound, Secure Traveling, Secure SMS, Mozilla's Wider FocusBy Nat Torkington
December 21, 2011
AntiMap -- open source Android software to gather arbitrary data and visualize it. This enables you to be a 21C Francis Galton, the man who walked the streets of England using a pin to prick holes on a cross of card in his pocket, all to keep track of the relative average beauty of women in different parts of...
Why cloud services are a tempting target for attackers - Jeffrey Carr on the significant and escalating risks of hosting data with cloud providers.Jeffrey Carr
December 5, 2011
Before organizations embrace the efficiencies and cost savings of cloud services, they should also closely consider the security repercussions and liabilities attached to the cloud.
Four short links: 28 November 2011 - Ubicomp Project, Data Volumes, Yahoo! Cocktails, and Fighting CybercrimeBy Nat Torkington
November 28, 2011
Four short links: 25 November 2011 - MIND CONTROL COPTERS!, Better Security, Ratings Systems, and Lightweight ReferenceBy Nat Torkington
November 25, 2011
Continuous Three-Dimensional Control of a Virtual Helicopter Using a Motor Imagery Based Brain-Computer Interface (PLOSone) -- direct brain control is becoming a reality, tiny step by tiny step. Also: HELICOPTERS! Forward Secrecy for HTTPS -- Google contributed a better HTTPS cipher suite to OpenSSL, one that doesn't share keys between conversations. Yay the Goog for giving back. Ratings Systems...
Developer Week in Review: The hijacking of an insulin pump - Medical devices are remotely hacked, Google Maps get a price tag, and Linus Torvalds really doesn't like a certain language.James Turner
November 3, 2011
If you own an insulin pump, someone out there might have a hack with your name on it. Google decides to make high-volume Maps API users pony up some cash, and the creator of Linux goes after C++.
Four short links: 24 October 2011 - Interactive Web Goodness, Location Based Security, Referer vs https, and Financial ChartingBy Nat Torkington
October 24, 2011
Four short links: 19 October 2011 - Ubiquitous Multitouch, Bitcoin Bust, vim Text Concepts, and Storage TroublesBy Nat Torkington
October 19, 2011
OmniTouch: Wearable Interaction Everywhere -- compact projector + kinect equivalents in shoulder-mounted multitouch glory. (via Slashdot) Price of Bitcoin Still Dropping -- currency is a confidence game, and there's no confidence in Bitcoins since the massive Mt Gox exchange hack. vim Text Objects -- I'm an emacs user, so this is like reading Herodotus. "On the far side of...
Four short links: 18 October 2011 - Search Education, Classic Source, Analyzing Encrypted VoIP, and SQL InjectionBy Nat Torkington
October 18, 2011
Web Search Education (Google) -- lesson plans and materials for teaching people how to use search, from operators to critically evaluating sites. This latter area is the weakest: when I teach innocents about the web, I show them organic vs paid results, discuss why people advertise, how people pay for their sites, noticing domain names and organizations, etc. I...
Four short links: 12 October 2011 - Google Platforms, Securing Software, Interactive Design, and Building ProverbsBy Nat Torkington
October 12, 2011
Steve Yegge's Google Platforms Rant -- epic. Read it. (updated with new link) Guidelines for Securing Open Source Software (EFF) -- advice from the team that audited some commonly-used open source libraries. Avoid giving the user options that could compromise security, in the form of modes, dialogs, preferences, or tweaks of any sort. As security expert Ian Grigg puts...
Developer Week in Review: webSOS - HP bails, Oracle fails, and the UK teaches coding (including Wales).James Turner
September 23, 2011
WebOS is going to the great operating system repository in the sky, Oracle finds yet another way to peeve developers, and the UK tries to create a new generation of programmers.Andy Oram
September 11, 2011
What jumps out at me when considering September 11, 2001 is how little the world has changed in response. Ideas for integrating September 11 into our culture in a more healthy manner.
Four short links: 31 August 2011 - Maps on Android, Security Laws, Trough of Potential, and Enterprise GamificationBy Nat Torkington
August 31, 2011
OSMdroid -- The OpenStreetMapView is a (almost) full/free replacement for Android's MapView class. Also see this tutorial. (via Simon Gianoutsos) 10 Immutable Laws of Security (Microsoft) -- an oldie but a goodie. Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. What's in The Trough? (BERG London)...
Four short links: 24 August 2011 - STM in Python, Static Web is Back, Cyberwar, and Virtual Language EducationBy Nat Torkington
August 24, 2011
STM in PyPy -- a proposal to add software transactional memory to the all-Python Python interpreter as a way of simplifying concurrent programming. I first learned about STM from Haskell's Simon Peyton-Jones at OSCON. (via Nelson Minar) Werner Vogels' Static Web Site on S3 -- nice writeup of the toolchain to publish a web site to static files served...
Four short links: 22 August 2011 - Cooked Brands, HTML Bootstrap, Browser Security Headers, and Swarming RobotsBy Nat Torkington
August 22, 2011
Cities in Fact and Fiction: An Interview with William Gibson (Scientific American) -- Paris, as much as I love Paris, feels to me as though it's long since been "cooked." Its brand consists of what it is, and that can be embellished but not changed. A lack of availability of inexpensive shop-rentals is one very easily read warning sign...
Four short links: 9 August 2011 - Android Peripherals, Security Asymmetry, Teaching on G+, and HTTP Load TestingBy Nat Torkington
August 9, 2011
DSLR Controller -- Android app that lets you remote-control your DSLR. Much being made of the fact that iOS devices aren't as easy to interface with. For more, see the Wired article. (via BoingBoing) Asymmetric Security Warfare -- I found this nugget buried in this photo shoot talking about the differences between Black Hat and DEFCON conferences: [Mudge, Peiter]...
Strata Week: Hadoop adds security to its skill set - Hadoop and security, surprising results from a consumer data survey, and disconcerting data retention legislation.Audrey Watters
August 4, 2011
In the latest Strata Week: Will big data offer us more security insights? Or will large data stores become targets for security threats? Plus: A very old map gets a digital upgrade.Nat Torkington
August 2, 2011
DIY UAVs for Cyber-Warface -- aerial drone that poses as celltower, sniffs wifi, cracks passwords, and looks badass. The photo should be captioned "IM IN UR SKIES, SNIFFIN UR GMAIL SESSION COOKIEZ." (via Bryan O'Sullivan) Wicked Problems (Karl Schroeder) -- a category of problem which, once you read the definition, you recognize everywhere. 5. Every solution to a wicked...
Four short links: 29 July 2011 - SQL Injection, Optical Stick, SQL for Crowdsourcing, and DIY Medical RecordsBy Nat Torkington
July 29, 2011
SQL Injection Pocket Reference (Google Docs) -- just what it sounds like. (via ModSecurity SQL Injection Challenge: Lessons Learned) isostick: The Optical Drive in a Stick (KickStarter) -- clever! A USB memory stick with drivers that emulate optical drives so you can boot off .iso files you've put on the memory stick. (via Extreme Tech) CrowdDB: Answering Queries with...
Four short links: 25 July 2011 - Minecraft Emergent Behaviour, Algorithmic 3D Printing, Automated MapReduce Optimization, and Multi-Device PreviewBy Nat Torkington
July 25, 2011
Anonymity in Bitcoin -- TL;DR: Bitcoin is not inherently anonymous. It may be possible to conduct transactions is such a way so as to obscure your identity, but, in many cases, users and their transactions can be identified. We have performed an analysis of anonymity in the Bitcoin system and published our results in a preprint on arXiv. (via...
July 11, 2011
Which Banks are Enabling Fake AV Scams? -- some nice detective work to reveal the mechanisms and actors who take money from the marks in AV scams. (via BoingBoing) Developer Experience -- new site from ex-Google developer evangelist Pamela Fox, talking about the experience that API- and software-offering companies give to the developers they're wooing. Pros and Cons of...
Developer Week in Review: The unglamorous life of video game developers - To live and die making "L.A. Noire," unsensible censors, and the top 25 ways to get PWNEDJames Turner
July 7, 2011
The folks who make video games sound the alarm bells on working conditions, governments try to break the Internet, and MITRE unveils 2011's most dangerous software errors.
Four short links: 6 July 2011 - China Snaffling Facebook Stock, DNS Douchebaggery, Corporate Whores, and Comic ReliefBy Nat Torkington
July 6, 2011
China Wants to Buy Facebook (Forbes) -- Beijing approached a fund that buys stock from former Facebook employees to see if it could assemble a stake large enough "to matter." This has implications for Facebook entering China. Chief Operating Officer Sheryl Sandberg is reportedly "wary about the compromises Facebook would have to make to do business there." If she...
Developer Week in Review: Would your passcode pass muster? - Bad passcodes persist, more legal shenanigans, MySpace finds a homeJames Turner
June 30, 2011
A weekly lawsuit update, MySpace is purchased for a bargain price, and your darkest suspicions about the stupidity of passcode selections is confirmed.
Four short links: 17 June 2011 - Gamification Critique, BitCoin Trojan, App Store Abandonment, and SSD RantBy Nat Torkington
June 17, 2011
Don't Play Games With Me -- slides from an excellent talk about games and gamification. (via Andy Baio) All Your Bitcoins Are Ours (Symantec) -- a trojan in the wild that targets the wallet.dat file and transfers your bitcoins out. If you use Bitcoins, you have the option to encrypt your wallet and we recommend that you choose a...
Four short links: 13 June 2011 - Remote Fingerprint Scans, Playdough Circuits, Update-Sync, and Tweet FailageBy Nat Torkington
June 13, 2011
AIRPrint -- prototype box scans a fingerprint from six feet away. (via Greg Linden) Squishy Circuits -- teaching electronic circuits with conductive and insulating playdough. (via Hacker News) GraphLab -- alternative take on Map-Reduce, called Update-Sync, where tasks run on connected sets of nodes rather than on one node at a time. Tower Bridge Closed -- the @towerbridge account...Nat Torkington
June 2, 2011
Building Windows 8 - Video #1 (YouTube) -- lovely to see Microsoft's operating system finally leaping past a 2002 look and feel. YouTube Offers Creative Commons Licensing (BoingBoing) -- bravo! Redefiners Capturing Media Growth Dollars -- Anil Dash's corporate presentation about innovating within large (media) companies. The initial slides are money posturing to get the attention of the audience,...
Developer Week in Review: Apple devs cry "gimme shelter" - Apple protects their developers, Oracle earns a few bucks, and Sony has a bad weekJames Turner
May 25, 2011
If you were an Apple developer, it was a good week. If you were a Sony executive, it was a terrible, horrible, no good, very bad week. If you were Oracle, it was business as usual.
Why you can't really anonymize your data - It's time to accept and work within the limits of data anonymization.By Pete Warden
May 17, 2011
Because we now have so much data at our disposal, any dataset with a decent amount of information can be matched against identifiable public records. To keep datasets available, we must acknowledge that foolproof anonymization is an illusion.
Four short links: 16 May 2011 - Minority Report, Embedded Strings, GNU Voice Software, and Nigerian Emotional MastersBy Nat Torkington
May 16, 2011
Entering the Minority Report Era -- a survey of technology inspired by or reminiscent of Minority Report, which came out ten years ago. (via Hacker News) Sally -- a tool for embedding strings in matrices, as used in machine learning. (via Matt Biddulph) GNU SIP Witch Released -- can be used to deploy private secure calling networks, whether stand-alone...
May 9, 2011
UDID DeAnonymization -- a developer exposed an API that connected UDID to other information such as Facebook ID. The API has been closed, but it remains true that your iPhone has a primary key and darn near every app developer has a database linking your UDID to other details about you. Apple requires this to not be public, but...
Strata Week: Will data make stock exchanges unnecessary? - Data could disrupt the stock world, how stolen data is sold, and geography data's predictive powerAudrey Watters
May 5, 2011
Will big data kill the stock exchange? That question was recently explored by Andy Kessler. Plus: How recent security breaches could shape the black market and a look at how "island biogeography" predicted Osama Bin Laden's location.
Anatomy of a phish - In light of recent security snafus, it's worth reviewing the basics of phish detection and prevention.By Mike Loukides
May 3, 2011
Major security breaches sometimes lead to an onslaught of phish emails. Here's a handful of simple ways to spot suspect correspondence and avoid traps.
Four short links: 29 April 2011 - Gamification's Failures, Crowdsourced Clinical Study, Traceability, and Faster WebBy Nat Torkington
April 29, 2011
Kathy Sierra Nails Gamification -- I rarely link to things on O'Reilly sites, and have never before linked to something on Radar, but the comments here from Kathy Sierra are fantastic. She nails what makes me queasy about shallow gamification behaviours: replacing innate rewards with artificial ones papers over shitty products/experiences instead of fixing them, and don't get people...
Developer Week in Review - Suing your suppliers, tracking your customers, and giving away your assets.James Turner
April 22, 2011
In the latest Developer Week in Review: Everyone sued everyone else, the iPhone's location abilities instigated lots of discussion, and Oracle let Open Office fly away home.
4 ways DRM is like airport security - The failings of DRM become clear when viewed through a different lens.Joe Wikert
April 15, 2011
The similarities between digital rights management and airport security go beyond near-universal dislike. Comparing the two shows the failings of both.
Four short links: 12 April 2011 - Email Game, Faster B Trees, RFID+Projectors, and Airport Express BrokenBy Nat Torkington
April 12, 2011
The Email Game -- game mechanics to get you answering email more efficiently. Can't wait to hear that conversation with corporate IT. "You want us to install what on the Exchange server?" (via Demo Day Wrapup) Stratified B-trees and versioning dictionaries -- A classic versioned data structure in storage and computer science is the copy-on-write (CoW) B-tree -- it...Nat Torkington
April 5, 2011
The Big Map Blog -- awesome old maps, for the afficionado. (via Sacha Judd) sshuttle -- poor man's VPN built over ssh. (via Hacker News) Remembering LineDrive -- I, too, am bummed that LineDrive never became standard. And Maneesh, one of its cocreators. Check out his publications list! Websockets Pacman -- multiplayer Pacman, where players take the role of...Nat Torkington
April 4, 2011
Find The Future -- New York Public Library big game, by Jane McGonigal. (via Imran Ali) Enable Certificate Checking on Mac OS X -- how to get your browser to catch attempts to trick you with revoked certificates (more of a worry since security problems at certificate authorities came to light). (via Peter Biddle) Clever Algorithms -- Nature-Inspired Programming...
Developer Week in Review - WWDC tickets are here and gone, Gosling goes to Google, and irony at MySQL.James Turner
March 30, 2011
If you wanted WWDC tickets, you better have had a fast mouse finger. But if James Gosling wants to go to Google I/O, he'll have an inside track next year. Meanwhile, MySQL needs to practice what they preach, security-wise.
Open question: How much convenience are you willing to give up for security? - As multi-step security measures become the norm, consumers need to exert more effort.Jenn Webb
March 30, 2011
As more online security responsibility is shouldered by the end user, is enough enough, or are consumers willing to trade convenience for security?Andy Oram
March 28, 2011
Lillie Coney of the Electronic Privacy Information Center and Jules Polonetsky of the Future of Privacy Forum, cochairs of CFP this year, talk about what makes the conference unique and how it will illuminate the pressing issues of Twitter revolutions (or whatever role the Internet may play), surveillance and tracking, security of personal health data, and more.
Developer Week in Review - iPhone gets cracked, Twitter gets picky, and Internet connectivity gets disrupted.James Turner
March 16, 2011
In the latest Developer Week in Review: the iPhone fell to attackers, Twitter shunned their developers, and the Internet proved not to be as robust as one might hope.
March 16, 2011
March 3, 2011
Guangzhou City Map -- Chinese city maps: they use orthographic projection (think SimCity) and not satellite images. A nice compromise for usability, information content, and invisible censorship. (via Hacker News) Broken Windows, Broken Code, Broken Systems -- So, given that most of us live in the real world where some things are just left undone, where do we draw...
Four short links: 25 February 2011 - Banshee Bucks, Log Mining, Visualization Secrets, and Repression ToolsBy Nat Torkington
February 25, 2011
Canonical's New Plan for Banshee -- Canonical prepare the Linux distribution Ubuntu. They will distribute the popular iTunes-alike Banshee, but instead of the standard Amazon store plugin (which generates much $ in affiliate revenue for the GNOME Foundation) they will have Canonical's own Amazon store plugin and keep 75% of the revenue (25% going to the GNOME Foundation). They're...
Four short links: 24 February 2011 - Network Snooping, Traffic Growth, Data Munging, and Open InteropBy Nat Torkington
February 24, 2011
Charles -- a debugging proxy that lets a developer view all HTTP and SSL traffic between their machine and the Internet. (via Andy Baio's excellent "How I Indexed The Daily) The Rise and Rise of Mobile Broadband -- the Blackberry is now the standard measure of traffic, apparently. The outcome is simple - Cisco estimates that global mobile data...
Trend to watch: Formal relationships between governments and hackers - Cyber security expert Jeffrey Carr on the rise of government-sanctioned hackers.By Mac Slocum
February 14, 2011
Over the next year, cyber security expert Jeffrey Carr expects to see governments enlist civilians in organized cyber militias — and some countries will do this in plan and public view.
ePayments Week: How to steal coffee from your friends - Starbucks skips security, Visa wants a cut of those Smurfberries, and Nokia's CEO sets a fire.David Sims
February 10, 2011
The stakes may be low, but the weaknesses in Starbucks' mobile app highlight the trade-offs between security and convenience. Also, Visa buys a virtual goods platform and Nokia won't go quietly.
Four short links: 31 January 2011 - BBC Pares Web, Data Interaction Design, Long-Form Commerce, and Dangers of Free ThemesBy Nat Torkington
January 31, 2011
BBC Web Cuts Show Wider Disconnect (The Guardian) -- I forget that most people still think of the web as a secondary add-on to the traditional way of doing things rather than as the new way. Interesting article which brings home the point in the context of the BBC, but you can tell the same story in almost any...Nat Torkington
January 27, 2011
Mozilla Home Dash -- love this experiment in rethinking the browser from Mozilla. They call it a "browse-based browser" as opposed to "search-based browser" (hello, Chrome). Made me realize that, with Chrome, Google's achieved a 0-click interface to search--you search without meaning to as you type in URLs, you see advertising results without ever having visited a web site....
1 to 50 of 86 Next