Tags > security

Four short links: 21 December 2011 - Be a Data Hound, Secure Traveling, Secure SMS, Mozilla's Wider Focus

By Nat Torkington
December 21, 2011

AntiMap -- open source Android software to gather arbitrary data and visualize it. This enables you to be a 21C Francis Galton, the man who walked the streets of England using a pin to prick holes on a cross of card in his pocket, all to keep track of the relative average beauty of women in different parts of...

Why cloud services are a tempting target for attackers - Jeffrey Carr on the significant and escalating risks of hosting data with cloud providers.

Why cloud services are a tempting target for attackers - Jeffrey Carr on the significant and escalating risks of hosting data with cloud providers.
By Jeffrey Carr
December 5, 2011

Before organizations embrace the efficiencies and cost savings of cloud services, they should also closely consider the security repercussions and liabilities attached to the cloud.

Four short links: 28 November 2011 - Ubicomp Project, Data Volumes, Yahoo! Cocktails, and Fighting Cybercrime

By Nat Torkington
November 28, 2011

Twine (Kickstarter) -- modular sensors with connectivity, programmable in If This Then That style. (via TechCrunch) Small Sample Sizes Lead to High Margins of Error -- a reminder that all the stats in the world won't help you when you don't have enough data to meaningfully analyse. Yahoo! Cocktails -- somehow I missed this announcement of a Javascript front-and-back-end...

Four short links: 25 November 2011 - MIND CONTROL COPTERS!, Better Security, Ratings Systems, and Lightweight Reference

By Nat Torkington
November 25, 2011

Continuous Three-Dimensional Control of a Virtual Helicopter Using a Motor Imagery Based Brain-Computer Interface (PLOSone) -- direct brain control is becoming a reality, tiny step by tiny step. Also: HELICOPTERS! Forward Secrecy for HTTPS -- Google contributed a better HTTPS cipher suite to OpenSSL, one that doesn't share keys between conversations. Yay the Goog for giving back. Ratings Systems...

Developer Week in Review: The hijacking of an insulin pump - Medical devices are remotely hacked, Google Maps get a price tag, and Linus Torvalds really doesn't like a certain language.

Developer Week in Review: The hijacking of an insulin pump - Medical devices are remotely hacked, Google Maps get a price tag, and Linus Torvalds really doesn't like a certain language.
By James Turner
November 3, 2011

If you own an insulin pump, someone out there might have a hack with your name on it. Google decides to make high-volume Maps API users pony up some cash, and the creator of Linux goes after C++.

Four short links: 24 October 2011 - Interactive Web Goodness, Location Based Security, Referer vs https, and Financial Charting

By Nat Torkington
October 24, 2011

Tangle -- open source Javascript library for creating slider-type widgets in web pages, with built-in updating of other web elements. This is fantastic for exploring "what-if" scenarios. Check out the demos. Location-Based Security -- The researchers have created a customized version of Android controlled by a “policy engine” on a server. The Android devices use Bluetooth and near-field communications...

Four short links: 19 October 2011 - Ubiquitous Multitouch, Bitcoin Bust, vim Text Concepts, and Storage Troubles

By Nat Torkington
October 19, 2011

OmniTouch: Wearable Interaction Everywhere -- compact projector + kinect equivalents in shoulder-mounted multitouch glory. (via Slashdot) Price of Bitcoin Still Dropping -- currency is a confidence game, and there's no confidence in Bitcoins since the massive Mt Gox exchange hack. vim Text Objects -- I'm an emacs user, so this is like reading Herodotus. "On the far side of...

Four short links: 18 October 2011 - Search Education, Classic Source, Analyzing Encrypted VoIP, and SQL Injection

By Nat Torkington
October 18, 2011

Web Search Education (Google) -- lesson plans and materials for teaching people how to use search, from operators to critically evaluating sites. This latter area is the weakest: when I teach innocents about the web, I show them organic vs paid results, discuss why people advertise, how people pay for their sites, noticing domain names and organizations, etc. I...

Four short links: 12 October 2011 - Google Platforms, Securing Software, Interactive Design, and Building Proverbs

By Nat Torkington
October 12, 2011

Steve Yegge's Google Platforms Rant -- epic. Read it. (updated with new link) Guidelines for Securing Open Source Software (EFF) -- advice from the team that audited some commonly-used open source libraries. Avoid giving the user options that could compromise security, in the form of modes, dialogs, preferences, or tweaks of any sort. As security expert Ian Grigg puts...

Developer Week in Review: webSOS - HP bails, Oracle fails, and the UK teaches coding (including Wales).

Developer Week in Review: webSOS - HP bails, Oracle fails, and the UK teaches coding (including Wales).
By James Turner
September 23, 2011

WebOS is going to the great operating system repository in the sky, Oracle finds yet another way to peeve developers, and the UK tries to create a new generation of programmers.

The September 11 attacks: how little changed

By Andy Oram
September 11, 2011

What jumps out at me when considering September 11, 2001 is how little the world has changed in response. Ideas for integrating September 11 into our culture in a more healthy manner.

Four short links: 31 August 2011 - Maps on Android, Security Laws, Trough of Potential, and Enterprise Gamification

By Nat Torkington
August 31, 2011

OSMdroid -- The OpenStreetMapView is a (almost) full/free replacement for Android's MapView class. Also see this tutorial. (via Simon Gianoutsos) 10 Immutable Laws of Security (Microsoft) -- an oldie but a goodie. Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. What's in The Trough? (BERG London)...

Four short links: 24 August 2011 - STM in Python, Static Web is Back, Cyberwar, and Virtual Language Education

By Nat Torkington
August 24, 2011

STM in PyPy -- a proposal to add software transactional memory to the all-Python Python interpreter as a way of simplifying concurrent programming. I first learned about STM from Haskell's Simon Peyton-Jones at OSCON. (via Nelson Minar) Werner Vogels' Static Web Site on S3 -- nice writeup of the toolchain to publish a web site to static files served...

Four short links: 22 August 2011 - Cooked Brands, HTML Bootstrap, Browser Security Headers, and Swarming Robots

By Nat Torkington
August 22, 2011

Cities in Fact and Fiction: An Interview with William Gibson (Scientific American) -- Paris, as much as I love Paris, feels to me as though it's long since been "cooked." Its brand consists of what it is, and that can be embellished but not changed. A lack of availability of inexpensive shop-rentals is one very easily read warning sign...

Four short links: 9 August 2011 - Android Peripherals, Security Asymmetry, Teaching on G+, and HTTP Load Testing

By Nat Torkington
August 9, 2011

DSLR Controller -- Android app that lets you remote-control your DSLR. Much being made of the fact that iOS devices aren't as easy to interface with. For more, see the Wired article. (via BoingBoing) Asymmetric Security Warfare -- I found this nugget buried in this photo shoot talking about the differences between Black Hat and DEFCON conferences: [Mudge, Peiter]...

Strata Week: Hadoop adds security to its skill set - Hadoop and security, surprising results from a consumer data survey, and disconcerting data retention legislation.

Strata Week: Hadoop adds security to its skill set - Hadoop and security, surprising results from a consumer data survey, and disconcerting data retention legislation.
By Audrey Watters
August 4, 2011

In the latest Strata Week: Will big data offer us more security insights? Or will large data stores become targets for security threats? Plus: A very old map gets a digital upgrade.

Four short links: 2 August 2011 - UAV Sniffing, Wicked Problems, Online Classes, and Whisky Science

By Nat Torkington
August 2, 2011

DIY UAVs for Cyber-Warface -- aerial drone that poses as celltower, sniffs wifi, cracks passwords, and looks badass. The photo should be captioned "IM IN UR SKIES, SNIFFIN UR GMAIL SESSION COOKIEZ." (via Bryan O'Sullivan) Wicked Problems (Karl Schroeder) -- a category of problem which, once you read the definition, you recognize everywhere. 5. Every solution to a wicked...

Four short links: 29 July 2011 - SQL Injection, Optical Stick, SQL for Crowdsourcing, and DIY Medical Records

By Nat Torkington
July 29, 2011

SQL Injection Pocket Reference (Google Docs) -- just what it sounds like. (via ModSecurity SQL Injection Challenge: Lessons Learned) isostick: The Optical Drive in a Stick (KickStarter) -- clever! A USB memory stick with drivers that emulate optical drives so you can boot off .iso files you've put on the memory stick. (via Extreme Tech) CrowdDB: Answering Queries with...

Four short links: 25 July 2011 - Minecraft Emergent Behaviour, Algorithmic 3D Printing, Automated MapReduce Optimization, and Multi-Device Preview

By Nat Torkington
July 25, 2011

Anonymity in Bitcoin -- TL;DR: Bitcoin is not inherently anonymous. It may be possible to conduct transactions is such a way so as to obscure your identity, but, in many cases, users and their transactions can be identified. We have performed an analysis of anonymity in the Bitcoin system and published our results in a preprint on arXiv. (via...

Four short links: 11 July 2011 - Scammers Banks, DX, Scientific MTurk, and Teaching CS in Javascript

By Nat Torkington
July 11, 2011

Which Banks are Enabling Fake AV Scams? -- some nice detective work to reveal the mechanisms and actors who take money from the marks in AV scams. (via BoingBoing) Developer Experience -- new site from ex-Google developer evangelist Pamela Fox, talking about the experience that API- and software-offering companies give to the developers they're wooing. Pros and Cons of...

Developer Week in Review: The unglamorous life of video game developers - To live and die making "L.A. Noire," unsensible censors, and the top 25 ways to get PWNED

Developer Week in Review: The unglamorous life of video game developers - To live and die making
By James Turner
July 7, 2011

The folks who make video games sound the alarm bells on working conditions, governments try to break the Internet, and MITRE unveils 2011's most dangerous software errors.

Four short links: 6 July 2011 - China Snaffling Facebook Stock, DNS Douchebaggery, Corporate Whores, and Comic Relief

By Nat Torkington
July 6, 2011

China Wants to Buy Facebook (Forbes) -- Beijing approached a fund that buys stock from former Facebook employees to see if it could assemble a stake large enough "to matter." This has implications for Facebook entering China. Chief Operating Officer Sheryl Sandberg is reportedly "wary about the compromises Facebook would have to make to do business there." If she...

Developer Week in Review: Would your passcode pass muster? - Bad passcodes persist, more legal shenanigans, MySpace finds a home

Developer Week in Review: Would your passcode pass muster? - Bad passcodes persist, more legal shenanigans, MySpace finds a home
By James Turner
June 30, 2011

A weekly lawsuit update, MySpace is purchased for a bargain price, and your darkest suspicions about the stupidity of passcode selections is confirmed.

Four short links: 17 June 2011 - Gamification Critique, BitCoin Trojan, App Store Abandonment, and SSD Rant

By Nat Torkington
June 17, 2011

Don't Play Games With Me -- slides from an excellent talk about games and gamification. (via Andy Baio) All Your Bitcoins Are Ours (Symantec) -- a trojan in the wild that targets the wallet.dat file and transfers your bitcoins out. If you use Bitcoins, you have the option to encrypt your wallet and we recommend that you choose a...

Four short links: 13 June 2011 - Remote Fingerprint Scans, Playdough Circuits, Update-Sync, and Tweet Failage

By Nat Torkington
June 13, 2011

AIRPrint -- prototype box scans a fingerprint from six feet away. (via Greg Linden) Squishy Circuits -- teaching electronic circuits with conductive and insulating playdough. (via Hacker News) GraphLab -- alternative take on Map-Reduce, called Update-Sync, where tasks run on connected sets of nodes rather than on one node at a time. Tower Bridge Closed -- the @towerbridge account...

Four short links: 2 June 2011 - Windows 8, CC YouTube, Corporate Innovation, and Crypto Lifetimes

By Nat Torkington
June 2, 2011

Building Windows 8 - Video #1 (YouTube) -- lovely to see Microsoft's operating system finally leaping past a 2002 look and feel. YouTube Offers Creative Commons Licensing (BoingBoing) -- bravo! Redefiners Capturing Media Growth Dollars -- Anil Dash's corporate presentation about innovating within large (media) companies. The initial slides are money posturing to get the attention of the audience,...

Developer Week in Review: Apple devs cry "gimme shelter" - Apple protects their developers, Oracle earns a few bucks, and Sony has a bad week

Developer Week in Review: Apple devs cry
By James Turner
May 25, 2011

If you were an Apple developer, it was a good week. If you were a Sony executive, it was a terrible, horrible, no good, very bad week. If you were Oracle, it was business as usual.

Why you can't really anonymize your data - It's time to accept and work within the limits of data anonymization.

By Pete Warden
May 17, 2011

Because we now have so much data at our disposal, any dataset with a decent amount of information can be matched against identifiable public records. To keep datasets available, we must acknowledge that foolproof anonymization is an illusion.

Four short links: 16 May 2011 - Minority Report, Embedded Strings, GNU Voice Software, and Nigerian Emotional Masters

By Nat Torkington
May 16, 2011

Entering the Minority Report Era -- a survey of technology inspired by or reminiscent of Minority Report, which came out ten years ago. (via Hacker News) Sally -- a tool for embedding strings in matrices, as used in machine learning. (via Matt Biddulph) GNU SIP Witch Released -- can be used to deploy private secure calling networks, whether stand-alone...

Four short links: 9 May 2011 - iPhone Anonymity, Fabbed Souvenirs, Perl+Go=Campher, and Javascript Slides

By Nat Torkington
May 9, 2011

UDID DeAnonymization -- a developer exposed an API that connected UDID to other information such as Facebook ID. The API has been closed, but it remains true that your iPhone has a primary key and darn near every app developer has a database linking your UDID to other details about you. Apple requires this to not be public, but...

Strata Week: Will data make stock exchanges unnecessary? - Data could disrupt the stock world, how stolen data is sold, and geography data's predictive power

Strata Week: Will data make stock exchanges unnecessary? - Data could disrupt the stock world, how stolen data is sold, and geography data's predictive power
By Audrey Watters
May 5, 2011

Will big data kill the stock exchange? That question was recently explored by Andy Kessler. Plus: How recent security breaches could shape the black market and a look at how "island biogeography" predicted Osama Bin Laden's location.

Anatomy of a phish - In light of recent security snafus, it's worth reviewing the basics of phish detection and prevention.

By Mike Loukides
May 3, 2011

Major security breaches sometimes lead to an onslaught of phish emails. Here's a handful of simple ways to spot suspect correspondence and avoid traps.

Four short links: 29 April 2011 - Gamification's Failures, Crowdsourced Clinical Study, Traceability, and Faster Web

By Nat Torkington
April 29, 2011

Kathy Sierra Nails Gamification -- I rarely link to things on O'Reilly sites, and have never before linked to something on Radar, but the comments here from Kathy Sierra are fantastic. She nails what makes me queasy about shallow gamification behaviours: replacing innate rewards with artificial ones papers over shitty products/experiences instead of fixing them, and don't get people...

Developer Week in Review - Suing your suppliers, tracking your customers, and giving away your assets.

Developer Week in Review - Suing your suppliers, tracking your customers, and giving away your assets.
By James Turner
April 22, 2011

In the latest Developer Week in Review: Everyone sued everyone else, the iPhone's location abilities instigated lots of discussion, and Oracle let Open Office fly away home.

4 ways DRM is like airport security - The failings of DRM become clear when viewed through a different lens.

4 ways DRM is like airport security - The failings of DRM become clear when viewed through a different lens.
By Joe Wikert
April 15, 2011

The similarities between digital rights management and airport security go beyond near-universal dislike. Comparing the two shows the failings of both.

Four short links: 12 April 2011 - Email Game, Faster B Trees, RFID+Projectors, and Airport Express Broken

By Nat Torkington
April 12, 2011

The Email Game -- game mechanics to get you answering email more efficiently. Can't wait to hear that conversation with corporate IT. "You want us to install what on the Exchange server?" (via Demo Day Wrapup) Stratified B-trees and versioning dictionaries -- A classic versioned data structure in storage and computer science is the copy-on-write (CoW) B-tree -- it...

Four short links: 5 April 2011 - Big Maps, ssh VPN, Line Maps, and HTML5 Multiplayer Pacman

By Nat Torkington
April 5, 2011

The Big Map Blog -- awesome old maps, for the afficionado. (via Sacha Judd) sshuttle -- poor man's VPN built over ssh. (via Hacker News) Remembering LineDrive -- I, too, am bummed that LineDrive never became standard. And Maneesh, one of its cocreators. Check out his publications list! Websockets Pacman -- multiplayer Pacman, where players take the role of...

Four short links: 4 April 2011 - Library Game, Mac Security, Natural Programming, Selecting Metrics

By Nat Torkington
April 4, 2011

Find The Future -- New York Public Library big game, by Jane McGonigal. (via Imran Ali) Enable Certificate Checking on Mac OS X -- how to get your browser to catch attempts to trick you with revoked certificates (more of a worry since security problems at certificate authorities came to light). (via Peter Biddle) Clever Algorithms -- Nature-Inspired Programming...

Developer Week in Review - WWDC tickets are here and gone, Gosling goes to Google, and irony at MySQL.

Developer Week in Review - WWDC tickets are here and gone, Gosling goes to Google, and irony at MySQL.
By James Turner
March 30, 2011

If you wanted WWDC tickets, you better have had a fast mouse finger. But if James Gosling wants to go to Google I/O, he'll have an inside track next year. Meanwhile, MySQL needs to practice what they preach, security-wise.

Open question: How much convenience are you willing to give up for security? - As multi-step security measures become the norm, consumers need to exert more effort.

Open question: How much convenience are you willing to give up for security? - As multi-step security measures become the norm, consumers need to exert more effort.
By Jenn Webb
March 30, 2011

As more online security responsibility is shouldered by the end user, is enough enough, or are consumers willing to trade convenience for security?

Computers, Freedom, and Privacy enters 21st year at a moment of hot debate

By Andy Oram
March 28, 2011

Lillie Coney of the Electronic Privacy Information Center and Jules Polonetsky of the Future of Privacy Forum, cochairs of CFP this year, talk about what makes the conference unique and how it will illuminate the pressing issues of Twitter revolutions (or whatever role the Internet may play), surveillance and tracking, security of personal health data, and more.

Developer Week in Review - iPhone gets cracked, Twitter gets picky, and Internet connectivity gets disrupted.

Developer Week in Review - iPhone gets cracked, Twitter gets picky, and Internet connectivity gets disrupted.
By James Turner
March 16, 2011

In the latest Developer Week in Review: the iPhone fell to attackers, Twitter shunned their developers, and the Internet proved not to be as robust as one might hope.

Four Short Links: 16 March 2011 - Javascript Fiddling, Securing Web Traffic, DIY Jumbotron, and Kinect Tesla Fun

By Nat Torkington
March 16, 2011

JS Fiddle -- an online editor for snippets build from HTML, CSS and JavaScript. The code can then be shared with others, embedded on a blog, etc. (via Darren Wood) SideStep -- Mac OS X program that automatically routes connections through a secure proxy when you're on an unsecured wifi network. (via Gina Trapani) Junkyard Jumbotron (MIT) -- lets...

Four short links: 3 March 2011 - Chinese Maps, Ops Standards, Android Malware, and Free Fonts

By Nat Torkington
March 3, 2011

Guangzhou City Map -- Chinese city maps: they use orthographic projection (think SimCity) and not satellite images. A nice compromise for usability, information content, and invisible censorship. (via Hacker News) Broken Windows, Broken Code, Broken Systems -- So, given that most of us live in the real world where some things are just left undone, where do we draw...

Four short links: 25 February 2011 - Banshee Bucks, Log Mining, Visualization Secrets, and Repression Tools

By Nat Torkington
February 25, 2011

Canonical's New Plan for Banshee -- Canonical prepare the Linux distribution Ubuntu. They will distribute the popular iTunes-alike Banshee, but instead of the standard Amazon store plugin (which generates much $ in affiliate revenue for the GNOME Foundation) they will have Canonical's own Amazon store plugin and keep 75% of the revenue (25% going to the GNOME Foundation). They're...

Four short links: 24 February 2011 - Network Snooping, Traffic Growth, Data Munging, and Open Interop

By Nat Torkington
February 24, 2011

Charles -- a debugging proxy that lets a developer view all HTTP and SSL traffic between their machine and the Internet. (via Andy Baio's excellent "How I Indexed The Daily) The Rise and Rise of Mobile Broadband -- the Blackberry is now the standard measure of traffic, apparently. The outcome is simple - Cisco estimates that global mobile data...

Trend to watch: Formal relationships between governments and hackers - Cyber security expert Jeffrey Carr on the rise of government-sanctioned hackers.

By Mac Slocum
February 14, 2011

Over the next year, cyber security expert Jeffrey Carr expects to see governments enlist civilians in organized cyber militias — and some countries will do this in plan and public view.

ePayments Week: How to steal coffee from your friends - Starbucks skips security, Visa wants a cut of those Smurfberries, and Nokia's CEO sets a fire.

ePayments Week: How to steal coffee from your friends - Starbucks skips security, Visa wants a cut of those Smurfberries, and Nokia's CEO sets a fire.
By David Sims
February 10, 2011

The stakes may be low, but the weaknesses in Starbucks' mobile app highlight the trade-offs between security and convenience. Also, Visa buys a virtual goods platform and Nokia won't go quietly.

Four short links: 31 January 2011 - BBC Pares Web, Data Interaction Design, Long-Form Commerce, and Dangers of Free Themes

By Nat Torkington
January 31, 2011

BBC Web Cuts Show Wider Disconnect (The Guardian) -- I forget that most people still think of the web as a secondary add-on to the traditional way of doing things rather than as the new way. Interesting article which brings home the point in the context of the BBC, but you can tell the same story in almost any...

Four short links: 27 January 2011 - New Browser, Google APIs, NFC Checkin, and XSS Prevention

By Nat Torkington
January 27, 2011

Mozilla Home Dash -- love this experiment in rethinking the browser from Mozilla. They call it a "browse-based browser" as opposed to "search-based browser" (hello, Chrome). Made me realize that, with Chrome, Google's achieved a 0-click interface to search--you search without meaning to as you type in URLs, you see advertising results without ever having visited a web site....


1 to 50 of 86 Next

Popular Topics

Browse Books & Videos

International Sites

O'Reilly China O'Reilly Germany O'Reilly Japan