286 Matching Annotations
  1. Nov 2017
    1. EFF recommendations for Congress regarding data security and data breaches like the one at Equifax.

      https://www.ftc.gov/datasecurity<br> FTC guide to data security for businesses.

  2. Oct 2017
    1. DEFCON, the world’s largest hacker conference, will release its findings on Tuesday, months after hosting a July demonstration in which hackers quickly broke into 25 different types of voting machines.

      ...

      Though the report offers no proof of an attack last year, experts involved with it say they’re sure it is possible—and probable—and that the chances of a bigger attack in the future are high.

      “From a technological point of view, this is something that is clearly doable,” said Sherri Ramsay, the former director of the federal Central Security Service Threat Operations Center, which handles cyber threats for the military and the National Security Agency. “For us to turn a blind eye to this, I think that would be very irresponsible on our part.”

  3. Aug 2017
  4. May 2017
    1. Tools that might be able to decrypt files encrypted by the WannaCry ransomware. With a little luck, and if the victim hasn't rebooted, the keys can be found in memory.

    1. Certain HP laptops have flawed audio drivers that record all your keystrokes to: C:\Users\Public\MicTray.log

      If these files exist, delete them: C:\Windows\System32\MicTray64.exe C:\Windows\System32\MicTray.exe

    1. Sanskrit is the only human spoken language which has a context free grammar which means while you cannot write a compiler which can read and understand (parse) english sentences bcoz of the ambiguous nature in English sentences, you can definitely write a compiler for Sanskrit which can understand sanskrit and compile the instructions into binary.

      Using Sanskrit as a language for computing has been proposed, but seems to go nowhere.

  5. Apr 2017
    1. Phishing attack that uses Unicode characters to fake a domain name.

      The xn-- prefix is what is known as an ‘ASCII compatible encoding’ prefix. It lets the browser know that the domain uses ‘punycode’ encoding to represent Unicode characters. In non-techie speak, this means that if you have a domain name with Chinese or other international characters, you can register a domain name with normal A-Z characters that can allow a browser to represent that domain as international characters in the location bar.

      What we have done above is used ‘e’ ‘p’ ‘i’ and ‘c’ unicode characters that look identical to the real characters but are different unicode characters. In the current version of Chrome, as long as all characters are unicode, it will show the domain in its internationalized form.

  6. Mar 2017
    1. i--W i - Wih - - - ffi m _.. _ e _ _ Wiii,i' _i --,.,q,q.,-.. _ _Iq]E - - - i F == F -| '

      Some of the claims for the revolutionary effect of computers on humanistic study have clearly been exaggerated or wrongly formulated. Seen from a certain point of viewm a computer, even one connected by modem or Ethernet to the Wolrd Wide Web, is, as many people would claim, no more than a glorified typewriter, though one should not underestimate the changes this glorification makes. An example is the new ease of revision, the facility with which things can be added, deleted, or moved from one place to another in a computer files as opposed to a typed manuscript. Such ease gradually encourages the adept in computer composition to think of what he or she writes as never being in quite finished form. Whatever is printed is alsways just one stage in a potentially endless process of revision, deletion, addition, and rearrangement.

    1. The Justice Department has announced charges against four people, including two Russian security officials, over cybercrimes linked to a massive hack of millions of Yahoo user accounts. [500M accounts, in 2014]

      Two of the defendants — Dmitry Dokuchaev and his superior Igor Sushchin — are officers of the Russian Federal Security Service, or FSB. According to court documents, they "protected, directed, facilitated and paid" two criminal hackers, Alexsey Belan and Karim Baratov, to access information that has intelligence value. Belan also allegedly used the information obtained for his personal financial gain.

  7. Feb 2017
    1. A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange heartfelt messages left more than 800,000 customer credentials, as well as two million message recordings, totally exposed online for anyone to see and listen.

  8. Jan 2017
    1. In Python, as well as in any other object-oriented programming language, we define a class to be a description of what the data look like (the state) and what the data can do (the behavior). Classes are analogous to abstract data types because a user of a class only sees the state and behavior of a data item. Data items are called objects in the object-oriented paradigm. An object is an instance of a class.

      Class = General description of form and functions of data. Object = A member or instance of a class.

    1. Thousands of poorly secured MongoDB databases have been deleted by attackers recently. The attackers offer to restore the data in exchange for a ransom -- but they may not actually have a copy.

    1. People say that the 1968 Fall Joint Computer Conference in San Francisco was a watershed. After seeing your demonstration, people left that room never thinking about computers the same way again. Would you say that's an accurate encapsulation?

      Reception of the Mother of All Demos

  9. Dec 2016
  10. Sep 2016
    1. The Tesla accident in May, researchers say, was not a failure of computer vision. But it underscored the limitations of the science in applications like driverless cars despite remarkable progress in recent years, fueled by digital data, computer firepower and software inspired by the human brain.

      Testing annotations. Interesting statement.

  11. Aug 2016
    1. "We demonstrate that well-known compression-based attacks such as CRIME or BREACH (but also lesser-known ones) can be executed by merely running JavaScript code in the victim’s browser. This is possible because HEIST allows us to determine the length of a response, without having to observe traffic at the network level."

      HEIST attacks can be blocked by disabling 3rd-party cookies.

      https://twitter.com/vanhoefm<br> https://twitter.com/tomvangoethem

  12. Jul 2016
    1. Neil Fraser says Vietnam is doing well with computer science education.

      "If grade 5 students in Vietnam are performing at least on par with their grade 11 peers in the USA, what does grade 11 in Vietnam look like? I walked into a high school CS class, again without any advance notice. The class was working on the assignment below (partially translated by their teacher for my benefit afterwards). Given a data file describing a maze with diagonal walls, count the number of enclosed areas, and measure the size of the largest one."

  13. Jun 2016
    1. These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.

      ...

      Tuesday's advisory is only the latest to underscore game-over vulnerabilities found in widely available antivirus packages.

      https://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html

    1. Two performances did seem to transcend the present, with artists sharing music that felt like open-source software to paths unknown. The first, Sam Aaron, played an early techno set to a small crowd, performing by coding live. His computer display, splayed naked on a giant screen, showcasedSonic Pi, the free software he invented. Before he let loose by revising lines of brackets, colons and commas, he typed:#This is Sonic Pi…..#I use it to teach people how to code#everything i do tonight, i can teach a 10 year old child…..His set – which sounded like Electric Café-era Kraftwerk, a little bit of Aphex Twin skitter and some Eighties electro – was constructed through typing and deleting lines of code. The shadowy DJ sets, knob-tweaking noise and fogbank ambient of many Moogfest performers was completely demystified and turned into simple numbers and letters that you could see in action. Dubbed "the live coding synth for everyone," it truly seemed less like a performance and more like an invitation to code your own adventure.
    2. The shadowy DJ sets, knob-tweaking noise and fogbank ambient of many Moogfest performers was completely demystified and turned into simple numbers and letters that you could see in action.
    1. Civilization advances by extending the number of important operations we can perform without thinking about them.

      This sounds really similar to the concept of "abstraction".

    Tags

    Annotators

  14. May 2016
    1. The problem found in the literature is that students are not efficient note takers, meaning they only successfully capture information about 20% of the time, and they are organizationally flawed and therefore miss how information should fit together. These shortcomings, efficiency and organization, are particularly acute in individuals taking notes on a computer alone (Mueller & Oppenheimer, 2014). Mueller and Oppenheimer (2014) specifically find that computers –when used in isolation –lead to lower levels of information retention, and they postulate this is due to students trying to bestenographers with keyboards instead of actively engaging with the material.

      Summary of the problem with taking notes on computers as opposed to by hand, ie the temptation to try to be a stenographer rather than engaging with and interpreting the material.

    1. Users may submit their paper using a pseudonym and in formats that contain little, if any, identifying metadata.

      Do elementary and secondary teachers know how to do this? A substantial assumption is that teachers know how to explain this to their students.

      This requires much more than any definitions of computer literacy and is a wizard level skill.

  15. Apr 2016
    1. On the other hand it is possible that human control over the machines may be retained. In that case the average man may have control over certain private machines of his own, such as his car or his personal computer, but control over large systems of machines will be in the hands of a tiny elite – just as it is today, but with two differences. Due to improved techniques the elite will have greater control over the masses; and because human work will no longer be necessary the masses will be superfluous, a useless burden on the system. If the elite is ruthless they may simply decide to exterminate the mass of humanity. If they are humane they may use propaganda or other psychological or biological techniques to reduce the birth rate until the mass of humanity becomes extinct, leaving the world to the elite. Or, if the elite consists of soft-hearted liberals, they may decide to play the role of good shepherds to the rest of the human race. They will see to it that everyone’s physical needs are satisfied, that all children are raised under psychologically hygienic conditions, that everyone has a wholesome hobby to keep him busy, and that anyone who may become dissatisfied undergoes “treatment” to cure his “problem.” Of course, life will be so purposeless that people will have to be biologically or psychologically engineered either to remove their need for the power process or make them “sublimate” their drive for power into some harmless hobby. These engineered human beings may be happy in such a society, but they will most certainly not be free. They will have been reduced to the status of domestic animals.1
    1. Great Principles of Computing<br> Peter J. Denning, Craig H. Martell

      This is a book about the whole of computing—its algorithms, architectures, and designs.

      Denning and Martell divide the great principles of computing into six categories: communication, computation, coordination, recollection, evaluation, and design.

      "Programmers have the largest impact when they are designers; otherwise, they are just coders for someone else's design."

  16. Feb 2016
  17. Jan 2016
    1. Discussion about Obama's computer science for K-12 initiative. CS programs in high school are about 40 years overdue. It is a valid concern that much of this money may be wasted on overpriced proprietary software, hardware, and training programs. And of course, average schools will handle CS about like they handle other subjects -- not very well.

      Another concern raised, and countered, is that more programmers will mean lower wages for programmers. But not everyone who studies CS in high school is going to become a programmer. And an increase in computer literacy may help increase the demand for programmers and technicians.

    1. educators and business leaders are increasingly recognizing that CS is a “new basic” skill necessary for economic opportunity. The President referenced his Computer Science for All Initiative, which provides $4 billion in funding for states and $100 million directly for districts in his upcoming budget; and invests more than $135 million beginning this year by the National Science Foundation and the Corporation for National and Community Service to support and train CS teachers.
    1. This has implications far beyond the cryptocurrency

      The concept of trust, in the sociological and economic sense, underlies exchange. In the 15th-17th centuries, the Dutch and English dominance of trade owed much to their early development of instruments of credit that allowed merchants to fund and later to insure commercial shipping without the exchange of hard currency, either silver or by physically transporting the currency of the realm. Credit worked because the English and Dutch economies trusted the issuers of credit.

      Francis Fukuyama, a philosopher and political economist at Stanford, wrote a book in 1995, Trust: The Social Virtues and the Creation of Prosperity, on the impact of cultures of trust on entrepreneurial growth. Countries of ‘low trust’ have close family culture who limit trust to relations: France, China, S. Italy. Countries of ‘high trust’ have greater ‘spontaneous sociability’ that encourages the formation of intermediate institutions between the state and the family, that encourage greater entrepreneurial growth: Germany, England, the U.S. – I own the book and (shame on me!) haven’t yet read it.

      I thought of this article in those contexts – of the general need for trusted institutions and the power they have in mediating an economy, and the fascinating questions raised when a new facilitator of trust is introduced.

      How do we trust? Across human history, how have we extended the social role of trust to institutions? If a new modality of trust comes available, how does that change institutional structures and correspondingly the power of individuals, of institutions. How would it change the friction to growth and to decline?

      Prior to reading this article, I had dismissed Bitcoin as a temporary aberration, mostly for criminal enterprises and malcontents. I still feel that way. But the underlying technology and it’s implications – now that’s interesting.

    1. Category Theory for the Sciences by David I. Spivak<br> Creative Commons Attribution-NonCommercial-ShareAlike 4.0<br> MIT Press.

    1. It was not so very long ago that people thought that semiconductors were part-time orchestra leaders and microchips were very, very small snack foods. --Geraldine A. Ferraro

      Good one.

    1. Linode Cloud Service has been under DDoS attack for a few days. Now they've discovered some stolen passwords. It is not yet known whether the same attacker is responsible for both.

      A security investigation into the unauthorized login of three accounts has led us to the discovery of two Linode.com user credentials on an external machine. This implies user credentials could have been read from our database, either offline or on, at some point.<br> . . .<br> The entire Linode team has been working around the clock to address both this issue and the ongoing DDoS attacks. We've retained a well-known third-party security firm to aid in our investigation. Multiple Federal law enforcement authorities are also investigating and have cases open for both issues.

  18. Dec 2015
    1. A TOP-SECRET document dated February 2011 reveals that British spy agency GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks, a leading provider of networking and Internet security gear.

      Matt Blaze, a cryptographic researcher and director of the Distributed Systems Lab at the University of Pennsylvania, said the document contains clues that indicate the 2011 capabilities against Juniper are not connected to the recently discovered vulnerabilities.

      So the NSA and GCHQ (and CIA and FBI, etc) are constantly working to find -- or create -- security flaws wherever they can. Civilians get jail time for things like that. Concern for national security should require them to report flaws they discover to the firms that make the hardware and software. But CISA isn't about security.

    1. Representatives of the White House seemed to listen attentively, but shared little about their thoughts. They maintained that President Obama’s position has not changed in the last few months. While they seemed well aware of our concerns about the technical infeasibility of inserting backdoors, they didn’t necessarily share them. That worried us a great deal.
    1. In 1980 Joachim Lambek showed that the types and programs used in computerscience form a specific kind of category. This provided a new semantics for talking aboutprograms, allowing people to investigate how programs combine and compose to createother programs, without caring about the specifics of implementation. Eugenio Moggibrought the category theoretic notion of monads into computer science to encapsulateideas that up to that point were considered outside the realm of such theory.
  19. Nov 2015
    1. The Free Software Foundation's definition of free software, originally expressed by Richard Stallman. It is free as in free speech, not as in free beer. Software offered for a fee can still be free. A program is free software if the users have four essential freedoms:

      0. Run the program as you wish, for any purpose.<br> 1. Study the source code, and change it as you please.<br> 2. Copy and distribute the original program.<br> 3. Copy and distribute modified versions.

    1. “Many random number generators in use today are not very good. There is a tendency for people to avoid learning anything about such subroutines; quite often we find that some old method that is comparatively unsatisfactory has blindly been passed down from one programmer to another, and today’s users have no understanding of its limitations.”— Donald Knuth; The Art of Computer Programming, Volume 2.

      Mike Malone examines JavaScript's Math.random() in v8, argues that the algorithm used should be replaced, and suggests alternatives.

  20. Sep 2015
  21. Jul 2015
    1. Excessive use of computer games among young people in China appears to be taking an alarming turn and may have particular relevance for American parents whose children spend many hours a day focused on electronic screens. The documentary “Web Junkie,” to be shown next Monday on PBS, highlights the tragic effects on teenagers who become hooked on video games, playing for dozens of hours at a time often without breaks to eat, sleep or even use the bathroom. Many come to view the real world as fake.
  22. Jun 2015
    1. There’s a scale for how to think about science. On one end there’s an attempt to solve deep, fundamental questions of nature; on the other is rote uninteresting procedure. There’s also a scale for creating products. On one end you find ambitious, important breakthroughs; on the other small, iterative updates. Plot those two things next to each other and you get a simple chart with four sections. Important science but no immediate practical use? That’s pure basic research — think Niels Bohr and his investigations into the nature of the atom. Not much science but huge practical implications? That’s pure applied research — think Thomas Edison grinding through thousands of materials before he lit upon the tungsten filament for the lightbulb.
  23. Mar 2015
    1. ImageNet is an image database organized according to the WordNet hierarchy (currently only the nouns), in which each node of the hierarchy is depicted by hundreds and thousands of images. Currently we have an average of over five hundred images per node. We hope ImageNet will become a useful resource for researchers, educators, students and all of you who share our passion for pictures.