Recent Comments


Note: new comments may take a few minutes to appear on this page.

August 15, 2018 1:04 AM

Ismar on Identifying Programmers by their Coding Style:

I feel obliged to comment here as I have years of "coding" in professional environments.

Most of the software development companies strive to make the code based as uniform as possible.
This is done by using coding guidelines, coding standard, development frameworks with IDE support for scaffolding as well as tools for optimising code for both maintenance and performance.
In short, while every developer introduces traces of their individuality in to the code base they are heavily obfuscated by the aforementioned processes.

On the other hand, all of the code...

Read More →

August 15, 2018 12:12 AM

gordo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@ bttb,

This is my favorite line, the last line from the https://www.emptywheel.net/2018/08/13/the-dossier-as-disinformation-why-it-would-matter/ article:

And all that’s before you get into how perfectly the dossier has served to discredit a very real, well-founded counterintelligence investigation and entangled Democrats and the press in expensive lawfare.

That the folks involved in running the counterintelligence...

Read More →

August 14, 2018 10:53 PM

Clive Robinson on Google Tracks its Users Even if They Opt-Out of Tracking:

@ Wo, et al,

Everyone cares about their privacy as they display in their every day habits.

Actually they do not. What they care about is,

    The privacy life has made them aware of.

That is the privacy caused by social convention and of hurt/embarrassment at the time or shortly after their risky behaviour.

From a very early age humans learn from "hurt" be it physical or emotional, as we get older we have the empathy to learn from others pain[1]. That is we are in some respects "the sum of our scars".

What people DO...

Read More →

August 14, 2018 10:40 PM

Michael on Google Tracks its Users Even if They Opt-Out of Tracking:

“On the one hand, this isn't surprising to technologists. Lots of applications use location data. On the other hand, it's very surprising -- and counterintuitive -- to everyone else. And that's why this is a problem.”

No. That “this isn't surprising to technologists“ is the problem, because it implies that the people who are most capable of fighting this have already given up.

August 14, 2018 7:39 PM

Clay_T on Don't Fear the TSA Cutting Airport Security. Be Glad That They're Talking about It.:

I had an entertaining exchange with some of TSA's finest at SNA last week.

I had a small 12V SLA battery in my carry-on (perfectly acceptable per FAA regs).

First TSA drone pulled it out of the bag and asked “what is this?”

I told her it was a battery.

She took it over to some drone behind a desk then, together, they all walked around the corner with my battery.

After a minute, the #1 TSA came back with #4 TSA, who also asked me “what is it?”

Then he asked TSA #1 if she had swabbed it for explosives. She said she hadn’t and proceeded to swab...

Read More →

August 14, 2018 7:29 PM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

German pharmaceutical company Fresenius Kabi does not have a position on the death penalty? It's objection isn't to the death penalty but reputational damage?!?!! Pardon? If their reputation wasn't damaged before saying this? It is now.

https://www.independent.co.uk/news/world/americas/carey-dean-moore-fentanyl-capital-punishment-death-penalty-nebraska-execute-a8491671.html

In court filings challenging the use of its...

Read More →

August 14, 2018 7:16 PM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

Another constititional legal challenge to Brexit. Hooray!

Also a possible answer to defusing the extreme right wing. Once off their inflammatory and divisive positions (and jokes and gags like the neo-nazi Ukip) when questioned they have no answers to how to help constituents in their ordinary lives.

https://www.theguardian.com/politics/2018/aug/14/british-expats-in-eu-launch-brexit-legal-challenge

British expatriates have launched a fresh legal...

Read More →

August 14, 2018 7:09 PM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

This makes a change from young men tricked into believing they will be heroes. The assassins of Kim Jong Nam were actually young women tricked into believing they were hired to play pranks for a television show?

https://www.theguardian.com/world/2018/aug/15/kim-jong-nam-murder-trial-siti-aisyah-mum-i-was-tricked-indonesia-north-korea

In regular phone calls from prison, Siti tells her mother they were tricked into believing they were...

Read More →

August 14, 2018 7:03 PM

Wael on Identifying Programmers by their Coding Style:

@Clive Robinson, @albert,

Fuzzy truth is a measure of "vagueness" whilst probability is a measure of "ignorance".

I like that distinction! But is probability a measure of ignorance or is it an inverse measure of ignorance?

Translating "ignorance" to "vagueness" is neither easy or perfect. In the case of the application quoted in the article, it appears to be well neigh impossible.

Spot on! Excellent diagnosis. How about translating vagueness to ignorance? :)

@albert,

Can you elaborate more on your...

Read More →

August 14, 2018 6:35 PM

RG on Google Tracks its Users Even if They Opt-Out of Tracking:


Please understand that those within the industry need to tread lightly.

Lets look Google ulterior motives from their perspective. They are getting desperate as Amazon chips away at their advertising cash cow. Inexpensive quality Chinese Android phones are for sale in The West sans Google spying[1]. Europe’s and CA GDPR laws. Won’t you please please help me?

Probably 98% of the public thought they had disabled location tracking.
The highlighting of Google’s clever multi-step/page/account deception offers perfect timing as the big-data corporations quietly...

Read More →

August 14, 2018 5:14 PM

justinacolmena on Google Tracks its Users Even if They Opt-Out of Tracking:

And some searches that have nothing to do with location, like "chocolate chip cookies," or "kids science kits," pinpoint your precise latitude and longitude ­- accurate to the square foot -­ and save it to your Google account.

That's right. The excuse, once again, is that it's "for the children." It's a total red-light district, and they really push the "adult" products and services, and keep the "target" away from children under threat of arrest for criminal trespass, loitering, etc.

It's like some pimp in a back room somewhere has you...

Read More →

August 14, 2018 4:45 PM

Weather on Google Tracks its Users Even if They Opt-Out of Tracking:

True,but what coconuty or system you live in,a VPN needs more data,cost the people that need it can't afford the data,but there is twice the info or more if you can process it than is display, but the war hawks at American is not the issues, I gave a example of 100tb down to 200 bytes approx, but it was serial and it traded space for i NFO,if you had a file it might shrink it down to bytes,but it would take serial coding to brink it forwards, if 95% of the chance got squeshed down to 300bytes from a 1tbye file,you would have to trade that for processing power,in serial,it still ppm but...

Read More →

August 14, 2018 4:24 PM

Bob Dylan's Tummy Grumble on Google Tracks its Users Even if They Opt-Out of Tracking:

@Bruce is criticizing surveillance capitalism and appropriately so. Yet over the years I have come to be bothered by the response to the problem which I have come to call "Privacy Capitalism". All I mean by privacy capitalism is the idea that if companies like Google and Facebook are making a profit from openness then privacy capitalists are making profits from selling privacy. The company that prompted this view is Proton Mail. Proton Mail is privacy capitalism's poster boy. Proton Mail's entire business model (along with all VPNs ) is that it is some kind of "good capitalist" while...

Read More →

August 14, 2018 4:02 PM

Clive Robinson on Identifying Programmers by their Coding Style:

@ Albert, @Wael and others,

Zadehs regrettably named 'fuzzy logic'.

His reasons for naming it were valid all those years ago "in the year of Sixty nine" as was "infinite value logic" prior to it.

One of the things people have problems with on first meeting it is understanding the difference between "fuzzy truth" and probability.

Fuzzy truth is a measure of "vagueness" whilst probability is a measure of "ignorance". To make it worse for newcommers, both degrees of truth and probabilities range between 0 and 1 and thus seeing the differrnce...

Read More →

August 14, 2018 4:01 PM

Weather on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

0% or 100% is easy to workout you need 50%,and you are thinking a coin with heads or tails is not 50%, that is 100%, its hard to explain but 10101010 mixed with a random source will get close to 50%,but I posted about 7 years ago that explains it,it like 100% random is extcal not as its not 50% but 95% inverse you can rule out, so if you have a RNG mix it with 0% is 101010 and you move to 50%.
Give me time and I will try to remember the logic.
But don't confuse probability and chance,eg in lotto no matter what I chose the probability is the same,but I can get the chance to...

Read More →

August 14, 2018 3:48 PM

Wael on Identifying Programmers by their Coding Style:

@albert,

but I'd prefer to see results that can stand up in a court of law, not xx% certainty.

Let's wait until Fuzzy laws become the norm :)

You could cripple it quite a bit before things started to go wrong. Impressive.

Yes! That would be impressive. Fault tolerance to the next level.

August 14, 2018 3:42 PM

lurker on Google Tracks its Users Even if They Opt-Out of Tracking:

@ wiredog, @ John
Android phone? Turn off location features in system "Settings", and for each app. Put the phone down for a few minutes, then go to Settings> Manage Apps> Running Apps. See Google [Play] Services, or Google Services Framework, or some-such? Click on it to examine what services are running: Google Location Service is chugging' away there in the background. You can try to kill it, it just bounces back. Caveat, I've got a nasty Chinese brand device. Disabling Google Services Framework, or Uninstalling Updates causes a whole slew of other apps to moan about needing to...

Read More →

August 14, 2018 3:20 PM

Clive Robinson on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@ Bob Paddock,

What is a 'Fair Coin' if we are in a simulation?

The answer is "whatever the entity running the simulation wants it to be.

Which kind of shoots down Mr Alexander's argument.

I could go into it at depth, but lets just say any "encompasing" simulation sophisticated enough to alow you to build a "test" simulation within it would be able to not just recognize it as a movable object but more importantly change the inputs to your test simulation as befiting the environment it is in within the encompassing simulation.

Look...

Read More →

August 14, 2018 3:02 PM

uh, Mike on Google Tracks its Users Even if They Opt-Out of Tracking:

Keeping a minimized internet footprint is the best revenge.
I closed most of the accounts that sent me privacy messages,
and I eschew discretionary services that want my identity,
like weather and stock reporting sites.
I also delete old emails. Breaking into my email will not reveal much of my history.
Be a rodent among dinosaurs.

August 14, 2018 2:57 PM

albert on Identifying Programmers by their Coding Style:

@Wael, @et al,

"...either source code or compiled code:..." Yeah, you really need 'AI' to evaluate source code. Doing it with compiled code might be impressive, but I'd prefer to see results that can stand up in a court of law, not xx% certainty.

Re: Zadehs regrettably named 'fuzzy logic'.
Last I heard, folks were using FL for image-analysis and related fields. Thousands of engineers quietly use it in machine control applications, except in Japan, where they advertised it. I wrote a subroutine in RLL for our field application engineers. It worked very well....

Read More →

August 14, 2018 2:09 PM

Wo on Google Tracks its Users Even if They Opt-Out of Tracking:

@L

Everyone cares about their privacy as they display in their every day habits. People still wear clothes as they go outside. Still close curtains at their house. Don't tell colleagues about genital warts. Don't tell their children that they may not have a home next week if temp work dries up.

It's absurd to claim people don't care about their privacy when their privacy is largely violated with constant beacons of invisible light sending data to servers who, in turn, often sell the data to unknown third parties.

What we have in tech is an industry that...

Read More →

August 14, 2018 12:44 PM

Bob Paddock on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@Clive Robinson

Clive, to your 'Goat' reference:


"A TYPE OF SIMULATION WHICH SOME EXPERIMENTAL
EVIDENCE SUGGESTS WE DON’T LIVE IN" by
SAMUEL ALEXANDER published a few days ago.

https://arxiv.org/abs/1808.03225

https://arxiv.org/pdf/1808.03225.pdf

What is a 'Fair Coin' if we are in a simulation?

It should be 50%. Does it not being 50% prove that we are, or are not, living in a simulation? Seems to be what the above paper is...

Read More →

August 14, 2018 12:13 PM

L on Google Tracks its Users Even if They Opt-Out of Tracking:

@Bruce

"Surveillance is the business model of the Internet" because of the fact that the majority of consumers "don't think we should pick on" the companies that actively adopt this business model "too much".

If people really cared about their privacy, things like this would still be inevitable, but perhaps much less common.

August 14, 2018 11:10 AM

Weather on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

Just been night dreaming,but if you have a spacecraft with a hydrogen ion engine and a scoup in the front,you could send other fuel ships to disperse hydrogen in front of the other craft, it could then add energy and fire it out the back and over time gain enough speed to get into a geo orbit around the sun,if the tanks got filled say to 95% fuel to payload it could then boost to the nearest solar system, if it collects hydrogen between solar system, it could sling to yet another solar system, it still won't beable to stay in the solar system it gets to,but would still get valuable...

Read More →

August 14, 2018 9:56 AM

Me myself on Identifying Programmers by their Coding Style:

Great! This idea could be incorporated into SVN's "blame" command. We would finally be able to single out idiots who uploaded crap into our codebases before version control was established.

Now come on, does anybody really believes if this thing really worked (in a level of actual usefulness, not just "programmer A is 15% more likely to have written this code than programmers B,C &D"?) the NSA wouldn't shush these researchers, take their work and attempt to use it to identify authors of state-level malware?

@wiredog: Fully agree with you. Next thing you know they'll...

Read More →

August 14, 2018 9:54 AM

Rag on SpiderOak's Warrant Canary Died:

Why can't a company not just disclose that they received a "national security letter" and take the fight with the authorities? Legal defense could be crowd-sourced and if companies in general agrees to *always* go public on any such letter, they can support each others and making the practice of these "letters" moot.

August 14, 2018 9:49 AM

Denton Scratch on Identifying Programmers by their Coding Style:

Professional programmers are normally subject to some degree of code review. One of the aims of this review is to impose some kind of 'house style'. An programmer learns to adjust his style to the house rules. This would extend to, for example, choice of names for code objects.

Another aim is to ensure that the code is maintainable; one common way of doing that is to highlight complexity, and try to keep it under control. Again, a programmer adjusts his approach to match house rules, for fear of having to re-do his work.

Programmers also adjust their style to match the...

Read More →

August 14, 2018 9:47 AM

Jay Dee on xkcd on Voting Computers:

The early days of flight control software had some interesting divergences that no one wishes to talk about.

August 14, 2018 8:59 AM

Pete on Google Tracks its Users Even if They Opt-Out of Tracking:

Seems we need laws with teeth to prevent unwanted tracking and data collection without explicit approval.

Periodic, mandatory, re-validation of that tracking approval is needed too. I might be willing to be tracked for a month at the beginning of using an app, but that doesn't mean I desire to be tracked for the next 3 yrs until a new device is purchased. Monthly, quarterly or at least annual re-approval is needed.

August 14, 2018 8:57 AM

bttb on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

Two from emptywheel
1) https://www.emptywheel.net/2018/08/13/what-stones-latest-lies-tell-us-about-muellers-case/
2) https://www.emptywheel.net/2018/08/13/the-dossier-as-disinformation-why-it-would-matter/

1) "After a puff piece in the NYT over the weekend, Roger Stone took to the Daily Caller to attack Mueller’s case against him. As bad as the Daily Caller is, it...

Read More →

August 14, 2018 8:47 AM

Sed Contra on Google Tracks its Users Even if They Opt-Out of Tracking:

Just as there is no programming problem that cannot be solved with one more layer of indirection, so there is no surveillance capitalism problem that cannot be solved with one more level in the deeply nested end user agreement.

August 14, 2018 8:43 AM

vas pup on Identifying Programmers by their Coding Style:

Related to AI decision making:
Artificial intelligence 'did not miss a single urgent case':
https://www.bbc.com/news/health-44924948

"Some previous attempts at using AI have led to what's known as a "black box" problem - where the reasoning behind the computer analysis is hidden.

[ATTENTION!!!]By contrast, the DeepMind algorithm provides a visual map of where the disease is, allowing clinicians to check how the AI has come to its decision, which is crucial if doctors and patients are to have confidence in...

Read More →

August 14, 2018 8:33 AM

TimH on Google Tracks its Users Even if They Opt-Out of Tracking:

The issue is when companies have tracking data, subpoenable or otherwise exportable, that the users think that they have EXPLICITLY disabled. The case here.

It's a red herring that cell triangulation provides location data. There's no dishonesty about that. A sliminess that it is kept for longer than necessary for billing, but no pretense that it's not there for ever.

August 14, 2018 8:26 AM

echo on Google Tracks its Users Even if They Opt-Out of Tracking:

Oh, joy...

I have also noticed post GDPR a lot of websites (mostly via Flipboard on Android) are asking cookies permission. There is a big fat Ok to everything button and if you disagree you are often repsented with a multi option selection in some cases needing to untick every permission which are usually marketing orientated. I have discovered at least one site via Flipboard which has a blanket ban on EU based readers.

A lot of these companies actually need to take a step back and read the legislation because it doesn't mean what they believe it does and is very...

Read More →

August 14, 2018 7:49 AM

wiredog on Google Tracks its Users Even if They Opt-Out of Tracking:

I heard the story and my reaction was "This is news? You just go into all the various settings and turn off location tracking in all the apps." Then I learned that most people don't realize that. I don't know how I knew that, except that I've been reading this blog since it was just an e-mailed newsletter, so I know to look in the nooks and crannies for those settings. I also know that to be truly safe from this sort of thing I need to turn the phone off.

August 14, 2018 7:22 AM

Russell on Google Tracks its Users Even if They Opt-Out of Tracking:

"surveillance capitalism" seems a novel, ideologically-oriented term. How does that new term help people understand Google-top-management specific business philosophy... and market economies in general?

August 14, 2018 4:03 AM

Weather on Identifying Programmers by their Coding Style:

Don't need to read much,they might do one plus one quicker,but they can only learn at real time like people,so if they let it run for twenty years what will it know,probably just what it knowed two hours after it started,is a ant is more intelligence, like in another forum if the can use English sentence and construction there own sentence and know,know,know what they generatored after twenty years,by bench mark they might be called Ai

August 14, 2018 3:21 AM

Weather on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

The NSA have a stone number of Rc5 outside there building can you send the code as they are offering one million in money, and its just multiple, I need some money, but will be interesting to match time to value, maybe they wouldn't be so stupid to leave a Carney but then I found mixing wind turbine with gas turbine generator might be a good thing,maybe the solar prob needs 20k Delta vee but it takes 5.6delta vee to reach mares,so maybe some thing is bull shit,maybe its a commit orbit,but Voyager at the 80is escaped the solar system, needing stuff we can't do know,maybe = ioio can help

August 14, 2018 3:16 AM

Wael on Identifying Programmers by their Coding Style:

@Clive Robinson,

Let us agree it's "a determanistic process with unknown input" or a "black box process".

Deterministic it is. That's not the only necessary condition to extract the unknown input; not every F has an F-1. There will be collisions in these situations and there will be authors that change their style and thinking methods after they, for example, learn a new language, algorithm, technology, etc. I haven't seen a treatment of such effects on de-anonymization fidelity.

One of the requirments for evidence is...

Read More →

August 14, 2018 2:31 AM

RealFakeNews on Identifying Programmers by their Coding Style:

They use "AI" huh? Laughable.

If they just said they used statistical analysis I'd find it more compelling, but then that's how fingerprinting writing, artwork, drawings, works in the first place.

Not impressed.

As for the invocation of "AI" (as if it's the only way to solve these problems), there was someone on the radio a couple of months ago talking about how AI worked in their service for selecting employees from a pool of candidates.

The lady did a great job of demonstrating how useless it really is when she said that it only filtered the list by a few...

Read More →

August 14, 2018 2:11 AM

Clive Robinson on Identifying Programmers by their Coding Style:

@ Wael,

In other words: witchcraft and sorcery. So the "methods work", but the process is mysterious, yet they did "research".

Let us agree it's "a determanistic process with unknown input" or a "black box process". Aside from the oft quoted GIGO the researchers, are first looking at the output to find elusive correlations as a first step.

They then move to looking for individual input to output correlations, then output correlations for known similar inputs.

Any one who has done cryptanalysis will be familiar with those three steps....

Read More →

August 14, 2018 12:21 AM

Wael on Identifying Programmers by their Coding Style:

Fascinating research, but there are claims that I don't believe.

the pair will present a number of studies they've conducted using machine learning techniques to de-anonymize the authors of code samples

The implications are {authors, code} are as unique as {authors, biometric fingerprints}, which is hard to believe. I still believe it's possible to statistically identify the most probable author among a limited sample of authors, with some assumptions such as ___. ____

but it also has privacy implications, especially for the
...

Read More →

August 13, 2018 7:43 PM

zorro on Identifying Programmers by their Coding Style:

I remember this sort of thing from my college days... There were N ways to solve the problem, and N+1 students in the class. Somebody would get accused of cheating. Either they gracefully accepted their fate & force-failed the class, or they fought it and got kicked out of the school. Really sucked. Didn't matter if the students were in the top 1% of the school, taking the class not even as an elective, just as an extra because they wanted to learn. Nope, your work is too similar to what somebody else did. Other guy checked in first. You lose.

It reached the point where...

Read More →

August 13, 2018 6:18 PM

BBB on Identifying Programmers by their Coding Style:

This is not too surprising. I remember working as a grader for a C.S. course in college, and we were asked to be on the lookout for students copying each other's work. You can spot it intuitively, even with variables renamed and other attempts at obfuscation. Usually, generating the parse tree of the source code in the work was also enough to identify cheats. So, it's not surprising that this could be done computationally with the help of general AI techniques.

August 13, 2018 5:23 PM

Clive Robinson on Measuring the Rationality of Security Decisions:

@ justinacolmena,

These "scientists" scarcely deign to conceal the same old white nationalist statistical bell curve nonsense which they have used since before World War One in Austria to justify the purported intellectual superiority of the white race.

Actually it kind of started in France in 1904 with the Alfred Binet and Theodore Simon IQ test.

However they were by no means the first to consider what we would now consider "socioeconomic stereotyping". You can look back to the pre Victorian era where Phrenology was invented around 1800 by Franz...

Read More →

August 13, 2018 4:44 PM

Weather on xkcd on Voting Computers:

Aerospike design compared to nozzle, the noise isn't so much about velocity technically but pressure difference between air and exhaust, if p1=p2,the effecincy is the highest

August 13, 2018 4:41 PM

bttb on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@echo

"Far-right German leader sceptical of Bannon's anti-EU push [The Movement]."

With Bannon's connections to 'big money' and expertise in election dirty tricks, perhaps some parties will interface with Bannon or The Movement, not directly, but through cut-outs. On this side of the pond it can be hard to remove criminals (presumed or actual) from the Executive Branch (White House).

From an interesting article in Foreign Policy (...

Read More →

August 13, 2018 4:39 PM

Clive Robinson on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@ justinacolmena,

Of all sequences of six tosses of a fair coin in a row, 1/64 = 1.5625% of the time, there will be six heads in a row.

We are in danger of straying into "goat territory" with this ;)

Actually it will not be 1/64 in the current throw sequence unless the seventh toss comes up a tail, otherwise the running odds would be 1/128 ~0.78%, or on it's way to 1/n where n is a function of the system in use and would be infinite in an unbounded system.

But also you have the short test window issue if you throw six heads, then a tail...

Read More →

August 13, 2018 4:28 PM

Barfa on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

Police Bodycams can be hacked say consultant at security firm.
[Wired: https://www.wired.com/story/police-body-camera-vulnerabilities/]

Footage could be streamed live off cameras, or deleted, uploaded, altered.
Video isn't cryptographically signed, so hard to tell if video has been altered.
Some bodycam devices can be a WiFi acces point of their own, but authentication were generally inadequate or totally missing, making access easy or even trivial.

August 13, 2018 4:02 PM

Clive Robinson on xkcd on Voting Computers:

@ Albert, Alyer Babtu, MK,

I would guess that there are noise mitigation techniques yet to be discovered.

Very probably, we'll know if and when we find them. However there are known techniques yet to be more thoroughly exploited.

For instance with a jet engine it's tail noise is in part related to the difference between the velocity of the jet exhaust in relation to the air moving past the outside of the exhaust coloumn. Which is one reason turbo fan engines are quieter.

If there was an efficient way to have more coaxial layers of moving...

Read More →

August 13, 2018 3:49 PM

bttb on Friday Squid Blogging: Calamari Squid Catching Prey:

Regarding Barrett Brown, who spent 4 years in prison stemming from the FBI's investigation into the 2012 Stratfor email leak, and Wikileaks https://www.thedailybeast.com/julian-assange-went-after-a-former-ally-it-backfired-epically :

"...Brown is no fan of the intelligence agencies. Yet he has been unsparing in his public criticism of his former ally. “WikiLeaks is bullshit” and “WikiLeaks is over” are two of his recent tweets. An appearance last month at the hacktivist HOPE...

Read More →

August 13, 2018 3:45 PM

bttb on Friday Squid Blogging: Calamari Squid Catching Prey:

@PeaceHead

I enjoyed your link (International Consortium of Investigative Journalists (icij.org)) above, too. For example,

"... [icij] Do you think it’s dangerous for you to criticize Russia?

[Snowden] Yes. There’s no question, it’s a risk. Maybe they don’t care, right? Because I don’t speak Russian. And I am literally a former CIA agent, so it’s very easy for them to discredit my political opinions as those of an American CIA agent in Russia.

[icij] Still, Kremlin-critics die under mysterious circumstances in Russia and elsewhere

[Snowden] Maybe,...

Read More →

August 13, 2018 3:37 PM

Random Software Engineer on xkcd on Voting Computers:

I do think engineer can be applied to someone who writes software. I use the title myself (though my title is technically Cloud Security Engineer because I build custom security solutions for enterprise-scale clients - sadly, 90% of that is still slapping peoples' hands when they open port 22 to 0.0.0.0/0).

I think the main difference is that the tolerances and stresses we test against are primarily security and use-case stresses, not necessarily physical limitations. We have to code against users who don't know how to use the software and will try to force it to work how they...

Read More →

August 13, 2018 12:48 PM

justinacolmena on Measuring the Rationality of Security Decisions:

We find that more than 50% of our participants made rational (e.g., utility optimal) decisions ...

And meanwhile the remaining minority (i.e., just under 50%) "made poor decisions" and have criminal or mental health records hanging over them for the rest of their lives.

These "scientists" scarcely deign to conceal the same old white nationalist statistical bell curve nonsense which they have used since before World War One in Austria to justify the purported intellectual superiority of the white race.

There is too much experimentation...

Read More →

August 13, 2018 12:15 PM

justinacolmena on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

A fair coin will land heads up 50% of the time, independently at each toss.

Of all sequences of six tosses of a fair coin in a row, 1/64 = 1.5625% of the time, there will be six heads in a row.

Now if from a long sequence of random coin tosses, a five-head-in-a-row subsequence is chosen uniformly at random from the 1/32 = 3.125% of the five-toss sequences which are all heads, what is the probability that the next toss is tails?

Is there a subtle loss of uniformity here which we are missing?

August 13, 2018 12:11 PM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@clive

Oh, I just love the drama and adventure and loud bangs.

I do know what you mean about coins landing on their edge! I have observed a few things which seem to concur with recent articles citing papers on the world as it happens. I have had to shoehorn their conclusions a bit but do observe randomness in action which gives systems a binary quality. But as you say coins can land on their edge sometimes too or, or any number of alternatives as celebrated magicians are wont to prove. I suppose it all depends what your filters are.

Oh you naughty man! I just...

Read More →

August 13, 2018 11:27 AM

Clive Robinson on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@ echo,

The Atlantic article contains my favourit "faux fallacy",

    The gambler’s fallacy makes us absolutely certain that, if a coin has landed heads up five times in a row, it’s more likely to land tails up the sixth time. In fact, the odds are still 50-50.

It's false because of an unrealistic assumption of "a fair coin" and even more fun, the assumption that "a coin no matter how fair can not land on it's edge". I've seen the latter twice in my life but the former is unexcusable because how would you test for a fair coin in the first place. Look at it...

Read More →

August 13, 2018 10:57 AM

Aerospace Software Engineer on xkcd on Voting Computers:

Another reason this comic is wrong is because the more I learn about engineering airplanes, the less I want to fly in them. And I’m not alone among my colleagues. Statistics are great and all, but they don’t always reassure you when you’re making the sausage. Maybe engineers were unanimously proud to fly the 747 when it first came out, but that’s not true of the 787.

August 13, 2018 10:32 AM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

I'm watching Where Eagles Dare again. Actually, one book I loved was The Great Escape (and Colditz!). This makes me wonder... The WWII generation were very educated, especially some officers who used the war to conduct archaelogy and who later went on to enhance their field and were a big influence in driving mass eduxation, and skilled crafts people too. This makes me wonder if we faced a cataclysmic event would we have the skills and wherewithal today? How resilient is civilisation?

August 13, 2018 10:03 AM

VinnyG on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@albert re: modern movies - I don't disagree with your point, but since this is the squid, I'm going to pick on you (apologies) to vent about a pet annoyance: the rampant conflation of "key" and "pitch" in the context of errors in musical performance. A musician who plays a tunable instrument and (for example) plays an non-accidental notation "F" note as a natural in a composition written in the key of G-major would be "off key." Another musician playing the same instrument and piece who failed to tune his instrument to the A=440 concert orchestra pitch (or other agreed-upon standard...

Read More →

August 13, 2018 9:50 AM

albert on xkcd on Voting Computers:

@Alyer Babtu, @MK,
Modern passenger jets aren't exactly quiet. I would guess that there are noise mitigation techniques yet to be discovered. It wouldn't surprise me if the military does a lot of research in this area. If you've ever heard an F-117 fly over you at 100ft, you'll appreciate the effectiveness of military noise reduction research.

. .. . .. --- ....

August 13, 2018 9:25 AM

jones on Don't Fear the TSA Cutting Airport Security. Be Glad That They're Talking about It.:

I just flew to Europe for this first time in 20 years and to get back in the country, no pornoscanners or enhanced groping, just walk through the metal detector.

Which tells me: America trusts her own citizens less than foreigners flying into the country.

Also: foreigners with substandard security aren't exploding in American planes.

Also: when the FBI tested the TSA they could get 95% of contraban through security anyway, and still nobody is exploding....

Read More →

August 13, 2018 9:17 AM

VinnyG on SpiderOak's Warrant Canary Died:

@Clive Robinson re: "Warrant Canaries are like virginity..."
Exactly. I find it a bit startling that so many people who are concerned with digital security appear to have so little apparent grasp of the mechanics of boolean algebra...

August 13, 2018 8:54 AM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@Clive

Yes I noticed there is a flow to these for various reasons, say no more. Here are two more.

I don't know how Mark Zuckerberg manages to pull off his uncanny valley face. He manages to carry lots of expressions like sinister emotionless robot and naughty schoolboy caught red handed at the same time.

The next article is longwinded but I found a useful re-read of cognitive biases. Weall makes mistakes like this and sometimes I feel the message sinks in better if it's written in the right way. Some of it may be useful for writing up statutory complaints....

Read More →

August 13, 2018 8:32 AM

Clive Robinson on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@ Bruce,

There are stories that the Defcon Hotels have been using "goon squad" security personnel, who are not properly identified by either ID or other Hotel security staff.

Worse they are behaving in the manner of common criminals by going through individuals bags and belongings and taking things.

But they also appear to be not just hatassing people and significantly frightening them they are also threatening reprisals if peole complain or even talk about it.

Unsuprisingly with Hotel Staff behaving in this way, it appears that there may be copycats...

Read More →

August 13, 2018 8:28 AM

CallMeLateForSupper on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@Echo
"The man has the illusion of control while pushing the trolly [grocery cart]. When camera recordings are played back every move is clearly directed by women."

I think so, though I read studies. The very scenario you describe has amused me for decades. Man pushes the cart and loads/unloads large/heavy items; that frees his spouse for the more nuanced tasks such as navigation between stops, judging relative values, assessing deals, reading labels. In short, he humps, she accomplishes the main task.

A different but related scenario also amuses me: man drives...

Read More →

August 13, 2018 5:21 AM

Wesley Parish on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@usual suspects

What's the time? It's Def. Con. One Say, what's the time? Just get me some
An 11-year-old changed election results on a replica Florida state website in under 10 minutes https://www.pbs.org/newshour/nation/an-11-year-old-changed-election-results-on-a-replica-florida-state-website-in-under-10-minutes
An 11-year-old boy on Friday was able to hack into a replica of the Florida state election...

Read More →

August 13, 2018 5:07 AM

Clive Robinson on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@ echo,

The first is asteroid impact versus volcanic action causing extinction of the dinosaurs. The second is a look at the unique brain of the elephant.

They almost combine as well...

The elephant is the mountain of land creatures, whilst it does have preditors, untill recently they were only a minor issue. Thus the elephant could aford to think contemplatively.

However if you have ever seen the damage a single "rouge" elephant can do to a village or when a heard decide to remove trees etc you might consider them like volcanoes....

Read More →

August 13, 2018 12:23 AM

Mark on Credit Card Gas Limits:

Here is a new one.....
Phillips 66 on 08/12/2018 in Alva Ok. if you run the pump up to $100 it shuts off and will not allow a different credit card to be used. (I have an RV). The manager advised that if a specific pump is run to the maximum then it is "locked" for 24 hours and no one can use the pump! My $100 bills became worthless because they couldn't even take cash for the transaction! I didn't take my frustration out on the Sunday manager, I plan to grief the ignorant Phillips 66 Station and the American Express and Visa Company for creating such a foolish problem....

Read More →

August 13, 2018 12:05 AM

echo on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

These two articles highlight contrasting approaches to problems. The first is asteroid impact versus volcanic action causing extinction of the dinosaurs. The second is a look at the unique brain of the elephant.

https://www.theatlantic.com/magazine/archive/2018/09/dinosaur-extinction-debate/565769/
Gerta Keller was waiting for me at the Mumbai airport so we could catch a flight to Hyderabad and go hunt rocks. “You won’t die,” she told me cheerfully as soon as I’d said hello....

Read More →

August 12, 2018 11:00 PM

Hmm on Friday Squid Blogging: New Tool for Grabbing Squid and other Fragile Sea Creatures:

@echo

"The basic issue is developing a counter narrative and making sure this narrative sticks on the table."

I'm fine with the necessary narrative, but admit it just doesn't always apply in all situations.
If you apply it where it particularly doesn't belong you damage the narrative, the point.
Hence the story of the empowered female who cried wolf - or any other situation.

"Slinked off to"? I hadn't commented for 24 hours or so, I thought you'd be more pleased. Too bad.

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.