Detailed timeline of the Bletchley Park mess

Gareth Halfacree, who has a long history with both the Bletchley Park trust and the National Museum of Computing Trust, has published a detailed timeline of the two institutions, showing how they got into the current (and disgraceful) situation. Halfacree's article includes some very sensible recommendations to both trusts. Cory 1

Bletchley Park's new management chucks out long-term volunteers

Here's more bad news from historic computing site Bletchley Park, where a new, slick museum is being put together with enormous corporate and state funding. Last month, it was the fact that McAfee had apparently banned any mention of Edward Snowden in a cybersecurity exhibit.

Now there's this heartrending BBC report on how volunteers who've given decades of service to Bletchley have been summarily dismissed because they don't fit in with the new plan. The museum of Churchill memoribilia that shared the Bletchley site has been evicted.

For people like me who've donated over the years, fundraised for it, and joined the Friends of Bletchley, this is really distressing news. I've always dreamt of Bletchley getting enough funding to do the site and its collection justice, but if it comes at the expense of decency and integrity, they may as well have left it as Churchill did -- abandoned and forgotten.

Update: Bletchley Trust has clarified to me that while this volunteer was dismissed from guiding tours because he refused to conduct the tour to the new spec, he still volunteers with the Trust in its educational department.

BBC News Bletchley Park s bitter dispute over its future (via /.)

Face-substitution in-browser with Javascript

Auduno's Face substitution webtoy uses Javascript libraries to map your face using your computer's webcam and overlay it with the faces of celebrities from Bill Murray to Justin Bieber to Rihanna to the Mona Lisa. It's an impressive example of cross-platform, in-browser application development, and suggests some pretty cool stuff on the horizon for Web-native apps. The sourcecode is on Github for your forking pleasure.

Face substitution (via Waxy)

Senior execs are the biggest risk to IT security

Stroz Friedberg, a risk-management consultancy, commissioned a survey [PDF] of information handling practices in businesses that concluded that senior managers are the greatest risk to information security within companies.

Read the rest

High-end CNC machines can't be moved without manufacturers' permission


On Practical Machinst, there's a fascinating thread about the manufacturer's lockdown on a high-priced, high-end Mori Seiki NV5000 A/40 CNC mill. The person who started the thread owns the machine outright, but has discovered that if he moves it at all, a GPS and gyro sensor package in the machine automatically shuts it down and will not allow it to restart until they receive a manufacturer's unlock code.

Effectively, this means that machinists' shops can't rearrange their very expensive, very large tools to improve their workflow from job to job without getting permission from the manufacturer (which can take a month!), even if their own the gear.

Read the rest

Art of Math (and vice versa)

Sculptinggeometry

125 Tetras

Carlo Séquin is a computer science professor and sculptor at UC Berkeley who explores the art of math, and the math of art. He lives in a world of impossible objects and mind-bending shapes. Séquin’s research has contributed to the pervasiveness of digital cameras and to a revolution in computer chip design. He has developed groundbreaking computer-aided design (CAD) tools for circuit designers, mechanical engineers, and architects. Meanwhile, his huge abstract sculptures have been exhibited around the world. Visiting the computer science professor emeritus’s office is like taking a trip down the rabbit hole. Paradoxical forms are found in every corner, piled on shelves, poised on pedestals, hanging from the ceiling—optical illusions embodied in paper, cardboard, plastic, and metal.

I wrote about Séquin for the new issue of California magazine and you can read it here: Sculpting Geometry

Capturing images of bystanders by zooming in on pictures of corneas


In Identifiable Images of Bystanders Extracted from Corneal Reflections, British psychology researchers Rob Jenkins and Christie Kerr show that recognizable images of the faces of unpictured bystanders can be captured from modern, high-resolution photography by zooming in on subjects' eyes to see the reflections in their corneas. The researchers asked experimental subjects to identify faces captured from these zoomed-in images and found that they were able to do so with a high degree of reliability.

The researchers used 39 megapixel cameras, substantially higher-rez than most people's phone-cameras, but low-cost cameras are making enormous leaps in resolution every day. What's more, the researchers suggest that the determining factor for identifying a face isn't resolution; it's having a viewer who is already familiar with the subject. It's an interesting wrinkle on the problem of information-leakage, and implies that future privacy-filters will have to scrub photos of reflective surfaces (especially eyes) of identifying faces before they're posted.

Read the rest

NSA drowning in overcollected data, can't do its job properly

NSA whistleblower William Binney warns that the agency collects so much useless information that it can't process it effectively. The Snowden leaks about the MUSCULAR surveillance program (tapping the fiber links connecting up the data-centers used by Internet giants like Google and Yahoo) corroborate Binney's view: in 2013, NSA analysts asked to be allowed to collect less data through MUSCULAR, because the "relatively small intelligence value it contains does not justify the sheer volume of collection."

Read the rest

Stross on Unix religion

Unix history: a religious perspective. (I like the idea of Linux as a Protestant Reformation: "a new, freely copyable kernel that all the faithful could read with their own eyes") Cory 30

Deriving cryptographic keys by listening to CPUs' "coil whine"


In RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis [PDF], a paper by Daniel Genkin and Eran Tromer of Tel Aviv University and Adi Shamir, the authors show that a sensitive microphone (such as the one in a compromised mobile phone) can be used to infer a secret cryptographic key being used by a nearby computer. The computer's processor emits different quiet sounds ("coil whine...caused by voltage regulation circuits") as it performs cryptographic operations, and these sounds, properly analyzed, can reveal the key.

It's a pretty stunning attack, the sort of thing that sounds like science fiction. But the researchers are unimpeachable (Shamir is the "S" in RSA), and their paper is very clear.

Read the rest

King James Programming: Markov chain trained on the Bible and a comp sci textbook

Michael Walker trained a Markov chain with the King James Bible and Structure and Interpretation of Computer Programs, a classic computer science textbook. The result is King James Programming, a tumblr filled with comp-sci-inflected biblespeak. I could read it all day long.

Read the rest

Kinematics: 4D printing for foldable, flexible forms

Jessica sez, "Kinematics is a system for 4D printing that creates complex, foldable forms composed of articulated modules. The system provides a way to turn any three-dimensional shape into a flexible structure using 3D printing. Kinematics combines computational geometry techniques with rigid body physics and customization. Practically, Kinematics allows us to take large objects and compress them down for 3D printing through simulation. It also enables the production of intricately patterned wearables that conform flexibly to the body."

Read the rest

badBIOS: airgap-jumping malware that may use ultrasonic networking to communicate

Security researcher Dragos Ruiu has been painstakingly untangling a weird, scary piece of malicious software that compromises the BIOS of the computers it attacks, allowing it to infect machines with different operating systems. He's dubbed it "badBIOS" and has seen it infect machines that aren't connected to the Internet. It appears that its initial vector may be a USB exploit, spreading by memory stick, but after that, it appears that it continues to communicate with other infected machines by ultrasonic networking through its hosts' mics and speakers (!). On Ars Technica, Dan Goodin has a deep dive into the strange, freaky world of badBIOS.

Read the rest

Black Perl, a poem in perl 3

Black Perl is a famous 1990 poem written in the programming language perl, by its creator Larry Wall. It is both a poem and a program, and runs under perl 3.

Read the rest

Implementing a Turing machine in Excel


Felienne describes how she, Daan van Berkel and some other friends went away for a weekend to hack a Turing machine out of Excel formulas. Lacking an infinitely long tape, they had to kludge around a bit, but the outcome is both cool and instructional (here's the machine itself). The Turing Machine is Alan Turing's "hypothetical device that manipulates symbols on a strip of tape," which formed the basis for modern, general-purpose computers.

Read the rest