Some important technical (and skeptical) notes about the Chinese-backdoored-servers story

Yesterday, Bloomberg published a blockbuster story accusing the Chinese military of sneaking spy-chips "the size of a grain of rice" onto the motherboards of servers sold by Supermicro and/or Elemental for use in data-centers operated by the biggest US corporations (Apple and Amazon, among others), as well as US warships and military data-centers, and the servers used by Congress and the Senate. Read the rest

The history of a Zorklike programming interpreter is a tale of language, art, code and literature

The heroic age of text adventure games was dominated by Zork and Zorkalikes, many from the games studio Infocom; the text adventures' fortunes sagged when improvements in computer graphics lowered the average gamer's age, and then rose again when BBSes carved new spaces for text-based play. Read the rest

Comedy/documentary explains quantum computing for a "confused general audience"

Jim Mortleman & Stuart Houghton write, "We're two UK tech journalists who also write comedy. This is our (UK-based) scripted comi-documentary podcast explaining the weird, wacky and potentially world-changing field of quantum computing to a curious but confused general audience. With laughs. In episode one we answer the question 'What the photonic muck is a quantum computer?' with the help of some of the world's leading quantum physicists and, er, Al Murray The Pub Landlord." Read the rest

Lies programmers believe about calendars

Solid objects turn out to be mostly made of empty space and whirling particles, but we act as though they're solid, because we rarely have to interact with them in such a granular way that involves their underlying complexity. Read the rest

Hate-speech detection algorithms are trivial to fool

In All You Need is “Love”: Evading Hate Speech Detection, a Finnish-Italian computer science research team describe their research on evading hate-speech detection algorithms; their work will be presented next month in Toronto at the ACM Workshop on Artificial Intelligence and Security. Read the rest

There's a literal elephant in machine learning's room

Machine learning image classifiers use context clues to help understand the contents of a room, for example, if they manage to identify a dining-room table with a high degree of confidence, that can help resolve ambiguity about other objects nearby, identifying them as chairs. Read the rest

Incredibly sensible notes on software engineering, applicable to the wider world

François Chollet's "Notes to Myself on Software Engineering" is posed as reminders from Chollet to himself, but they're a really wonderful list of extremely sensible advice on how collaborative projects work, how to be a good collaborator, how to build things for other people to use, and how to collaborate with future engineers and builders who will some day want to hook things up to the thing you're making. Read the rest

Anonymous stock-market manipulators behind $20B+ of "mispricing" can be tracked by their writing styles

In a new Columbia Law and Economics Working Paper, Columbia Law prof Joshua Mitts uses "stylometry" (previously) to track how market manipulators who publish false information about companies in order to profit from options are able to flush their old identities when they become notorious for misinformation and reboot them under new handles. Read the rest

OLIVE: a system for emulating old OSes on old processors that saves old data from extinction

Olive ("Open Library of Images for Virtualized Execution") is an experimental service from Carnegie Mellon University that stores images of old processors, as well as the old operating systems that ran on top of them, along with software packages for those old OSes; this allows users to access old data from obsolete systems inside simulations of the computers that originally ran that data, using the original operating systems and applications. Read the rest

WWWBasic: code web-pages in BASIC

Google's WWWBasic project allows you to write web-page interactivity using a BASIC-like syntax that will be recognizable to anyone who grew up with early personal computers in the late 1970s and 1980s (it can be imported within Node.js, too, so you can mix Javascript and BASIC). Read the rest

An "obsessive," "anti-imperialist" Turing Complete computer language with only one command

Daniel writes, "An obsessive programmer, frustrated with not only the inefficiencies of mainstream OSes like Windows, but what he sees as their 'imperialistic oppression,' built an entire operating system using a subleq architecture. Subleq is a OISC, a language with only a single command. It lacks the most basic features of programming languages, and yet is Turing Complete. Read the rest

Hackers can listen to smartphone and computer displays to know what content you're consuming

It's getting more difficult with every passing day to keep from being spied upon by nefarious tools interested in getting their hands on your personal information, creeping on what you're browsing with on your laptop or phone and, if you've not bothered to cover up that webcam, keep tabs on your life as they stream images of your day-to-day doings across the Internet. Thanks to a group of computer-savvy scientists, it looks like there may soon be one more monitoring method that we'll have to watch out for.

From Ars Technica:

Daniel Genkin of the University of Michigan, Mihir Pattani of the University of Pennsylvania, Roei Schuster of Cornell Tech and Tel Aviv University, and Eran Tromer of Tel Aviv University and Columbia University investigated a potential new avenue of remote surveillance that they have dubbed "Synesthesia": a side-channel attack that can reveal the contents of a remote screen, providing access to potentially sensitive information based solely on "content-dependent acoustic leakage from LCD screens."

Synesthesia, at its core, is pretty much just Van Eck phreaking with a twist. Where Van Eck phreaking typically uses radio signals leaking from display hardware to snoop on what a computer user's perusing, Synesthesia listens for aural emissions from the bits and pieces that are required to power a display. Depending on what you're looking at on your computer's screen, the power being sent out to drive each pixel ramps up or down. This changes the pitch of power running through the display's guts. By capturing this audio for review, using the microphone built into the device or a nearby device like an Amazon Echo or other digital assistant-enabled device (never let one in your house,) it's very possible that a hacker could sort out what you were looking at with a bit of skill and a whole lot of machine learning. Read the rest

Stylistic analysis can de-anonymize code, even compiled code

A presentation today at Defcon from Drexel computer science prof Rachel Greenstadt and GWU computer sicence prof Aylin Caliskan builds on the pair's earlier work in identifying the authors of software and shows that they can, with a high degree of accuracy, identify the anonymous author of software, whether in source-code or binary form. Read the rest

Voice assistants suck, but they suck worse if you have an "accent"

Research into the shittiness of voice assistants zeroed in on a problem that many people were all-too-aware of: the inability of these devices to recognize "accented" speech ("accented" in quotes because there is no one formally correct English, and the most widely spoken English variants, such as Indian English, fall into this "accented" category). Read the rest

Wildbook: facial recognition for critters in the wild

The Wildbook project conducts wild animal population censuses by combining photos of animals taken by tourists, scientists, and volunteers and then using their distinctive features (zebra stripes, whale fluke shapes, leopard spots, etc) to identify individuals and produces unprecedented data that uses creepy facial recognition tools for non-creepy purposes. Read the rest

Dank Learning: teaching a machine learning algorithm to generate memes

A physics student and an engineering student from Stanford fed 400,000 memes to a Long Short-Term Memory Recurrent Neural Network and asked it to generate more memes of its own. Read the rest

Ranking the most influential computer security papers ever published

Konrad Rieck has data-mined the nine top security conferences, compiling a decade-by-decade list of the papers most often cited in the presentations delivered at these events: top of the pile is Random Oracles are Practical: A Paradigm for Designing Efficient Protocols (Sci-Hub mirror), from the 1993 ACM Conference on Computer and Communications Security. Rieck has also produced a "normalised" ranking that tries to offset the seniority effect, whereby older papers collect more citations. (via Four Short Links) Read the rest

More posts