"Alan Kay's reading list, List vs Grid, Window into our health and Experience the data"

Published: Tue 15 April 2014

- links

Alan Kay's reading list. I decided to read every book on this list. I'm half way through Mindstorm now. Will publish a book review when I finished it.

List Beats Grid: Linear Feeds Perform Two to Three Times Better Than Grids

List view is better for phones and smaller tablets because good type design implies a single column to achieve adequate font size and line length. Designing a magazine or card based grid for larger tablets or desktop is a lot of extra work for platforms that are not as rapidly growing in market share. We wondered if these grid layouts yield enough marginal performance gain on larger screens to offset the cost of building and maintaining them.

A list layout for all screen sizes is beneficial for us due to the dramatic simplification of design and engineering problems associated with our layout engine and the tangential benefits extending from this simplification. A list view is easier to make responsive on all screen sizes and provides a coherent experience across web and native apps on all devices.

Eyes: The Windows to Your Health

A doctor can find warning signs of high blood pressure, diabetes, and a whole range of other systemic health issues, just by examining your eyes. Ophthalmologist Neal Adams explains why the eye's tissues and blood vessels make such a good barometer for wellness. Sure there will be a Google Glass app for this? (Via: @Mike_McQueen)

The depth of the problem: A good data visualization provides a chance for the reader to really experience the data.


"Many Stairs to Climb, Mozilla's RR, Fingerprints of election thieves and Layout in Flipboard"

Published: Fri 28 March 2014

- links

Many Stairs to Climb – 2

From Simon East's Rephotographing project. Simon scanned some 130-year-old panorama photos of Dunedin. Then he built a beautifully slider interface that allows side-by-side comparison between 1880 and 2014. (Via: Jinty MacTavish)

Mozilla's RR debugger

rr aspires to be your primary debugging tool, replacing — well, enhancing — gdb. You record a failure once, then debug the recording, deterministically, as many times as you want. Every time the same execution is replayed. Remember, you're debugging the recorded trace deterministically; not a live, nondeterministic execution. The replayed execution's address spaces, register contents, syscall data etc are exactly the same in every run. (Via: antirez)

Finding the statistical fingerprints of election thieves

In fair elections, a nation's voting pattern tends to feature one cluster, showing a general trend of voter turnout and vote for the victorious party (though some nations' regional voter preferences can distort it). Rigged ones show a cluster, but with a smear of votes toward the upper right for incremental fraud. Extreme fraud has a second, smaller, completely separate cluster at the top right corner, signifying up to 100 percent turnout and votes for the winner. (Via: jeresig)

Layout in Flipboard - For Web & Windows

The Duplo page layout engine searches between 2000 to 6000 candidate layouts for the best fit. It takes three steps to come up with a layout for a page: 1) create 2000+ layouts in a decision tree structure 2) select layout and apply content: It uses Branch and bound to shrink the candidate set, then it uses a dozen of heuristic like Perlin noise to maintain an organic feel between pages. 3) refining layout by aligning the DOM elements to baseline grids (Via: AlanInteractive)


"Turn Tiwai Point into the world's largest Bitcoin mining farm"

Published: Sat 30 November 2013

- fun

The Tiwai Point Aluminium Smelter is one of the largest industrial facilities in New Zealand. Between 2008 and 2013, aluminium prices fell by more than 30 percent. The owner, Rio Tinto, has threatened to close the Tiwai Point smelter if it can't get a cheaper deal for electricity from retailer Meridian, or the Government fails to give it a substantial subsidy. The Smelter consumes about 15% of all electricities NZ generates. So there have been lots of discussions of what NZ should do if Rio Tinto does shut it down.

Here is a crazy idea. How about build a large a Bitcoin mining farm to use the electricity?
This started as a joke on Twitter but after thinking about it for a while, it actually makes good sense.

Let's start with the technical side of the bitcoin mining business first.

You can think of the Bitcoin system as a global ledger and each transaciton as a switch from asset to liability in this ledger. The Bitcoin miners play the roles of the central banks except that there are thousands of these "central banks" out there competing to perform the "clearing house" function for every transaction that happens in the Bitcoin universe.

The task of these clearing houses is very simple: they group a set of transactions together into a block,
perform some checks and then put a stamp on it. The key step here is to "perform some check". This involves guessing a random number in, say, a trillion possibilities. There is no smart here. It's only about how fast you can brutal-force through all the possibilities and how cheap you can do this.

Of all those thousands participants, only the fastest one will win the transaction. All the rest, despite the fact that they might be half way through, will simply throw away the existing work and start again.

Here, the speed is determined by two factors: pure luck and the speed of the guess. The luck is mathmatically gauranteed to be equal, or, more accurately, random. Even with the fastest computer, you might still lose to a tiny computer in one's garage. You might think that this is a terribly competitive game to get yourself into. But it is a fierce competition only in the sense that it's a game of lottery where only thousand of people buys and there are hundreds of chances to win everyday.

So the real factor you can control is how fast you can guess. Once you've invested in the hardware, the main running cost is the electricity bill, which Tiwai Point seems to have plenty of.

It's a common mistake to think that as we getting closer to the hard limit of 21-million Bitcoins, there will be no money left to be made for the miners. Since a Bitcoin transaction won't succeed until it's processed by a miner. People who want a faster transaction, instead of waiting 7 hours, will usually offer a transaction fee. According to the Bitcoin website:

It is envisioned that over time the cumulative effect of collecting transaction fees will allow somebody creating new blocks to "earn" more bitcoins than will be mined from new bitcoins created by the new block itself. This is also an incentive to keep trying to create new blocks even if the value of the newly created block from the mining activity is zero in the far future.


"Four iPhone 5/iOS 7 technical improvements that caught my eyes"

Published: Mon 30 September 2013

There have been a lot of articles written about the new iPhone 5 so here I will skip all the fluffy stuff and focus on four technical changes that have caught my eyes.

First, the new 64-bit CPU and the Object-C runtime changes. This is the real deal.

Objective-C objects are contiguous chunks of memory. The first pointer-sized piece of that memory is the isa. Traditionally, the isa is a pointer to the object`s class.

ARM64 running iOS currently uses only 33 bits of a pointer, leaving 31 bits for other purposes. Class pointers are also aligned, meaning that a class pointer is guaranteed to be divisible by 8, which frees up another three bits, leaving 34 bits of the isa available for other uses. Apple's ARM64 runtime takes advantage of this for some great performance improvements.

Probably the important performance improvement is an inline reference count. On ARM64, 19 bits of the isa field go to holding the object's reference count inline. That means that the procedure for retaining an object simplifies to only one instruction instead of five.

My casual benchmarking indicates that basic object creation and destruction takes about 380ns on a 5S running in 32-bit mode, while it's only about 200ns when running in 64-bit mode.

Then we have the new M7 chip. This new chip makes it possible to use a few sensors without waking up the whole "computer". But if you look inside the chip, you'll see that it's only a consolidation rather than a revolutionary step as some media painted. It still doesn't include the "active display" or "touchless control" features that the Moto X has.

M7, which is actually an ARM Cortex-M3 part from NXP running at 180 MHz. The chip allows for low-power collection of motion data drawn from a Bosch Sensortec accelerometer, an STMicroelectronics gyroscope, and an AKM magnetometer.

After collecting information from the accelerometer, gyroscope, and magnetometer, the M7 performs some matrix math processing magic to produce an absolute orientation of the phone relative to the world. This data is then passed to the A7 in a neat package, probably in the form of three headings (roll, pitch, and yaw).

Using the A7 to monitor this sort of data would be mega-overkill, so the M7 was introduced to maintain a constant, low-power watch over these sensors.

Next is the Multi-Path TCP support for Siri. (See the qz coverage for less-technical discussions. )

MultiPath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/interfaces by a modification of TCP that presents a regular TCP interface to applications, while in fact spreading data across several subflows.

Benefits of this include better resource utilization, better throughput and smoother reaction to failures. The multipath-tcp website also has a nice video demo of the technology.

We did a little demo of MultiPath TCP used over Ethernet/WiFi/3G on our Linux Kernel implementation. We start an ssh-session with X-redirection and launch xscreensaver demo on the distant MPTCP-capable server. We then turn off Ethernet and WiFi and thanks to MultiPath TCP the ssh-session is able to handover the traffic to 3G without interrupting the user-experience. Without our MPTCP Linux Kernel the session would simply stop working and the user would need to restart the ssh-session.

The last one is the two new background execution modes for apps. According to the developer doc:

Apps that regularly update their content by contacting a server can register with the system and be launched periodically to retrieve that content in the background. To register, include the UIBackgroundModes key with the fetch value in your app’s Info.plist file. Then, when your app is launched, call the setMinimumBackgroundFetchInterval: method to determine how often it receives update messages. Finally, you must also implement the application:performFetchWithCompletionHandler: method in your app delegate.

Apps that use push notifications to notify the user that new content is available can fetch the content in the background. To support this mode, include the UIBackgroundModes key with the remote-notification value in your app’s Info.plist file. You must also implement the application:didReceiveRemoteNotification:fetchCompletionHandler: method in your app delegate.


"Zmap, messy technical standards and BULLRUN, Chrome's trojan strategy and plumbing OpenBSD with gdb"

Published: Wed 11 September 2013

- links

Zmap is a stateless and faster version of nmap. It can scan the complete IPv4 space in 44 minutes. Here’s is WashingtonPost's article on what you find when you scan the entire Internet in an hour.

John Gilmore's speculation on "BULLRUN"

NSA employees participted throughout, and occupied leadership roles in the committee and among the editors of the documents Every once in a while, someone not an NSA employee, but who had longstanding ties to NSA, would make a suggestion that reduced privacy or security, but which seemed to make sense when viewed by people who didn't know much about crypto. The resulting standard was incredibly complicated -- so complex that every real cryptographer who tried to analyze it threw up their hands and said, "We can't even begin to evaluate its security unless you simplify it radically".

Chrome's trojan horse strategy

Chrome Apps amount to a Trojan horse for Google. By way of the Chrome browser, the company is essentially putting its own app ecosystem right on top of Windows and OS X. It’s a play that’s been months in the making. “There are still reasons why a developer would build a native app over a Chrome App today, but we’re working to tackle each one,” Rakowski says. Google began promoting a handful of Chrome Apps (then called Packaged Apps) in May. In July, its Chrome notification center was pushed out to Windows and Chrome OS users, allowing for alerts and pop-ups outside the browser window. And for months, Chrome’s developer channels have shipped with an app launcher that lives in the Windows taskbar — this launcher rolled out to the public today too.

The new apps look and behave much like the native apps you find on Windows and OS X. They’re built using web technologies, but also with Chrome-specific code that means they won’t be able to run on other web browsers — they’re truly Chrome apps. They can exist outside of your browser window as distinct apps, work offline, and sync across devices and operating systems. They can also access your computer’s GPU, storage, camera, ports, and Bluetooth connection. Chrome Apps are, for now, only available through Chrome on Windows or Chrome OS on a Chromebook. Mac users will have to wait another six weeks before their version of Chrome will be updated.

Plumbing OpenBSD Software with gdb(1): An introudction on how to use gdb's malloc_dump and list ADDRESS to find memory leaks in OpenBSD's snmpd.


"Cannot measure productivity, OpenPGP for Gmail, Selling out and judge music performance by the look"

Published: Thu 05 September 2013

- links

Cannot measure productivity

Some people say "if you can't measure it, you can't manage it". That's a cop out. Businesses manage things they can't really measure the value of all the time. How do you measure the productivity of a company's lawyers, it's marketing department, an educational institution? You can't - but you still need to manage them (see Robert Austin for more). I can see why measuring productivity is so seductive. If we could do it we could assess software much more easily and objectively than we can now. But false measures only make things worse. This is somewhere I think we have to admit to our ignorance.

OpenPGP support for gmail

gmail-crypt: An OpenPGP browser (currently Chrome) extension that integrates tightly with Gmail and does encryption/decryption via Javascript.

Are you taking any steps to keep shit real? Dave Eggers on “Selling Out”: A long quote from Dave Eggers' A Heartbreaking Work of Staggering Genius.

The only thing worse than this sort of activity is when people, students and teachers alike, run around college campuses calling each other racists and anti-Semites. It’s born of boredom, lassitude. Too cowardly to address problems of substance where such problems actually are, we claw at those close to us. We point to our neighbor, in the khakis and sweater, and cry foul. It’s ridiculous. We find enemies among our peers because we know them better, and their proximity and familiarity means we don’t have to get off the couch to dismantle them. Did I wonder if people would think we were selling out, that we were not fulfilling the mission they had assumed we had committed ourselves to? No. I did not. Nor will I ever. We just don’t care. We care about doing what we want to do creatively. We want to be interested in it. We want it to challenge us. We want it to be difficult. We want to reinvent the stupid thing every time. Would I ever think, before I did something, of how those with sellout monitors would respond to this or that move? I would not.

Sight over sound in the judgement of music performance

participants were asked to predict the outcomes using either audio-only recordings, videos with audio, or videos without sound. Astoundingly, the prediction rate for those watching without sound was dramatically greater than those evaluating with the sound. In fact, those listening to the music predicted the proper outcome about one-third of the time, the same as chance.


"Fanout architecture design, Apache spark, algorithms beats Moore's law and Linux's SO_REUSEPORT"

Published: Thu 29 August 2013

- links

Fanout architecture design guides from Google (pdf): If a server has an average 1-ms latency but has a 1% chance of taking longer than 1 second to finish a request, spreading a request across 100 such servers would mean that 63% requests will take more than 1 second. This paper introduces some good engineering practices for designing a fanout architecture.

Apache Spark project: When memory is so cheap, why don't run mapreduce in memory?

Spark was initially developed for two applications where placing data in memory helps: iterative algorithms, which are common in machine learning, and interactive data mining. In both cases, Spark can run up to 100x faster than Hadoop MapReduce. However, you can use Spark for general data processing too.

Progress in Algorithms Beats Moore’s Law: From 1988 to 2003, solving the same model using linear programming sees an improvement by a factor of roughly 43 million.

Of this, a factor of roughly 1,000 was due to increased processor speed, whereas a factor of roughly 43,000 was due to improvements in algorithms!

Linux kernel 3.9 introduced SO_REUSEPORT: This patch allows multiple processes to bind to the same IP. This opens up the possibility of uninterrupted server upgrade by gradually replacing old processes with new ones. This used to be a big selling point for erlang, but now languages like Ruby, Python or node.js would be able to do it too.


"A problem statement for the web, bootstrap's way of thinking, a password manager follows unix philosophy and rules on writing c/c++ shared libraries"

Published: Mon 26 August 2013

- links

The bomb in the garden: Matthew Butterick's summarization on the problems of the Internet. It helps me to tie a few thoughts together into a more coherent framework. The problem statement:"the web is much better at making information free than making it expensive". As a consequence, "We've ended up with a web dominated by advertising, which is weakening. ". We're seeing "a gradual degradation of design quality" and the real possibility of "the open web becomes a second-class platform". He did propose a solution, which is similar to what Tim Berners Lee said at World Economic Forum in Jan, that we need to make it really easy to pay for online content.

Bootstrap 3 Grid Introduction: I found bootstrap v3's "mobile first" approach a bit confusing. This article provides a short-but-solid description on what does it mean to be a "mobile first" grid system. Even if you were not using bootstrap v3, reading this would still bring a new perspective to stylesheet design in mobile age.

Pass: the standard Unix password manager: A great password manager that follows the Unix philosophy. It uses GPG to encrypt password files and uses git to track password changes.

Beautiful Native Libraries: Armin's suggestions on writing proper c/c++ shared libraries that "do not annoy your users". Loads of solid advises, but I hope I would never need to use them.


"Choir.io explained"

Published: Fri 16 August 2013

- bestof

People ask me "why do you build choir.io". Yes, the Github Realtime Activity demo is cool, but are you really going to bet your next startup on this?"

My answer is yes and this post explains why.

Five years from now, most of us will handle casual computing tasks with wearable computers. We don't know what the devices might look like but it's almost certain that we will be communicating with them using voice commands. Google Moto X's "always listening" feature enables us to talk to the phone without having to launch an app. Google's voice search is finally fast enough to keep up with my natural speaking speed.

However, the options for computers to communicate back to us are still very limited. Your email client might play a ding sound when a new email arrives. But the sound stays the same regardless of whom the mail is sent from and how important it is to you.

Our ears are born multi-tasking masters. As I am typing this, I could hear the heat pump's humming, the wind blowing the leaves and the light tapping of snow flakes on the window. All at the same time.

We can also, almost effortlessly, notice changes of a sound among different background "noises". Without looking out of the window, I can tell that the snow has just turned into a sleety rain, because the soft snow falling sound has become much louder as the ice hitting the ground.

Sound is the perfect medium for wearable computers to talk back to us. Sound has a dozen of properties that we can tune to convey different level of emotions and intrusiveness. Different sound packs would fit into various contexts.

This is where Choir comes in. Choir provides a programmable interface to translate events into a rich set of context-aware sounds. Our users mark events with emotions and intrusivenss and we take care of the rest.

Is Choir too early for the market? Certainly not. Choir has three killer applications.

First, ambient sound monitoring. By associating user or server activities with different sounds, you can stay aware of the current statuses without having to look at the graphs. If something unusual happens, you would hear the changes almost subconsciously. Failed login requests, rejected credit card transactions, 500 errors are a few good examples here.

Second, notify without interruptions. Today your notifications are mostly delivered via email or chat room messages. You have to bear the cost of context switches to checkout these messages. Choir can provide you with a more fine-grained control over different type of notifications. For example, you might choose to play a pleasant, low-intrusive sound when a user gives a kudos to a support ticket, but you would probably want to select a negative and intrusive sound, maybe a sea monster roar, if a user just unsubscribed from your service. If you hear too many of the scary sea monster noises, you will know something is wrong.

Third, celebrate with others. Some companies would hit a giant gone when they close a new deal. It is a great morale booster to bring the whole team together and share the excitement of successes. Now you could configure Choir to play a cheerful sound when a new paid user sign up for your service.

If you are interested to give Choir a go, please request an invite at http://choir.io. You can also visit our support forum and tell us what you think. We'd love to hear from you.


"Facebook's Huxley, looking inside Dropbox, short writing style guide and easy to be a jerk online"

Published: Thu 15 August 2013

- links

Facebook's Huxley: Huxley is a new approach to test UIs. Presentation layer tests are tedious to write and fragile to maintain. Huxley takes screenshots of each test run and compare them with previous results to find out what has changed.

Looking inside the (Drop) box: This paper presents a method to decrypt Dropbox's native app, bypass the two factor authentication and hijack Dropbox accounts. The key here is to inject Python code by overriding standard C functions like strlen.

Effective writing style PPT from WSU

While you might feel that this takes away some of the forcefulness of your writing, you should always feel that being correct is more important than being persuasive. (via @Bohr_research)

Most everyone can be a jerk online

1% of players are toxic, frequently acting badly; 78% of players are generally good. The graph on the right shows toxic behavior. And only 5% of toxic behavior comes from toxic people; 77% of it comes from people who are usually good.


« Page 3 / 15 »