Published: Fri 28 March 2014
Many Stairs to Climb – 2
From Simon East's Rephotographing project. Simon scanned some 130-year-old
panorama photos of Dunedin. Then he built a beautifully slider
interface that allows side-by-side comparison between 1880 and 2014.
(Via: Jinty MacTavish)
Mozilla's RR debugger
rr aspires to be your primary debugging tool, replacing — well, enhancing — gdb. You record a failure once, then debug the recording, deterministically, as many times as you want. Every time the same execution is replayed.
Remember, you're debugging the recorded trace deterministically; not a live, nondeterministic execution. The replayed execution's address spaces, register contents, syscall data etc are exactly the same in every run.
Finding the statistical fingerprints of election thieves
In fair elections, a nation's voting pattern tends to feature one cluster, showing a general trend of voter turnout and vote for the victorious party (though some nations' regional voter preferences can distort it). Rigged ones show a cluster, but with a smear of votes toward the upper right for incremental fraud. Extreme fraud has a second, smaller, completely separate cluster at the top right corner, signifying up to 100 percent turnout and votes for the winner.
Layout in Flipboard - For Web & Windows
The Duplo page layout engine searches between 2000 to 6000 candidate layouts for the best fit. It takes three steps to come up with a layout for a page:
1) create 2000+ layouts in a decision tree structure
2) select layout and apply content: It uses Branch and bound to shrink the candidate set, then it uses a dozen of heuristic like Perlin noise to maintain an organic feel between pages.
3) refining layout by aligning the DOM elements to baseline grids
Published: Sat 30 November 2013
The Tiwai Point Aluminium Smelter is one of the
largest industrial facilities in New Zealand.
Between 2008 and 2013, aluminium prices fell by more than 30 percent. The owner, Rio Tinto, has
threatened to close the Tiwai Point smelter if it can't get a cheaper deal for electricity
from retailer Meridian, or the Government fails to give it a substantial subsidy.
The Smelter consumes about 15% of all electricities NZ generates. So there have been lots of
discussions of what NZ should do if Rio Tinto does shut it down.
Here is a crazy idea. How about build a large a Bitcoin mining farm to use the electricity?
This started as a joke on
Twitter but after thinking about it for a while, it actually makes good sense.
Let's start with the technical side of the bitcoin mining business first.
You can think of the Bitcoin system as a global ledger and each transaciton
as a switch from asset to liability in this ledger. The Bitcoin miners play the roles of
the central banks except that there are thousands
of these "central banks" out there competing to perform the "clearing house"
function for every transaction that happens in the Bitcoin universe.
The task of these clearing houses is very simple: they group a set of transactions together into a block,
perform some checks and then put a stamp on it. The key step here is to "perform some check".
This involves guessing a random number in, say, a trillion possibilities. There is no smart here.
It's only about how fast you can brutal-force through all the possibilities and
how cheap you can do this.
Of all those thousands participants, only the fastest one
will win the transaction. All the rest, despite the fact that they might be half
way through, will simply throw away the existing work and start again.
Here, the speed is determined by two factors: pure luck and the speed of the guess.
The luck is mathmatically gauranteed to be equal, or, more accurately, random.
Even with the fastest computer, you might still lose to a tiny computer in one's garage.
You might think that this is a terribly competitive game to get yourself into.
But it is a fierce competition only in the sense that it's a game of lottery
where only thousand of people buys and there are hundreds of chances to win
So the real factor you can control is how fast you can guess.
Once you've invested in the hardware, the main running cost is
the electricity bill, which Tiwai Point seems to have plenty of.
It's a common mistake to think that as we getting closer to the hard limit of
there will be no money left to be made for the miners. Since a Bitcoin transaction won't
succeed until it's processed by a miner. People who want
a faster transaction, instead of waiting 7 hours, will usually offer a transaction fee.
According to the Bitcoin website:
It is envisioned that over time the cumulative effect of collecting transaction fees
will allow somebody creating new blocks to "earn" more bitcoins than will be mined
from new bitcoins created by the new block itself. This is also an incentive to keep
trying to create new blocks even if the value of the newly created block from
the mining activity is zero in the far future.
Published: Mon 30 September 2013
There have been a lot of articles written about the new iPhone 5 so here I will skip all the fluffy stuff and focus on four technical changes that have caught my eyes.
First, the new 64-bit CPU and the Object-C runtime changes. This is the real deal.
Objective-C objects are contiguous chunks of memory. The first pointer-sized piece of that memory is the isa. Traditionally, the isa is a pointer to the object`s class.
ARM64 running iOS currently uses only 33 bits of a pointer, leaving 31 bits for other purposes. Class pointers are also aligned, meaning that a class pointer is guaranteed to be divisible by 8, which frees up another three bits, leaving 34 bits of the isa available for other uses. Apple's ARM64 runtime takes advantage of this for some great performance improvements.
Probably the important performance improvement is an inline reference count. On ARM64, 19 bits of the isa field go to holding the object's reference count inline. That means that the procedure for retaining an object simplifies to only one instruction instead of five.
My casual benchmarking indicates that basic object creation and destruction takes about 380ns on a 5S running in 32-bit mode, while it's only about 200ns when running in 64-bit mode.
Then we have the new M7 chip. This new chip makes it possible to use a few sensors without waking up the whole "computer". But if you look inside the chip, you'll see that it's only a consolidation rather than a revolutionary step as some media painted. It still doesn't include the "active display" or "touchless control" features that the Moto X has.
M7, which is actually an ARM Cortex-M3 part from NXP running at 180 MHz. The chip allows for low-power collection of motion data drawn from a Bosch Sensortec accelerometer, an STMicroelectronics gyroscope, and an AKM magnetometer.
After collecting information from the accelerometer, gyroscope, and magnetometer, the M7 performs some matrix math processing magic to produce an absolute orientation of the phone relative to the world. This data is then passed to the A7 in a neat package, probably in the form of three headings (roll, pitch, and yaw).
Using the A7 to monitor this sort of data would be mega-overkill, so the M7 was introduced to maintain a constant, low-power watch over these sensors.
Next is the Multi-Path TCP support for Siri. (See the qz coverage for less-technical discussions. )
MultiPath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/interfaces by a modification of TCP that presents a regular TCP interface to applications, while in fact spreading data across several subflows.
Benefits of this include better resource utilization, better throughput and smoother reaction to failures.
The multipath-tcp website also has a nice video demo of the technology.
We did a little demo of MultiPath TCP used over Ethernet/WiFi/3G on our Linux Kernel implementation. We start an ssh-session with X-redirection and launch xscreensaver demo on the distant MPTCP-capable server. We then turn off Ethernet and WiFi and thanks to MultiPath TCP the ssh-session is able to handover the traffic to 3G without interrupting the user-experience. Without our MPTCP Linux Kernel the session would simply stop working and the user would need to restart the ssh-session.
The last one is the two new background execution modes for apps. According to the developer doc:
Apps that regularly update their content by contacting a server can register with the system and be launched periodically to retrieve that content in the background. To register, include the UIBackgroundModes key with the fetch value in your app’s Info.plist file. Then, when your app is launched, call the setMinimumBackgroundFetchInterval: method to determine how often it receives update messages. Finally, you must also implement the application:performFetchWithCompletionHandler: method in your app delegate.
Apps that use push notifications to notify the user that new content is available can fetch the content in the background. To support this mode, include the UIBackgroundModes key with the remote-notification value in your app’s Info.plist file. You must also implement the application:didReceiveRemoteNotification:fetchCompletionHandler: method in your app delegate.
Published: Wed 11 September 2013
Zmap is a stateless and faster version of nmap. It can scan the complete IPv4 space in 44 minutes. Here’s is WashingtonPost's article on what you find when you scan the entire Internet in an hour.
John Gilmore's speculation on "BULLRUN"
NSA employees participted throughout, and occupied leadership roles in the committee and among the editors of the documents
Every once in a while, someone not an NSA employee, but who had longstanding ties to NSA, would make a suggestion that reduced privacy or security, but which seemed to make sense when viewed by people who didn't know much about crypto.
The resulting standard was incredibly complicated -- so complex that every real cryptographer who tried to analyze it threw up their hands and said, "We can't even begin to evaluate its security unless you simplify it radically".
Chrome's trojan horse strategy
Chrome Apps amount to a Trojan horse for Google. By way of the Chrome browser, the company is essentially putting its own app ecosystem right on top of Windows and OS X. It’s a play that’s been months in the making. “There are still reasons why a developer would build a native app over a Chrome App today, but we’re working to tackle each one,” Rakowski says. Google began promoting a handful of Chrome Apps (then called Packaged Apps) in May. In July, its Chrome notification center was pushed out to Windows and Chrome OS users, allowing for alerts and pop-ups outside the browser window. And for months, Chrome’s developer channels have shipped with an app launcher that lives in the Windows taskbar — this launcher rolled out to the public today too.
The new apps look and behave much like the native apps you find on Windows and OS X. They’re built using web technologies, but also with Chrome-specific code that means they won’t be able to run on other web browsers — they’re truly Chrome apps. They can exist outside of your browser window as distinct apps, work offline, and sync across devices and operating systems. They can also access your computer’s GPU, storage, camera, ports, and Bluetooth connection. Chrome Apps are, for now, only available through Chrome on Windows or Chrome OS on a Chromebook. Mac users will have to wait another six weeks before their version of Chrome will be updated.
Plumbing OpenBSD Software with gdb(1): An introudction on how to use gdb's
list ADDRESS to find memory leaks in OpenBSD's snmpd.
Published: Thu 05 September 2013
Cannot measure productivity
Some people say "if you can't measure it, you can't manage it". That's a cop out. Businesses manage things they can't really measure the value of all the time. How do you measure the productivity of a company's lawyers, it's marketing department, an educational institution? You can't - but you still need to manage them (see Robert Austin for more).
I can see why measuring productivity is so seductive. If we could do it we could assess software much more easily and objectively than we can now. But false measures only make things worse. This is somewhere I think we have to admit to our ignorance.
OpenPGP support for gmail
Are you taking any steps to keep shit real? Dave Eggers on “Selling Out”: A long quote from Dave Eggers' A Heartbreaking Work of Staggering Genius.
The only thing worse than this sort of activity is when people, students and teachers alike, run around college campuses calling each other racists and anti-Semites. It’s born of boredom, lassitude. Too cowardly to address problems of substance where such problems actually are, we claw at those close to us. We point to our neighbor, in the khakis and sweater, and cry foul. It’s ridiculous. We find enemies among our peers because we know them better, and their proximity and familiarity means we don’t have to get off the couch to dismantle them.
Did I wonder if people would think we were selling out, that we were not fulfilling the mission they had assumed we had committed ourselves to?
No. I did not. Nor will I ever. We just don’t care. We care about doing what we want to do creatively. We want to be interested in it. We want it to challenge us. We want it to be difficult. We want to reinvent the stupid thing every time. Would I ever think, before I did something, of how those with sellout monitors would respond to this or that move? I would not.
Sight over sound in the judgement of music performance
participants were asked to predict the outcomes using either audio-only recordings, videos with audio, or videos without sound. Astoundingly, the prediction rate for those watching without sound was dramatically greater than those evaluating with the sound. In fact, those listening to the music predicted the proper outcome about one-third of the time, the same as chance.
Published: Thu 29 August 2013
Fanout architecture design guides from Google (pdf): If a server has an average 1-ms latency but has a 1% chance of taking longer than 1 second to finish a request, spreading a request across 100 such servers would mean that 63% requests will take more than 1 second. This paper introduces some good engineering practices for designing a fanout architecture.
Apache Spark project: When memory is so cheap, why don't run mapreduce in memory?
Spark was initially developed for two applications where placing data in memory helps: iterative algorithms, which are common in machine learning, and interactive data mining. In both cases, Spark can run up to 100x faster than Hadoop MapReduce. However, you can use Spark for general data processing too.
Progress in Algorithms Beats Moore’s Law:
From 1988 to 2003, solving the same model using linear programming sees an improvement by a factor of roughly 43 million.
Of this, a factor of roughly 1,000 was due to increased processor speed, whereas a factor of roughly 43,000 was due to improvements in algorithms!
Linux kernel 3.9 introduced SO_REUSEPORT: This patch allows multiple processes to bind to the same IP. This opens up the possibility of uninterrupted server upgrade by gradually replacing old processes with new ones. This used to be a big selling point for erlang, but now languages like Ruby, Python or node.js would be able to do it too.
Published: Mon 26 August 2013
The bomb in the garden: Matthew Butterick's summarization on the problems of the Internet. It helps me to tie a few thoughts together into a more coherent framework. The problem statement:"the web is much better at making information free than making it expensive". As a consequence, "We've ended up with a web dominated by advertising, which is weakening. ". We're seeing "a gradual degradation of design quality" and the real possibility of "the open web becomes a second-class platform". He did propose a solution, which is similar to what Tim Berners Lee said at World Economic Forum in Jan, that we need to make it really easy to pay for online content.
Bootstrap 3 Grid Introduction: I found bootstrap v3's "mobile first" approach a bit confusing. This article provides a short-but-solid description on what does it mean to be a "mobile first" grid system. Even if you were not using bootstrap v3, reading this would still bring a new perspective to stylesheet design in mobile age.
Pass: the standard Unix password manager: A great password manager that follows the Unix philosophy. It uses GPG to encrypt password files and uses git to track password changes.
Beautiful Native Libraries: Armin's suggestions on writing proper c/c++ shared libraries that "do not annoy your users". Loads of solid advises, but I hope I would never need to use them.
Published: Fri 16 August 2013
People ask me "why do you build choir.io". Yes,
the Github Realtime Activity
demo is cool, but are you really going to bet your next startup on this?"
My answer is yes and this post explains why.
Five years from now, most of us will handle
casual computing tasks with wearable computers. We don't know what
the devices might look like but it's almost certain that we will be
communicating with them using voice commands. Google Moto X's
feature enables us to talk to the phone without having to launch an
app. Google's voice search is finally fast enough to keep up with
my natural speaking speed.
However, the options for computers to communicate back to us
are still very limited. Your email client might play a ding sound
when a new email arrives. But the sound stays the same regardless of whom
the mail is sent from and how important it is to you.
Our ears are born multi-tasking masters. As I am
typing this, I could hear the heat pump's humming,
the wind blowing the leaves and the light tapping of snow flakes on the
window. All at the same time.
We can also, almost effortlessly, notice changes of a sound among
different background "noises". Without looking out of the window, I can tell
that the snow has just turned into a sleety rain, because the soft snow
falling sound has become much louder as the ice hitting the ground.
Sound is the perfect medium for wearable computers to talk back to us.
Sound has a dozen of properties that we can tune to convey different
level of emotions and intrusiveness. Different sound packs would fit
into various contexts.
This is where Choir comes in. Choir provides a programmable
interface to translate events into a rich set of context-aware sounds.
Our users mark events with emotions and intrusivenss and we take care of the
Is Choir too early for the market? Certainly not. Choir has three
First, ambient sound monitoring. By associating user or server
activities with different sounds, you can stay aware of the current statuses
without having to look at the graphs. If something unusual happens, you would
hear the changes almost subconsciously. Failed login requests, rejected
credit card transactions, 500 errors are a few good examples here.
Second, notify without interruptions. Today your notifications are
mostly delivered via email or chat room messages. You have to bear the cost
of context switches to checkout these messages. Choir can provide you
with a more fine-grained control over different type of notifications.
For example, you might choose to play a pleasant, low-intrusive sound
when a user gives a kudos to a support ticket, but you would probably want to
select a negative and intrusive sound, maybe a sea monster roar, if a
user just unsubscribed from your service. If you hear too many of the
scary sea monster noises, you will know something is wrong.
Third, celebrate with others. Some companies would hit a giant
gone when they close a new deal. It is a great morale booster to bring
the whole team together and share the excitement of successes.
Now you could configure Choir to play a cheerful sound when a new paid
user sign up for your service.
If you are interested to give Choir a go, please request an invite at
http://choir.io. You can also visit our support
forum and tell us what you think.
We'd love to hear from you.
Published: Thu 15 August 2013
Facebook's Huxley: Huxley is a new approach to test UIs. Presentation layer tests are tedious to write and fragile to maintain. Huxley takes screenshots of each test run and compare them with previous results to find out what has changed.
Looking inside the (Drop) box: This paper presents a method to decrypt Dropbox's native app, bypass the two factor authentication and hijack Dropbox accounts. The key here is to inject Python code by overriding standard C functions like
Effective writing style PPT from WSU
While you might feel that this takes away some of the forcefulness of your writing, you should always feel that being correct is more important than being persuasive.
Most everyone can be a jerk online
1% of players are toxic, frequently acting badly; 78% of players are generally good. The graph on the right shows toxic behavior. And only 5% of toxic behavior comes from toxic people; 77% of it comes from people who are usually good.
Published: Wed 14 August 2013
Android is better - How I fell in love with Android and how you can too: My main phone is an iPhone 4s. I used Android briefly for a recent project. Are there anything I hope iOS would have? Android's notification center. @stammy summarized it up here:
My love of Android lies heavily with the way Android handles notifications. These aren't your useless "read-only" iOS notifications that just launch the app. I've thought about notifications a lot while I working on the (twitter's) notifications team; how to keep the user in control and make it clear what each notification is actually saying.
Basically, it's your entire phone command center.
Redefining 'undefined': This short post tells a fascinating story of
undefined is both a "global variable", which means it can be assigned to, and an immutable value where
undefined is the only instance of the type.
new Boolean(false) object and use it in an
if statement, you'll get the result as if it is a
The flattening of e-book sales: Ebook sales growth has peaked at about 25% of total market size. The author gives 6 guesses on why this is the case. My theory is that technology evolves much faster than human beings. Once a habit is formed, it'll be there for the rest of one's life. The widening gaps between generations in the millennial test is a good example of how hard it is to change habits.
How Laura Poitras Helped Snowden Spill His Secrets: Laura Poitras was contacted by Snowden in January, who asked for her public key before sending out any documents. She then met him and filmed the interview between Greenwald and Snowden in HongKong, as part of her documentary on surveillance state. This article talks about her work, her personality and the very intense story that leads up to the final Snowden leak.
Page 3 / 15