Hacker News

Linux Design Tools: High-end Design on a Low-end Budget

Fri, 14 Feb 2014 05:47:23 -0800

Comments: "Linux Design Tools: High-end Design on a Low-end Budget"

URL: http://www.sitepoint.com/linux-design-tools/

While the world’s best commercial graphic applications come with packed with features, they also come with a price tag many find hard to justify.

Though there are plenty of less expensive alternatives, the simple truth is: It’s hard to get cheaper than free.

Today we’re going to look some of the free, open source graphic apps available, and see if they are a viable replacement.

If you are currently unfamiliar with the abundance of free open source graphic apps now available, you may well be missing out.

The best open source graphic applications on this list are comparable in quality to their leading commercial equivalents.

Don’t be put off by the word ‘free’ either. This is a case where ‘free’ definitely doesn’t mean low quality.

I know what you’re thinking: “If I use free software, I’ll have far too much extra money!’

Relax. You can always donate to the hard-working developers behind these apps, and help them make them even better.

So, let’s get to the list, and see if open source can genuinely compete with their expensive commercial counterparts.

Sidenote: Although most of these applications were originally developed for Linux, they often have Windows and Mac versions.

1. Could You Use GIMP to Replace Photoshop?

Often the first application that comes to mind when you are thinking about free, open source graphics is GIMP (Gnu Image Manipulation Program).

While GIMP doesn’t have all the niche features of Photoshop, it certainly offers a lot. In fact, there are a good many professional designers who use GIMP and judging by their output, the results are stunning.

So, assuming you have some design skills, the limitations of the applications you use is secondary.

Image Credit: gimp.org

What Can GIMP Do?

GIMP is a raster graphics application that is useful for image editing and retouching.

You can also use it to create raster images from scratch, as well as simple animations.

Cage Transform in action

It supports layers and channels, has an advanced gradients function, includes paths and quick masks. There are rotation and transformation tools, as well as tools for scaling, cropping, resizing, file format conversion, and more.

GIMP can also be used for both Web and print design.

It even has a few tools that don’t have direct analogs in Photoshop — for instance, the Cage Transform tool that allows to warp just parts of objects.

Where Does GIMP Fall Short?

The main areas where GIMP falls behind are interface and feature list.

Any designer raised on the Photoshop interface, might not always find menus options where they predict them to be.

It’s true, the GIMP interface is different from Photoshop, and there will be an inevitable learning curve.

However, if the UI differences are a show-stopper for you, there’s always Gimpshop. Gimpshop is GIMP retro-fitted a very Photoshop-like interface.

Some may argue that reproducing Photoshop is not something to aspire to. You be the judge.

In terms of features, it’s hard to pinpoint exactly which Photoshop features are missing, as most missing functionality can be added via GIMP’s rich plugins ecosystem.

In theory, this is a better model, as you won’t have lots of unused functionality obscuring the features you need.

As an example, GIMP doesn’t ship with RAW image processing abilities, but this can be added via the UFRaw plugin.

GIMP does lack the granular text options of Photoshop, along with its adjustment layers. CMYK support is also somewhat limited by default, though additional plugins can plug this gap if required.

While the lack of these features may well be a show-stopper for some, I suspect many designers would not even notice their absence.

Interoperability is often cited as the biggest problem for dedicated GIMP users. Clients frequently want to provide you with PSD files, and while GIMP supports PSD in theory, the practical results aren’t always ideal.

This file format issue is often cited as a key hurdle for new adopters, and is likely the major reason GIMP is not as widely-adopted as it might be.

Price Comparison Between GIMP and Photoshop

While there are some obvious caveats to adopting GIMP, these hurdles often become less important when you compare costs. As I mentioned, GIMP is free – it’s hard to get cheaper than that.

On the other hand, Photoshop is no small investment. Currently, you can get Photoshop CS6 as a standalone application for $699-999 or for $1,299-2,559, bundled with other Creative Suite 6 products.

With Adobe’s new rent-only policy – i.e. their Creative Cloud the situation is similar.

If you are lucky to catch a promotion, you can get Photoshop for under $10 a month – otherwise the regular price is $19.99-29.99 a month.

If you decide to go for the complete Creative Cloud, the price goes up to $49.99 a month (on a yearly contract), which is $600 a year.

That is a lot money for most of us — especially if you are not using the software every day!

2. Could you use Inkscape to replace Illustrator?

Adobe Illustrator is another leading commercial vector graphic application that has a viable free open source competitor in the form of Inkscape.

SCREENSHOT, Image Credit: inkscape.org

What Does Inkscape Bring to the Table?

Inkscape uses the W3C standard Scalable Vector Graphics (SVG) file format as it’s default. As you might know, SVG is a format that is becoming more relevant to web developers with every passing day.

It can also work with other popular vector formats, such as .ai, .eps, or .pdf, while most other vector graphics programs can handle its SVG files.

Inkscape ships with markers, clones, alpha blending, path operations, bitmap tracing, and other standard SVG features.

For a full list of features, check this.

Perhaps the most interesting section here is the list of features Inkscape has that are missing in Illustrator. According to inkscape.org, the following Inkscape abilities are lacking in Illustrator:

Edit SVG source directly
Clones, tiled clones, edit clones on canvas
Keys to move/rotate/scale by screen pixels
Shapes as objects
Edit gradients with handles on-canvas
Edit nodes with keyboard
One-click paint bucket fill

While this list may need to be updated, I think it’s useful enough to include regardless.

What Illustrator Functionality Is Missing in Inkscape?

If you decided to switch to Inkscape, you should also be aware of its limitations.

Firstly, file interoperability can be an issue, especially with older .ai files.

Inkscape.org also publishes a list of Illustrator features that are currently missing in Inkscape:

These include:

Gradient meshes
Multiple strokes and fills for one object
Color management for print (ICCProfiles, etc.)
PMS color management
Natively work with graphs based ondata
Free transform and perspective transform (available via extension)
Blends (available via extension)

Again, this list may be slightly outdated, but gives you a sense of what you might be losing if you decide to throw your lot in with Inkscape.

Now, I wouldn’t class myself as a ‘power-user’ of either Illustrator or Inkscape. But as an occasional user I can attest that my skills (or the lack of them) are certainly a much more serious barrier, than any software limitations.

From my point of view, there is no critical feature or tool that Inkscape lacks. For the majority of projects — even demanding professional use — I believe Inkscape is a very feasible alternative.

Price Comparison Between Inkscape and Adobe Illustrator

The price comparison between Inkscape and Adobe Illustrator is very similar to the earlier Photoshop comparision – free vs $599 for Illustrator CS6, or $19.99 a month for the standalone Creative Cloud version, or $49.99 as part of CC bundle.

Switching to Inkscape could save you $240-600 a year.

3. Could You Use Scribus Instead of InDesign?

If you are into desktop publishing, then you might be interested in Scribus as an alternative to Quark Xpress, Adobe InDesign, or Microsoft Publisher.

Scribus is not an exact match of either program, so you shouldn’t expect it to have all the features you know from these programs.

Scribus: SCREENSHOT, Image Credit:
http://www.tomsguide.com/us/download/Scribus,0302-6428-150189.html

What can Scribus Do?

In simple terms, Scribus offers solid “CMYK color, separations, Spot Colors, ICC color management and versatile PDF creation.” It also can work with most common raster and vector image formats, as well as many text formats.

Features that Scribus Lacks

Similarly to GIMP and Inkscape, the Scribus interface is very different to that of InDesign. Until you become accustomed to it, it’s likely to take you some time to perform even the simplest tasks.

Now, I am no Scribus expert, and to be frank, my encounters with InDesign are pretty sketchy, but experienced desktop publishers tell me they couldn’t use Scribus for critical publishing tasks.

Aside from this, many common functions you will find in InDesign, are currently absent from Scribus. For instance, in Scribus you can’t even dock, move or hide individual palettes.

But what’s the main buzz-killer?

Currently Scribus can’t open InDesign’s default format. While Scribus’s PDF export facility covers most print situations, the lack of ‘INDD’ support will be a roadblock for some.

Again the savings are significant – free versus $19.99/49.99 a month for InDesign.

However, since Scribus isn’t anywhere near as competent a replacement to InDesign, as GIMP and Inkscape are to Photoshop and Illustrator respectively, I think the price comparison is far less relevant.

This comparison is truly an ‘apples to oranges’ situation.

4. Other High Quality Linux Graphics Tools

The list of open source useful applications that are compete competently with commercial equivalents is too long to cover comprehensively here.

However special mention has to go to the amazingly powerful Blender 3D, used for 3D design, video editing and special effects.

SCREENSHOT, Image Credit: blender.org

While arguably not be a complete substitute for Premiere, 3DS Max or Maya, Blender has become a rich and powerful platform — evidenced by Blender-powered, short films and games such as Big Buck Bunny, Sintel and Tears of Steel.

Big Buck Bunny: Created entirely in Blender.

Krita and MyPaint are two other graphic programs in addition to GIMP you can use. Paint.net for Windows is also a very viable Photoshop alternative.

Xara for vector graphics and Pencil for cartoons are also good. When you add FontForge (for fonts creation), Dia (for diagrams), or Draw from the LibreOffice package, you’ll see that you can do pretty well without a spending metaphorical dime.

These applications are just a sample of what’s available in the Linux world. Some are included in Linux distributions, while others need to be downloaded and installed separately.

If you don’t have the time to do it, you can get a graphics-focused Linux distribution, such as DreamStudio.

Dreamstudio includes all the applications listed above, plus some other graphics, sound, and video applications, like Darktable. Similar in function to Adobe Lightroom, Darktable helps you manage your digital negatives, view them through a zoomable light-table, as well as develop and enhance raw images .

Ready for Primetime?

Whether these applications can become your default editors is a question only you can answer. However, even if you decide they aren’t quite ready to completely replace your commercial suite yet, they may still may have a useful role in your toolkit.

Frequently I find it more efficient to use an open source application for many of the simple graphics tasks you might perform in a typical day — cropping, scaling and simple color tweaks.

Faster start-up times mean I’m often exporting from my open source app before it’s heavier commercial kin has had time to load.

And that can make a big difference to your productivity in a busy day.

As with many other decision in life, the choice of open source versus proprietary software isn’t only about the money.

Ada is a fulltime freelancer. She enjoys design and writing and tries to keep pace with the all the latest and greatest new developments in technology

GOG.com

Fri, 14 Feb 2014 06:03:23 -0800

Comments: "GOG.com"

Multiple Simultaneous Ajax Requests (with one callback) in jQuery | CSS-Tricks

Fri, 14 Feb 2014 06:30:38 -0800

Comments: "Multiple Simultaneous Ajax Requests (with one callback) in jQuery | CSS-Tricks"

URL: http://css-tricks.com/multiple-simultaneous-ajax-requests-one-callback-jquery/

Published February 13, 2014 by Chris Coyier

Let's say there is a feature on your website that only gets used 5% of the time. That feature requires some HTML, CSS, and JavaScript to work. So you decide that instead of having that HTML, CSS, and JavaScript on the page directly, you're going to Ajax that stuff in when the feature is about to be used.

We'll need to make three Ajax requests. Since we don't want to show anything to the user until the feature is ready to go (plus they all kinda rely on each other to work right) we need to wait for all three of them to be complete before proceeding.

What's the best way to do that?

Ajax calls in jQuery provide callbacks:

$.ajax({
 statusCode: {
 url: "/feature",
 success: function() {
 // Ajax success
 }
 }
});

Or the "Deferred" way, this time using a shorthand $.get() method:

$.get("/feature/").done(function() {
 // Ajax success
});

But we have three Ajax requests we're needing to perform, and we want to wait for all three of them to finish before doing anything, so it could get pretty gnarly in callback land:

// Get the HTML
$.get("/feature/", function(html) {
 // Get the CSS
 $.get("/assets/feature.css", function(css) {
 
 // Get the JavaScript
 $.getScript("/assets/feature.js", function() {
 // All is ready now, so...
 // Add CSS to page
 $("<style />").html(css).appendTo("head");
 // Add HTML to page
 $("body").append(html);
 });
 });
});

This successfully waits until everything is ready before adding anything to the page. So by the time the user sees anything, it's good to go. Perhaps that makes some of you feel nauseated, but I've done things that way before. At least it makes sense and works. The problem? It's slow.

One request ... wait to be done ... another request ... wait to be done ... another request ... wait to be done ... go.

It would be faster if we could do:

All three requests in parallel ... wait for all three to be done ... go.

We can use a bit of Deferred / Promises action to help here. I'm sure this is some JavaScript 101 stuff to some of you but this kind of thing eluded me for a long time and more complex Promises stuff still does.

In our simple use case, we can use jQuery's $.when() method, which takes a list of these "Deferred" objects (All jQuery Ajax methods return Deferred objects) and then provides a single callback.

$.when(
 // Deferred object (probably Ajax request),
 // Deferred object (probably Ajax request),
 // Deferred object (probably Ajax request)
}.then(function() {
 // All have been resolved (or rejected), do your thing
});

So our callback-hell can be rewritten like:

$.when(
 // Get the HTML
 $.get("/feature/", function(html) {
 globalStore.html = html;
 }),
 // Get the CSS
 $.get("/assets/feature.css", function(css) {
 globalStore.css = css;
 }),
 // Get the JS
 $.getScript("/assets/feature.js")
).then(function() {
 // All is ready now, so...
 // Add CSS to page
 $("<style />").html(globalStore.css).appendTo("head");
 // Add HTML to page
 $("body").append(globalStore.html);
});

Another use case: mustard cutting

My use-case example above is a 5% feature. Keep the page lighter for the 95% of users who don't use the feature, and have it be a relatively quick add-on for those that do.

Another situation might be a cut-the-mustard situation where you add in additional features or content to a page in certain situations, as you decide. Perhaps do a matchMedia test on some media queries and determine the device's screen and capabilities are such that you're going to include some extra modules. Cool, do it up with some parallel Ajax calls!

10 French startups disrupting the way you experience fashion online

Fri, 14 Feb 2014 06:40:38 -0800

Comments: "10 French startups disrupting the way you experience fashion online"

URL: http://www.rudebaguette.com/2014/02/14/10-french-startups-fashion-marketplace/

It may sound like a stretch to say that French people are the reference for fashion. But as we say, “il n’y a pas de fumée sans feu” (there’s no smoke without fire).

In addition to having a very prolific fashion sense, the French are also very creative when it comes to the shopping experience. The landscape of French fashion startups is flourishing those days: 6 of the 10 companies presented in this article closed a round last spring/summer season and the results of their investments are released now. Let’s open the catwalk.

1. Flink, the Flipboard of fashion blogs.

The last born of “fashion inspiration” apps Flink defines itself as the “Flipboard of fashion blogs”. Thomas France and his co-founders developed the idea while working on another e-commerce app, Shopelia: user-feedback got them the idea on focusing on the fashion vertical. Its mobile-first approach and great UX seduced fashion lovers and got them to 50,000 downloads in just a few days. Their next step is to release a new, more social version in two months.

From Flink’s Instagram account

2. Carnet de Mode, crowdfunding meets social shopping.

Carnet de Mode brings together fashion-lovers and young creative talents: the former can participate in the funding of a collection, the latter are able to develop it and get access to their first customers. A real mix between crowdfunding and social shopping which seems to be a good call for fashion – a highly emotional sector that federates its passionnates. Elaia Partners agreed and invested in the startup in May 2013 ($1 million – the first e-commerce platform in Elaia’s portfolio) arguing Carnet de Mode was truly “revolutionizing the online shopping experience”.

3. InstantLuxe, buying luxury online has never been safer.

The fashion luxury marketplace places its expertise in luxury leather goods, watches and accessories. They play the intermediary and ensure a safe transaction between buyers and sellers with no risk of counterfeits. They achieved a €2 millions round of investment in June 2013 with Iris Capital and ISAI (who already invested €650 000 in 2010) which enables them to focus on the German market and mobile commerce.

4. Monshowroom, the first marketplace for on-going collections.

When Séverine Grégoire and Chloé Ramade created Monshowroom.com in 2006, the platform was basically the only way to access current collections online, an opportunity for people living outside of big cities, or simply online-fashion lovers. Today, the platform has become a reference with 270 brands available. Alven Capital and Crédit Agricole Private Equity funds invested in the company in 2009 and Casino bought their share in 2012, in order to create synergies with the e-commerce platform “CDiscount”, as sources say (FR).

Monshowroom’s Instagram

5. Dymant, invite-only eCommerce, the true eLuxury experience.

Dymant changed the e-commerce industry by focusing on the story-telling and esthetical atmosphere experience more than on the products. Quality VS SEO, to put it shortly. The marketplace offers invite-only customers the opportunity to access high-end and exclusive French “artisanat” (craftsmanship). Partech Ventures and IDInvest invested $1 million last year in order to enable the startup to address other geographical markets.

6. Vestiaire Collective, a second-hand luxury marketplace.

Co-founded by Sébastien Fabre and Sophie Hersan, Vestiaire Collective is a marketplace for second-hand luxury fashion products. Created in Paris in 2009, (because, as Sebastien Fabre told us: “In order to launch a fashion marketplace, we had to be in Paris”), they now are developing abroad: London in 2012, Germany and the U.S in 2014. This internationalization follows their series C round with Condé Nast ($15 millions), an interesting choice of partner, motivated by the expertise of the group in online community-based businesses and the U.S market.

Vestiaire Collective has innovated in the marketplace sector by adding a friction in the process – which could be seen as a bad example: in order to ensure a faithful community of customers, Vestiaire Collective has an editorial committee that selects which articles can be sold online, that specialists then check before they arrive in the customer’s hands. A great service that ensures happiness on both sides of the sale. They just opened a “Vintage” and “Lifestyle” section: take a look at it (even you male readers, you represent 15% of Vestiaire Collective’s clientele!)

Vestiaire Collective’s Instagram

7. VideDressing, social shopping for previously owned outfits.

If your wallet is slightly smaller than Chanel and Dior-material, then VideDressing might be the right fit for you. The principle is the same as other social shopping platform: Meryl Job and Renaud Guillerm, co-founders, managed to build a strong a faithful community first, and then monetized it by facilitating trades inside this community. They now claim a 5-times growth factor between 2011 and 2012 and realized two rounds in 2013 in order to penetrate the German market – the last one with Global Founders Capital for $5 Million.

8. Selectionnist, shopping through fashion magazines.

If you have ever been frustrated by not remembering the reference of an outfit you’ve seen in an old edition of Elle Magazine while waiting at the doctor’s, then you’ll love Selectionnist.

Selectionnist, founded by female serial-entrepreneurs Tatiana Jama and Lara Rouyres (Living Social, Dealissime) enables its visitors to search for things spotted by magazine or by brand. The beautifully-built website might also inspire some other shopping wishlists. The website just launched yesterday, time to try it out!

Selectionnist’s Instagram

9. Wheretoget.it, finds the fashion items you lost of sight.

Extreme situation, you have spotted an outfit somewhere, anywhere, and you must have it. But of course, you don’t have the reference. Hopefully, Wheretoget.it is here to help.

The platform (which is French, unlike the URL extension « .it » might indicate) gathers a community of passionate fashion-lovers who are able to spot where you can find your desperately lost article, providing that you have a picture. If not, there is a great chance they will find something similar, or even better. The force of the “multitude” applied to fashion. Rumor is that Romain Moyne, founder, is currently working on a Series A round of investment[fr].

10. Rad, flash sales dedicated to the Cool.

Rad’s value proposition is quite similar to other fashion discovery platforms: the cooler the pictures, the more you want to buy. How did Rad work out so well then? Rad’s particularity holds in its editorial line: it’s just cool, then you can only get it for a small amount of time.

They closed a €2.5 Million Series A round of funding in June 2013, declaring: “We are raising to accelerate our growth — hire key people, build a logistics platform, speed up acquisition through marketing, develop our production capacities”.

Rad’s Instagram

pstadler/flightplan · GitHub

Fri, 14 Feb 2014 06:49:38 -0800

Comments: "pstadler/flightplan · GitHub"

URL: https://github.com/pstadler/flightplan

Flightplan ✈

Run a sequence of commands against local and remote hosts.

Flightplan is a node.js library for streamlining application deployment or systems administration tasks, similar to Python's Fabric.

Installation & Usage

# install the cli tool
$ npm install -g flightplan
# use it in your project
$ npm install flightplan --save-dev
# run a flightplan (`fly --help` for more information)
$ fly <destination> [--plan flightplan.js]

Sample flightplan.js

// flightplan.js
var Flightplan = require('flightplan');
var tmpDir = 'pstadler-sh-' + new Date().getTime();
// configuration
plan.briefing({
 debug: false,
 destinations: {
 'staging': {
 host: 'staging.pstadler.sh',
 username: 'pstadler',
 agent: process.env.SSH_AUTH_SOCK
 },
 'production': [
 {
 host: 'www1.pstadler.sh',
 username: 'pstadler',
 agent: process.env.SSH_AUTH_SOCK
 },
 {
 host: 'www2.pstadler.sh',
 username: 'pstadler',
 agent: process.env.SSH_AUTH_SOCK
 }
 ]
 }
});
// run commands on localhost
plan.domestic(function(local) {
 local.log('Run build');
 local.exec('gulp build');
 local.log('Copy files to remote host');
 var filesToCopy = '(git ls-files -z;find assets/public -type f -print0)';
 local.exec(filesToCopy + '|rsync --files-from - -avz0 --rsh="ssh"'
 + ' ./ pstadler@pstadler.sh:/tmp/' + tmpDir);
});
// run commands on remote hosts (destinations)
plan.international(function(remote) {
 remote.log('Move folder to web root');
 remote.sudo('cp -R /tmp/' + tmpDir + ' ~', { user: 'www' });
 remote.rm('-rf /tmp/' + tmpDir);
 remote.log('Install dependencies');
 remote.sudo('npm --production --silent --prefix ~/'
 + tmpDir + ' install ~/' + tmpDir, { user: 'www' });
 remote.log('Reload application');
 remote.sudo('ln -snf ~/' + tmpDir + ' ~/pstadler-sh', { user: 'www' });
 remote.sudo('pm2 reload pstadler-sh', { user: 'www' });
});
// run more commands on localhost afterwards
plan.domestic(function(local) { /* ... */ });
// ...or on remote hosts
plan.international(function(remote) { /* ... */ });
// executed if flightplan succeeded
plan.success(function() {
});
// executed if flightplan failed
plan.disaster(function() {
});
// always executed after flightplan finished
plan.debriefing(function() {
});

Documentation

Flightplan

A flightplan is a set of subsequent flights to be executed on one or more hosts. The constructor doesn't take any arguments. The configuration is handled with the briefing() method.

var plan = new Flightplan();

Flights

A flight is a set of commands to be executed on one or more hosts. There are two types of flights:

Domestic flights

Commands in domestic flights are executed on the local host.

plan.domestic(function(transport) {
 transport.hostname(); // prints the hostname of the local host
});

International flights

Commands in international flights are executed in parallel against remote hosts defined during the briefing.

plan.international(function(transport) {
 transport.hostname(); // prints the hostname(s) of the remote host(s)
});

You can define multiple flights of each type. They will be executed in the order of their definition. If a previous flight failed, all subsequent flights won't get executed. For more information about what it means for a flight to fail, see the section about Transport.

// executed first
plan.domestic(function(transport) {});
// executed if first flight succeeded
plan.international(function(transport) {});
// executed if second flight succeeded
plan.domestic(function(transport) {});
// ...

flightplan.briefing(config) → this

Configure the flightplan's destinations with briefing(). Without a proper briefing you can't do international flights which require at least one destination. Each destination consists of one ore more hosts.

Values in the hosts section are passed directly to the connect() method of mscdex/ssh2.

plan.briefing({
 destinations: {
 // run with `fly staging`
 'staging': {
 // see: https://github.com/mscdex/ssh2#connection-methods
 host: 'staging.pstadler.sh',
 username: 'pstadler',
 agent: process.env.SSH_AUTH_SOCK
 },
 // run with `fly production`
 'production': [
 {
 host: 'www1.pstadler.sh',
 username: 'pstadler',
 agent: process.env.SSH_AUTH_SOCK
 },
 {
 host: 'www2.pstadler.sh',
 username: 'pstadler',
 agent: process.env.SSH_AUTH_SOCK
 },
 ]
 }
});

You can override the username value of all hosts by calling fly with the -u|--username option:

fly production --username=admin

flightplan.domestic(fn) → this

Calling this method registers a domestic flight. Domestic flights are executed on your local host. When fn gets called a Transport object is passed with the first argument.

plan.domestic(function(local) {
 local.echo('hello from your localhost.');
});

flightplan.international(fn) → this

Calling this method registers an international flight. International flights are executed on the current destination's remote hosts defined with briefing(). When fn gets called a Transport object is passed with the first argument.

plan.international(function(remote) {
 remote.echo('hello from the remote host.');
});

flightplan.success(fn) → this

fn() is called after the flightplan (and therefore all flights) succeeded.

flightplan.disaster(fn) → this

fn() is called after the flightplan was aborted.

flightplan.debriefing(fn)

fn() is called at the very end of the flightplan's execution.

flightplan.isAborted() → Boolean

Whether the flightplan is aborted or not.

flightplan.abort([message])

Calling this method will abort the flightplan and prevent any further flights from being executed. An optional message can be passed which will be displayed after the flightplan has been aborted.

plan.abort('Severe turbulences over the atlantic ocean!');

Transport

A transport is the interface you use during flights. Basically they offer you a set of methods to execute a chain of commands. Depending on the type of flight, this is either a ShellTransport object for domestic flights, or an SSHTransport for international flights. Both transports expose the same set of methods as described in this section.

plan.domestic(function(local) {
 local.echo('ShellTransport.echo() called');
});
plan.domestic(function(remote) {
 remote.echo('SSHTransport.echo() called');
});

We call the Transport object transport in the following section to avoid confusion. However, do yourself a favor and use local for domestic, and remote for international flights.

transport.exec(command[, options]) → code: int, stdout: String, stderr: String

To execute a command you have the choice between using exec() or one of the handy wrappers for often used commands: transport.exec('ls -al') is the same as transport.ls('-al'). If a command returns a non-zero exit code, the flightplan will be aborted and all subsequent commands and flights won't get executed.

Options

Options can be passed as a second argument. If failsafe: true is passed, the command is allowed to fail (i.e. exiting with a non-zero exit code), whereas silent: true will simply suppress its output.

// output of `ls -al` is suppressed
transport.ls('-al', {silent: true});
// flightplan continues even if command fails with exit code `1`
transport.ls('-al foo', {failsafe: true}); // ls: foo: No such file or directory
// both options together
transport.ls('-al foo', {silent: true, failsafe: true});

To apply these options to multiple commands check out the docs of transport.silent() and transport.failsafe().

Return value

Each command returns an object containing code, stdout andstderr:

var retval = transport.echo('Hello world');
console.log(retval); // { code: 0, stdout: 'Hello world\n', stderr: null }

transport.sudo(command[, options]) → code: int, stdout: String, stderr: String

Execute a command as another user with sudo(). It has the same signature as exec(). Per default, the user under which the command will be executed is "root". This can be changed by passing user: "name" with the second argument:

// will run: sudo -u root -i bash -c 'Hello world'
transport.sudo('echo Hello world');
// will run sudo -u www -i bash -c 'Hello world'
transport.sudo('echo Hello world', {user: 'www'});
// further options passed (see `exec()`)
transport.sudo('echo Hello world', {user: 'www', silent: true, failsafe: true});

transport.log(message)

Print a message to stdout. Flightplan takes care that the message is formatted correctly within the current context.

transport.log('Copying files to remote host');

transport.silent()

When calling silent() all subsequent commands are executed without printing their output to stdout until verbose() is called.

transport.ls(); // output will be printed to stdout
transport.silent();
transport.ls(); // output won't be printed to stdout

transport.verbose()

Calling verbose() reverts the behavior introduced with silent(). Output of commands will be printed to

transport.silent();
transport.ls(); // output won't be printed to stdout
transport.verbose();
transport.ls(); // output will be printed to stdout

transport.failsafe()

When calling failsafe(), all subsequent commands are allowed to fail until unsafe() is called. In other words, the flight will continue even if the return code of the command is not 0. This is helpful if either you expect a command to fail or their nature is to return a non-zero exit code.

transport.failsafe();
transport.ls('foo'); // ls: foo: No such file or directory
remote.log('Previous command failed, but flight was not aborted');

transport.unsafe()

Calling unsafe() reverts the behavior introduced with failsafe(). The flight will be aborted if a subsequent command fails (i.e. returns a non-zero exit code). This is the default behavior.

remote.failsafe();
remote.ls('foo'); // ls: foo: No such file or directory
remote.log('Previous command failed, but flight was not aborted');
remote.unsafe();
remote.ls('foo'); // ls: foo: No such file or directory
// flight aborted

transport.debug(message)

Print a debug message to stdout. Flightplan takes care that the message is formatted correctly within the current context.

remote.debug('Copying files to remote host');

transport.abort([message])

Manually abort the current flight and prevent any further commands and flights from being executed. An optional message can be passed which is displayed after the flight has been aborted.

remote.abort('Severe turbulences over the atlantic ocean!');

What's planned?

Add possibility to define a sudoUser per host with briefing().
Add a simple interface for file transport to remote hosts (e.g. rsync).
Tests will be implemented with upcoming releases. A part of this will be driven by bug reports.

Schneier on Security: The Insecurity of Secret IT Systems

Fri, 14 Feb 2014 06:50:38 -0800

Comments: "Schneier on Security: The Insecurity of Secret IT Systems"

URL: https://www.schneier.com/blog/archives/2014/02/the_insecurity_2.html

A blog covering security and security technology.

« GOPHERSET: NSA Exploit of the Day | Main | My Talk on the NSA »

February 14, 2014

The Insecurity of Secret IT Systems

We now know a lot about the security of the Rapiscan 522 B x-ray system used to scan carry-on baggage in airports worldwide. Billy Rios, director of threat intelligence at Qualys, got himself one and analyzed it. And he presented his results at the Kaspersky Security Analyst Summit this week.

It’s worse than you might have expected:

It runs on the outdated Windows 98 operating system, stores user credentials in plain text, and includes a feature called Threat Image Projection used to train screeners by injecting .bmp images of contraband, such as a gun or knife, into a passenger carry-on in order to test the screener's reaction during training sessions. The weak logins could allow a bad guy to project phony images on the X-ray display.

While this is all surprising, it shouldn’t be. These are the same sort of problems we saw in proprietary electronic voting machines, or computerized medical equipment, or computers in automobiles. Basically, whenever an IT system is designed and used in secret – either actual secret or simply away from public scrutiny – the results are pretty awful.

I used to decry secret security systems as "security by obscurity." I now say it more strongly: "obscurity means insecurity."

Security is a process. For software, that process is iterative. It involves defenders trying to build a secure system, attackers -- criminals, hackers, and researchers -- defeating the security, and defenders improving their system. This is how all mass-market software improves its security. It’s the best system we have. And for systems that are kept out of the hands of the public, that process stalls. The result looks like the Rapiscan 522 B x-ray system.

Smart security engineers open their systems to public scrutiny, because that’s how they improve. The truly awful engineers will not only hide their bad designs behind secrecy, but try to belittle any negative security results. Get ready for Rapiscan to claim that the researchers had old software, and the new software has fixed all these problems. Or that they’re only theoretical. Or that the researchers themselves are the problem. We’ve seen it all before.

Tags: air travel, disclosure, economics of security, obscurity, secrecy, security engineering

Posted on February 14, 2014 at 6:50 AM • 28 Comments

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

In Europe they use quantum key cryptography in their voting systems:

http://www.idquantique.com/news-and-events/...

In Europe, the struggle to create a public realm out of the monarchy's private government extends back to populist movements in the Middle Ages such as the Ranters and Diggers and Bretheren of the Free Spirit; they seem more likely to view their government as something that really belongs to them, with the potential to work for them.

In the United States, our struggle to create a public government really begins with the 14th Amendment. Between then and the civil rights era is when we obtained universal suffrage. The franchise was highly exclusive in the Revolutionary era -- so much so that "WE, the People" probably only represents the will of 5-7% of the population at the time. Since then, the conservative battle cry has been "smaller government" and "privatization." Notwithstanding that we had private government once before -- when we were owned by the Britain -- we have this myth of obtaining self rule by fighting tyranny, when, in fact, the road to self rule has been a much more complicated struggle. But the myth prevails over history.

The 522B is ancient - at least 5-10 years old. http://aerodetection.com/rapiscan-522b/ says the units it has are 8-10 years old.

I'd be much more interested in the Rapiscan 620DV which appears to be the model used at major airports in Europe.

I still remember the first time I ran smack into security-by-obscurity. My boss at the time put me in charge of the most secure system we had at work. It was kept behind a heavy locked door and I was admitted only after a strong lecture on how important it was to keep it as secure as possible.

Even behind a closed door, he felt it necessary to whisper: "and the password is 'secret', which of course we can't tell anybody and they would never guess..."

The idea of continual improvement driven by the hostile nature of the operating environment seems very similar to evolution in the natural world. I don't mean analagous to, I mean another form of evolution, survival of the fittest. Obscurity, obfuscation, and political lobbying are all attempts to exclude a product from the security evolutionary process but even at the very highest levels - government printed currency, NSA information - it is impossible to isolate anything from security evolutionary forces.
It is better to embrace this process and to continually iteratively evolve and grow stronger and wiser during the process than to try and hold the driving forces of evolution at bay. The driving threat forces of security evolution themselves evolve, adapt and get stronger over time. You can hold them at bay temporarily through obscurity and obfuscation, but it then become only a matter of for how long? e.g. Sony Playstation 3
The Playstation 3 is an interesting example in that it was finally cracked due to sloppy cryptography implementation ( what was meant to be a random number generator was implemented as a constant ). I say interesting because peer / open review would have exposed the obvious flaw and it would have been fixed. In this case it was the obscurity and obfuscation that ultimately was responsible for the security being broken.
https://www.schneier.com/blog/archives/2011/01/sony_ps3_securi.html

OK, so if Kaspersky or Symantec or TrendMicro or Norton doesn't hand over all their source code I shouldn't buy the product... right?

OK, go ahead and post all your passwords and SSN's and your credit card info.

@beatty Well ... yes, although not just because you don't have source code. Virus scanners typically only search for known exploit code (and perhaps a few variations on it). They're fundamentally reactive and in my view not worth the effort.

@vincent You jest. The difference between secret paswords and secret algorithms has been explained to death already.

@vincent: not really. That is yours, your privacy for your own usage/protection, but when somebody offer for public usage some kind of security product, it should be available for public scrutiny on potential security threats/weaknesses and invasion of privacy (like recently Samsung on smart TV agreed to provide led indicator when camera is on. I hope that activation is hardware, not software).

The meta-problem here is that many (in my experience most) software "engineers" are incompetent and do not qualify as engineers. The result is that the typical software system sucks badly.

This machine is just a standard example. However though Windows (no matter what version) was suitable as an embedded OS has no business working on software or surrounding systems.

@beatty -- you shouldn't buy their products if you don't trust them. I don't and the systems my family uses haven't had an problems. But they don't hide what they're doing and they have some pretty vigorous competition.

@vincent -- I hope you don't think there is anything especially "secure" about your SSN. But hiding secret information used to access a system is different than hiding or obscuring information about the the system itself, which is what this post is about.

No, this just another cherry-picked instance of failed product development that is being used for self-serving purposes. It's easy, isn't it, to swoop in after the fact and point out everything that went wrong. Do you even know what the original threat model was? For all you know this failure was the RESULT of anal security engineers that suffocated product development until the project collapsed. You don't know. You pick up on all this pop news junk and fling it anyway you want.

Oh, it gets better. I keep thinking that if you control the software, you can probably control where the X-Ray beam is at. And observe that TSA agents walk back and forth through the scanner all the time.

So you keep it ON bouncing back and forth scanning at roughly chest level when not actually scanning the full body. When you see something metallic (say, a TSA badge), you immediately drop the emitter down to crotch level for the next 10 seconds...

"For all you know this failure was the RESULT of anal security engineers"

Win98 and plaintext passwords are not the result of anal security engineers. Unless, of course you mean actual anal security engineers, in which case it is not surprising, as they only know stuff about how to use a variety of rubber corks.

I somewhat disagree that engineers try to hide their bad designs through obscurity. I don't believe they even think about security.

There seems to be this idea of "Well, why would anyone attack that?" that is prevalent far too often. It's why we have empty passwords on internet-facing SCADA stuff, hopelessly outdated operating systems that can't be updated on embedded systems, etc. Nobody thinks like attackers. Closed systems are perfectly acceptable to people who don't think they will ever be a target.

It would be like me inventing my own door lock, and because no one has seen one before, I can assume I'm protected. (Of course this could also be said - Since no one has attempted to break into it yet, I hope I'm protected)

Rather than the alternative

Buying a door lock that has been proven in the real world. Paying attention to security bulletins so that if an exploit is found, I can replace it with a fixed version.

@vincent - Either way, I'm not giving you my key.

@Jason. All you said is valid when you are random target making you more protected than next target in the phishing scheme. Just to bring some relax mood: "Two young ladies were in the jungle and spotted lion. One start running, another asked is she really could run faster than lion. Nope, she reply. Just faster than you..." If you are NOT random target, all depends on the actor's resources available to break your security (psychical or informational): local thugs, organized crime, LEA local or state, LEA federal, foreign agents, etc.

@vas pup:

Well, now we're just getting deeper into security concepts. I don't think the threat of a targeted attack is a reason to abandon tried and tested methods. I think it's a reason to bring in additional expertise, add some additional layers of protection. (Instead of just a good door lock, add a surveillance system, alarm system, maybe a stronger door, bars on windows). The security system you use, no matter what you're protecting has a cost that must be weighed against the risk, and to be effective almost certainly will be layered.

@ Bruce,

The truly awful engineers will not only hide their bad designs behind secrecy, but try to belittle any negative security results

That statment is a little unfair, because when it comes to hardware the closer you are to the metal, generaly the more competent you are as an "engineer".

The problem generaly starts and ends with managment, because,

1, Like quality, security has to be there fully functional from project day 0.

2, Security processes, training etc "cost".

You have to be an "old engineer" to remember the days befor quality processes were considered part and parcel of the job. And unfortunatly the area quality processes are least frequently found is "software engineering". Just take any modern software methodology and find the bits that are actually about "Quality Assurance"...

The simple answer is all you will find is an illusion or mirage paying lip service to any real quality process. It's also the reason grizzled old vetrans of software coding will tell you that most software development methodologies are at best "make work" and that you will get better results where team members share a common non adveserial goal and thus trust each other.

And when you look back at the development of QA systems it was the teams who bought into it and trusted the others that the most benifit was seen.

The reason QA actually got going was two fold,

1, Managment saw the financial benifit before the factory door.

2, Those who saw benifit used QA as a part of purchase decision.

Neither of these conditions is true currently for "security" thus managment treat it as "a non productive inefficiency" and thus "managment mantra" says it should be ruthlessly expunged from the work process "to increase productivity"

The way to get security into the design process as a norm is by making having it the most profitable path to walk, that way as with QA "managment mantra" will change.

Untill that time blaiming other people for "keeping their jobs" is a little unfair.

I think the article is dead wrong about the threat projection system being a big issue.

The purpose of this system is to keep the screener alert. In a normal airport, a contraband item like a bomb, gun, etc. might occur at most once a day. Rare contraband like a bomb is probably less than once in a lifetime. Hence it would be natural for a screener to simply 'pass' all luggage, even if they are being diligent. Adding these "false positives" gives the screener something to do, and increases security by "impedence matching" the task at hand to the psychology of the operator.

It's true that an attacker could have the system inject innocuous items, or perhaps have it inject items at a very high rate. I suspect that either of these new behaviors would be quickly noticed.

Actually, in any airport, contraband like this would occur at most 24hrs/airport-lockdown-time per day.

Looks like I was wrong. The other article gives more details about the system, and it is pretty crappy.

It's one thing to superimpose false images that are removed after alarming on them. It's another entirely to allow some other person to choose the time when the false image will be shown, and to replace rather than modify the image.

Hacking is illegal. Selling crappy secured soft- / hardware isn't (wearing my black and white glasses now).

"Upon seeing a weapon on the screen, operators are supposed to push a button to notify supervisors of the find. But if the image is a fake one that was superimposed, a message appears onscreen telling them so and advising them to search the bag anyway to be sure. If a fake image of a clean bag is superimposed on screen instead, the operator would never press the button, and therefore never be instructed to hand-search the bag."

If the training software assumes that the .bmp images have simulated contraband, one would think that the training software would do something if the operator doesn't press the button when a .bmp is displayed. Or does the attacker who introduces a "clean" .bmp file also modify the software?

Thank you, Bruce... "Obscurity means insecurity" is exactly what I've always meant, when I said "closed source by definition is insecure".... only open source can be secure (which doesn't guarantee that it is, only that it's at least possible).

What really worries me is that we haven't really learned a lot.

The 1983 movie wargames could happen today. Maybe not in the US (although I doubt that), but there are more countries in the world. The problem with security by obscurity is that you just don't know whether there is a WOPR that has a backdoor with the login "Joshua".

How secure are these nucleair platform systems? Just look at the stoxnet virus. Is "the west" capable of protecting itself against this kind of things? I don't think so. (looking at this news item)

And is the JSF/F-35 capable of dropping a nuke? It also contains 20 mln lines of C++ code.

I think this is way more worrying than any "terrorist attack".

I don't know. Maybe it's just BS that I am talking about. I am not a security expert. But I do know that you can't trust computers. Not yesterday, today or tomorrow.

Bruce,

Saw you at SAS, thanks for speaking!

Did you notice on the way out that all the machines in the Punta Cana airport were the make and model Billy and Terry evaluated?

Mike

Your comment about engineers (smart vs awful) was unfortunate. Well-established companies such as Diebold produce software with a workforce that is salaried and university-educated. The software produced usually conforms to management's priorities. If QA isn't isn't part of the software process, the software produced will tell the tale. The company with good management and a weak engineering staff is a rare beast. Unicorn rare. If Diebold has crappy software, then Diebold is to blame, not some mythical bumbler.

To say nothing of the procurement process.

True of Diebold and Rapiscan!

Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..

Untitled

Fri, 14 Feb 2014 07:48:17 -0800

Comments: "scribd"

URL: http://www.scribd.com/vacuum?url=http://msnbcmedia.msn.com/i/MSNBC/Sections/NEWS/nsa-snowden.pdf

There was a problem sending you an sms. Check your phone number or try again later.

To get Scribd mobile enter your number and we'll send you a link to the Scribd app for iPhone & Android.

We've sent a link to the Scribd app. If you didn't receive it, try again.

doo | Every ending holds a new beginning

Fri, 14 Feb 2014 08:30:18 -0800

Comments: " doo | Every ending holds a new beginning "

URL: https://doo.net/story.html

Every ending holds a new beginning

It is with a heavy heart we have to announce that “doo – the document app” will be shutting down on Monday, March 17, 2014.

We founded this company in June 2011 to change the way people organize and work with documents. These were our hypotheses.

We believed the time had come to shift from “folder-based” to “tag-based” organization of documents.
We believed the increasing number of digital documents and document sources poses a big problem to many people.
And we believed people are struggling to access all these documents and document sources from their (mobile) devices and to keep them “in sync”.

Well, maybe we’re still too attached to our “baby”, but we actually still believe in these hypotheses. Anyway, here are the facts.

We launched the first doo app for Windows 8 in October, 2012 – right on time for the Windows 8 launch. The app gave us a tough time – also in subsequent months – since it was really hard to do what we do on this platform.
In parallel we got our data intelligence team up and running and started to build advanced data intelligence technology for documents including image pre-processing, OCR and auto-tagging based on a combination of machine learning- and several other algorithms.
Then, in February, 2013 we launched doo for OS X. Apple featured the app as “editor’s choice” on the Mac App Store. All major tech blogs covered us. doo for OS X soon became top downloaded app #1 globally and in more than 50 markets including US, UK, and Germany. But after a lot of initial downloads, we soon saw a significant drop in our download and user activity figures. “Well, the app is not feature complete, performance needs to be optimized either and we don’t have the mobile apps yet to make our case regarding sync. It’s OK”, we thought and moved on.
In March, 2013 we received the Innovate 4 Society award sponsored by Microsoft. The award was presented by Chancellor Dr. Angela Merkel to our CEO, Frank, at the CeBIT.
Next, we launched our Android app in April and iOS app in August, 2013. Now, we had our mobile apps including mobile scanning. The Android user base displayed steady growth and user activity; plus, we received a lot of positive user ratings on Play and were selected as a TopApp by Deutsche Telekom. However, we couldn’t get enough visibility on Play to accelerate our growth.
The iOS app, in contrast, received a lot of attention. It even became one of the “Best Apps 2013” on the iTunes Store later this year. And again, same experience as doo for OS X.
We were very happy to see a world class company like Evernote feature our app.
In October 2013 we finally launched a beta version of our Windows Desktop app; and the RC in January 2014.

After launching all these apps, delivering our core feature set and continuously improving on performance and stability, we still couldn’t generate the necessary growth and user activity. We had to face it. Either our hypotheses were wrong or we didn’t get the product right to address the problem. We simply do not seem to address the needs of a large enough audience.

Thus, as of Monday, March 17, 2014 at 4pm CET the doo servers will be shut down and the User License agreement for the use of doo is terminated with effect as of this date. The doo apps for OS X and Windows will continue to work locally, but the apps for Android, iOS as well as all features related to our server such as synchronisation among devices, connecting and synchronizing with cloud services, or online login to the doo user accounts will no longer work.

All user data and files on doo servers will be completely and irrevocably deleted. All data in your local apps will, of course, not be affected. Have a look at our user guide and FAQ for more detailed information regarding the shut down.

So what’s next?

Even though we’ve been chasing the wrong rabbit, we have built outstanding cloud storage, sync and search technologies. Plus, we have great investors, who believe in our team. So there is only one option: we have already started working on new products based on what we’ve learned … we’ll keep you posted!

Thanks a lot for all your feedback, encouragement and support! And don’t hesitate to reach out with any thoughts or questions. Email us at hello@doo.net or tweet @doo.

BBC News - Linking to free web content is legal, says EU Court

Fri, 14 Feb 2014 08:30:18 -0800

Comments: "BBC News - Linking to free web content is legal, says EU Court"

URL: http://www.bbc.co.uk/news/technology-26187730

14 February 2014 Last updated at 09:50 ET

Websites can link to freely available content without the permission of the copyright holder, the European Court of Justice says.

The court's decision came after a dispute in Sweden between journalists and a web company that had posted links on its site to online news articles.

A Swedish court had asked the EU court to consider whether this broke copyright law.

The "position would be different" for links that bypass a paywall.

The journalists worked for the Swedish newspaper Goteborgs-Posten and had articles published on the paper's website.

The company Retriever Sverige runs a website that provides links to articles published by other websites.

Broken the internet

The journalists argued in the original case that users of Retriever Sverige's website would not know that they had been sent to another website by clicking on the links and therefore had made their articles available without authorisation. They said that because of this they were due compensation.

The case was unsuccessful in the Swedish courts but there was an appeal and the appeal court asked the EU Court of Justice to consider whether copyright law had been broken.

The court had to consider whether by providing links Retriever Sverige had taken part in an "act of communication to the public". Under EU copyright law, authors have the exclusive right to authorise or prohibit any communication to the public of their works.

The court ruled that the law had not been broken because the articles in question were on Goteborgs-Posten's website and therefore already "freely available".

In a statement it said: "The owner of a website may, without the authorisation of the copyright holders, redirect internet users, via hyperlinks, to protected works available on a freely accessible basis on another site."

But they ruled that the "position would be different" if a link led users to material that had purposely been restricted from being freely available - for example if it had been posted on a site that operates a paywall.

"If the decision had gone the other way it would have broken the internet," said Susan Hall, technology lawyer at Clarke Willmott.

"The way we communicate online is predicated on sharing material, whether that's links to Robert Peston on Bank of England interest rates, decisions of the European court or pictures of otters who look like Benedict Cumberbatch," she said.

Goteborgs-Posten told the BBC that it was making no comment on the ruling.

Pandora Knows if You Are a Republican - WSJ.com

Fri, 14 Feb 2014 08:30:18 -0800

Comments: "Pandora Knows if You Are a Republican - WSJ.com"

URL: http://online.wsj.com/news/article_email/SB10001424052702304315004579381393567130078-lMyQjAxMTA0MDEwMzExNDMyWj

Feb. 13, 2014 7:32 p.m. ET

Next time you listen to a Bob Marley channel on Pandora Media Inc., P -0.19% Pandora Media Inc. U.S.: NYSE $36.09 -0.07 -0.19% Feb. 14, 2014 2:59 pm Volume (Delayed 15m) : 4.85M P/E Ratio N/A Market Cap $7.02 Billion Dividend Yield N/A Rev. per Employee $862,018 02/13/14 Pandora Knows if You Are a Rep... 02/06/14 Stocks to Watch: Green Mountai... 02/05/14 Pandora Outlook Disappoints Bu... More quote details and news » P in Your Value Your Change Short position the Internet radio service may peg you as likely to vote for a Democrat.

The Oakland, Calif., company plans to roll out a new advertising service next week that would enable candidates and political organizations to target the majority of its 73 million active monthly Pandora listeners based on its sense of their political leanings.

How can it do this? The company matches election results with subscribers' musical preferences by ZIP Code. Then, it labels individual users based on their musical tastes and whether those artists are more frequently listened to in Democratic or Republican areas. Users don't divulge their political affiliations when they sign up for Pandora. (Take a quiz to see what your playlist says about you.)

Pandora's effort to pinpoint voter preferences highlights how digital media companies are finding new ways to tap information that users share freely to target advertising. These go beyond the traditional tracking of Web-browsing habits. Pandora, locked in a battle for advertising revenue with Internet radio services such as Spotify, sees political advertising as a way to boost revenue.

Facebook Inc. FB +0.12% Facebook Inc. Cl A U.S.: Nasdaq $67.41 +0.08 +0.12% Feb. 14, 2014 2:59 pm Volume (Delayed 15m) : 29.02M P/E Ratio 110.59 Market Cap $171.67 Billion Dividend Yield N/A Rev. per Employee $1,242,230 02/14/14 Top 50 Cities for Singles Look... 02/13/14 Facebook Adds New Options for ... 02/12/14 New Apps Whisper and Secret Ca... More quote details and news » FB in Your Value Your Change Short position is considered the pioneer in compiling information that users share to create demographic profiles for online advertisers. During the 2008 election, Facebook began allowing political firms to target users by mining clues to their interests and their location.

Before the 2011 Iowa Straw Poll, for example, Rep. Michele Bachmann (R., Minn.) advertised to Facebook users who had identified themselves as Tea Party supporters or Christian rock fans, or who had posted messages in favor of tax cuts.

"Targeting users is basically the currency in data right now," says Jack Krawczyk, Pandora's director of product management. He says companies like Pandora and Facebook, which know users' names, and can track their media consumption or stated preferences across computers, tablets and phones, have an advantage over companies relying on Web browsing cookies.

In November, Pandora allowed advertisers to target users who listened to salsa, or Spanish-language music and live in ZIP Codes with many Hispanic residents. It plans to tease out more demographic groups in coming months. "We can infer parenting," Mr. Krawczyk said. "If you're registered as a female in your thirties and have a children's music station."

Users of Pandora's free service cannot opt out of politically targeted ads, though they can opt out of cookie-based ads on Pandora's website. Pandora offers an ad-free premium service for $3.99 a month.

Pandora's inferences start with a user's ZIP Code, supplied at registration. Pandora then reviews election results for that county, Mr. Krawczyk said. So if 80% of citizens in a certain county voted for President Obama in 2012, Pandora assumes that 80% of people in the ZIP Codes in that county "lean Democrat." If the county voted twice for Obama, the algorithm pegs users in those ZIP Codes as likely to be "strong Democrats."

Pandora has allowed political advertisers to target users based on their ZIP Code since 2011. Now, it is adding information about users' musical tastes and other attributes in the hope of creating a more valuable profile.

Do political leanings correlate with music preferences? Mr. Krawczyk said he believes Pandora's predictions are between 75% and 80% accurate, but the "true test" will be how the ads perform. Pandora uses county election results in assembling its profiles because it has found they are better predictors than more-local results, such as from a voting precinct.

Of course, some of the analysis seems simplistic. Pandora users who listen to country music more often live in Republican areas, while fans of jazz, reggae and electronic music are more commonly found in counties favoring Democrats, the company said. R&B listeners lean slightly to Democrats and Gospel and New Age listeners lean slightly to Republicans, Pandora said. Classic rockers like Bruce Springsteen and Hip Hop artists are harder to classify; they count fans in both parties.

Generally, the preferences are distinct enough to appeal to advertisers. "There are very few places where people listen to a combination of country music and jazz," Mr. Krawczyk said.

Pandora has signed up two political-advertising firms, Precision Network and Bully Pulpit Interactive, which ran digital media for Sen. Elizabeth Warren's (D., Mass.) campaign and for New York City Mayor Bill de Blasio.

Bully Pulpit President Andrew Bleeker said the firm is looking to Pandora to "help us tailor the right message to the right audience."

Mr. Krawczyk said Pandora is planning to offer data about income into a targeted advertising formula, based on the average income in a user's ZIP Code. He says that people within higher-income brackets have more eclectic musical tastes than others.

IP Address Details - ipinfo.io

Fri, 14 Feb 2014 08:30:18 -0800

Comments: "IP Address Details - ipinfo.io"

solo.im - a single founder peer group

Fri, 14 Feb 2014 08:39:18 -0800

Comments: "solo.im - a single founder peer group"

How I want to write node: stream all the things!

Fri, 14 Feb 2014 08:45:18 -0800

Comments: "How I want to write node: stream all the things!"

URL: http://caolanmcmahon.com/posts/how_i_want_to_write_node_stream_all_the_things_new/

I wrote the async library back when Node first removed Promises from core (yes, that really was the case). Back then, I preferred to do with plain callbacks what was usually done by including third-party Promise, Future or Continuable libraries instead.

I find a certain elegance in describing complex patterns using simple parts, particularly when the parts are made composable through a common interface. In Node, and JavaScript in general, you're likely to use a combination of Promises, callbacks, Streams, Event Emitters and even ES6 Generators. To me, however, these all represent values in the future. What if we could reduce entire programs to transformations over a Stream, and have just one API to rule them all?

Well, here is my proposal, for your consideration and feedback:
Highland, a high-level streams library

var _ = require('highland');
var doubled = _([1, 2, 3, 4]).map(function (x) {
 return x * 2;
});
var data = filenames.map(readFile).parallel(4);
data.errors(function (err, rethrow) {
 
});
data.pipe(output);
var output = fs.createWriteStream('output');
var docs = db.createReadStream();
_(docs).filter(isBlogpost).pipe(output);
docs.pipe(_().filter(isBlogpost)).pipe(output);
var clicks = _('click', btn).map(1);
var counter = clicks.scan(0, _.add);
counter.each(function (n) {
 $('#count').text(n);
});

This is not a new idea, but I believe it is a new combination of features, which is important. Those of you that work with Streams in Node may be aware of the excellent modules by Dominic Tarr, similarly if you're from the browser you might use FRP libraries such as RxJS. These are all great, but they hint at a deeper abstraction, one which would allow us to write entire programs using Streams. In an attempt to achieve this, Highland implements:

Back-pressure support - Data sources are regulated so that slow consumers are not overwhelmed
Laziness - So we can use the reading of Streams to sequence the execution of code - this means we can choose to read from files in parallel or series, or stop reading after an error, for example
Asynchronous operations - So we're able to handle async data sources and async transformations
Error and data channels - So we can manage error propagation from sync and async code
Compatible with Node Streams - So we can pipe Node Streams to and from Highland Streams and play nicely with the Node ecosystem

If you find this idea intriguing and want to explore it further, then check out the Highland website. I'd love to hear your experiences.

Highland on GitHub

Useful Learning Resources For Web Designers | Smashing Magazine

Fri, 14 Feb 2014 08:47:18 -0800

Comments: "Useful Learning Resources For Web Designers | Smashing Magazine"

URL: http://www.smashingmagazine.com/2014/02/14/learning-resources-roundup/

Fortunately, learning is not limited to only a small minority of people anymore; it is not even limited to visiting a school or a university. The Internet makes it possible for us to distribute knowledge at a small price, and is full of resources to expand everyone’s knowledge on an enormous variety of topics.

Since learning is a lifelong task that doesn’t stop after pursuing a certain academic certificate, this round-up is not only dedicated to beginners. It’s for everyone who wants to become an expert in a certain field or is simply curious about the Web and the latest tools and techniques around them.

We hope that this round-up will bring you closer with many of the valuable resources that are available out there. Some are completely free while others can be obtained through quite affordable memberships. You may also be surprised to find that your local college or university is also publishing free classes and courses on all sorts of topics you can think of — make sure to keep an eye open!

Here are the topics of learning resources we’ll cover today:

Coding

Code Avengers
Code Avengers’ courses are a fun way for students to learn computer programming and Web design. Participating in interactive coding challenges, bug hunts and robot missions takes the pain out of learning JavaScript, HTML5 and CSS3. The lessons are designed for students of all ages.

Coderwall
Thousands of developers share their achievements and current projects on Coderwall. Connect with them, share your own pro tips, and get feedback. Learning new programming languages, tools and technologies has a playful twist and is far from boring. Discover how others are solving their challenges, and gain badges for every completed project.

The Starter League (formerly Code Academy)
Trying to build Web apps without the necessary support and guidance can be painful. The Starter League provides you with expert instruction and mentorship. They also paired up with 37signals (creator of Basecamp and Campfire) to provide hands-on knowledge on building successful Web apps.

Pluralsight
Pluralsight was created by a group of developers with the goal of providing the highest quality training possible — for developers, by developers. The library is huge, with courses on nearly every topic you could ask for.

TekPub
TekPub was created with the goal of educating developers. The mini-casts topics range from JavaScript to Ruby on Rails, with more in-depth tutorials available. (Note: Tekpub has been acquired by Pluralsight; old videos can be accessed via Pluralsight).

PeepCode
PeepCode offers high-quality one-hour screencasts on development resources. Learning the most important techniques is quick and easy with these tutorials. (Note: Peepcode has been acquired by Pluralsight; old videos can be accessed via Pluralsight).

Hacker Rank
On Hacker Rank, coders compete to beat high scores by solving little challenges accross the whole science universe, including areas like algorithmy, code gold or artificial intelligence. How do you match up against others when coding a bot to win at tic-tac-toe?

Mozilla Webmaker
Mozilla Webmaker wants to help you move from merely using the Web to making something amazing with it. It has new tools for you to use, projects to help you get started, and a global community of creators — educators, filmmakers, journalists, developers, youth — all making and learning together.

Google Developers University Consortium
The Google Developers University Consortium features courses on mobile and Web development. You will find many usful resources, especially if you’re working with Android and Google Maps.

Android Training
On Android Training, you will find a collection of classes to help you build Android apps. The classes explain the steps to take in order to solve a problem or implement a feature, using code snippets and sample code.

Programr
Programr is an online lab for students and enthusiasts who want to learn programming. The platform’s goal is to give you the skills you need in order to write sophisticated programs. Test your coding skills by mastering assignments, build your own app right in the browser, and check out contributions by other users. You can even show off your know-how in programming contests. It supports coding languages for console, Web and mobile.

Learn Code the Hard Way
“Less talk, more code” is the credo of Learn Code the Hard Way. Students start by getting code to work; learning the theory comes second. The website focuses on practice by featuring exercises and rote repetition, which will help you gain confidence in whatever you want to do.

Dash
Dash teaches HTML, CSS, and Javascript through fun projects you can do in your browser.

Hack Design
Hack Design is an easy-to-follow design course. You can simply receive a design lesson in your inbox each week, which is hand crafted by a design pro. A great resource if you love learning at your own pace. No fake projects.

Code School
Code School teaches Web technologies in the comfort of your browser with video lessons, coding challenges, and screencasts.

Codecademy
At Codeacademy, you can build your own projects and learn how to create interactive websites, games, and apps. You can also join groups to code with your friends and show off your progress with points and badges.

Codewars
At Codewars you can challenge yourself on kata, created by the community to strengthen different skills. Kata are ranked to approximate difficulty. As you complete higher ranked kata, you progress through the ranks so Codewars can match you with relevant challenges.

LearnStreet
LearnStreet makes learning to code easy for anyone. Whether you would like to start off with JavaScript, Ruby or Python, the platform has got you covered. Build your skill base in the interactive courses, and use it in fun little projects.

PHP Academy
PHP Academy provides free tutorials on PHP and other Web development topics, including MySQL, JavaScript (including jQuery) and CSS. There are free video tutorials, optional premium membership and a forum to ask for help.

PLAYterm
PLAYterm is a platform where CLI users share their skills and inspire others. It can replay your terminal sessions online, and it provides embed codes that you can put on your website. Share your knowledge and help others improve their skills.

The New Boston
With his project, The New Boston, Bucky Roberts makes high-quality education available for everybody. His YouTube channel features a lot of computer-related tutorials on topics such as Java, C++, After Effects or Phyton.

gotoAndLearn
gotoAndLearn is a free video tutorial resource for Flash, Game development and HTML5 by game developer evangelist Lee Brimelow.

repl.it
On repl.it, you can explore more than 15 programming languages in your browser — even on the go with your phone or tablet. Just type an expression into the console and wait for the results. The Web application also lets you save your session and share it with others.

The Pragmatic Bookshelf
The Pragmatic Bookshelf’s mission is to improve the lifes of developers by offering text books, audio books and videos for training. The content is produced by programmers for programmers, addressing relevant cutting-edge topics.

HTML and CSS

30 Days to Learn HTML and CSS
Do you want to learn HTML and CSS but don’t know where to start? 30 Days to Learn HTML and CSS is a free course consisting of one video daily for 30 days. All you have to do is spend 10 minutes a day on a new topic. By the end, you’ll have the necessary building blocks to code an entire website.

A Beginner’s Guide to HTML & CSS
This simple and comprehensive guide will help novices take their first steps in HTML and CSS. Outlining the fundamentals, it teaches you all of the common elements of front-end design and development.

Don’t Fear the Internet
For those who don’t want to learn to code, this website provides a brief introduction to WordPress, CSS and HTML, even throwing in some PHP trickery. Jessica Hische and Russ Maschmeyer have prepared short chunks of technical information in concise videos.

JavaScript

Backbone Screencasts
If you’re learning Backbone.js, these screencast will be very useful. The extensive live coding sessions will walk you through, from the beginning to more advanced stuff like using Backbone.js with Ruby on Rails.

appendTo
JavaScript and jQuery skills are becoming more and more sought after. By offering a number of lessons, appendTo helps you develop those skills. Signing up isn’t even necessary; just watch the free screencasts (each around 10 minutes long), and start building your foundation of JavaScript and jQuery knowledge.

JavaScript Garden
JavaScript Garden is a growing collection of documentation about the most quirky parts of JavaScript. It offers advice on avoiding common mistakes and subtle bugs, and it lays out performance issues and bad practices that JavaScript programmers might run into on their journey to the depths of the language. The resource is dedicated to professional developers, rather than beginners, and it requires some basic knowledge of the language.

NodeSchool
NodeSchool offers interactive lessons for Node.js, including core concepts and electives. There is also a list of free/affordable in-person NodeSchool events around the world which are .

Eloquent JavaScript: A Modern Introduction to Programming
The book “Eloquent JavaScript” by Marijn Haverbeke introduces the JavaScript programming language and programming in general. A free digital version is available in HTML format and you can order a paperback version from Amazon. Furthemore, the book has been translated to French, German and Polish. (Note: A second, more modern edition is currently in process.)

Node Tuts
Node Tuts by Pedro Teixeira offers free webcasts exclusively about Node.Js.

Ruby on Rails

Ruby on Rails Tutorial
Michael Hartl has written a tutorial book named Ruby on Rails Tutorial. Visit the website to find the free online version, along with screencasts.

TryRuby
Ruby is a revolutionary programming language from Japan known for its simplicity and power. On TryRuby, you can experiment with it right in your browser. A 15-minute interactive tutorial will help you get started.

Hackety Hack
Hackety Hack teaches you the basics of programming by introducing the Ruby language. Build your skills from scratch, and use them to build desktop applications and websites.

Virtuous Code
Avdi Grimm is a software “cultivator” who publishes a screencast series on Ruby development. When you subscribe, you get new screencasts every Monday and Thursday (or access to the full scripts if you prefer reading to watching), the source code for each video and access to the complete archive of episodes.

RubyMonk
RubyMonk is an interactive Ruby learning plattform. You will learn the basics of the programming language right in your browser. The tutorials are free but donations are very welcome.

Rails for Zombies
Learn Ruby the zombie way with Rails for Zombie. You don’t have to worry about configuration. After watching short introductory videos, you can start experimenting right in the browser. The course is aimed at beginners, but there are also courses for more experienced Ruby developers.

RailsCasts
RailsCasts by Ryan Bates, offers a free weekly screencast featuring Tips and Tricks for Ruby on Rails. The topics are targeted for intermidiate users, but beginners and experts can also get something out of it. You may subscribe for additional screencasts.

Design

Drawspace
Drawspace is a community of drawing enthusiasts, professional artists and art educators. It features a huge library of free downloadable lessons that teach you how to draw or enhance your current abilities. With a profile, you can track your progress, from beginner to advanced levels.

Miscellaneous Lessons From The Web Industry

Treehouse
Treehouse is for beginners and experts. It offers material for learning everything you need to be successful in the Web industry. This includes technical knowledge, but also skills for starting a successful business. You can learn via specific tracks (i.e. Web developement) or topics.

Tuts+ Premium
Tuts+ Premium is a subscribers-only platform that offers resources for learning creative and technical skills such as design, Web development, motion graphics and photography. The content is created and constantly revised by leading experts. Choose whether to learn by video or articles with screenshots. A large community is behind Tuts+ Premium that you can connect with and ask for further help.

Ontwik
Ontwik gathers the latest lectures and conferences from Web developers and designers in one place. It covers topics such as JavaScript, NodeJS, jQuery, Ruby, Rails, HTML5, CSS3, UI, UX and more. There are also lectures on creativity, marketing and startups.

Because technical knowledge is not enough

A Student’s Guide to Web Design
Here is an attempt to better equip graduates in the design industry. It provides resources and information to help young Web designers with life after graduation.

#The50
After graduating from art college, Jamie Wieck realized that he had no clue about professional life. So, he started #The50 to help students and graduates in the same situation learn what every creative should know. The tips are made up of 140 characters and a hash tag, making them easy to share on Twitter.

“The Web Design Community Offers Advice to Beginners,” Smashing Magazine
We asked, “What is the single best tip from your experience that you would give to a newbie developer?” This article compiles all of the amazing responses we received.

Jessica Hische’s Thoughts
Illustrator Jessica Hische doesn’t have a traditional blog, but she shares answers to frequently asked questions about her and her work. You’ll find useful advice on random topics regarding the Web industry such internships, pricing, non-creepy networking, and so on.

The Secret Handshake
The creative industry is very different from traditional companies and applying only traditional methods in the application process won’t bring you too far. The Secret Handshakes is a resource for students and young creatives looking for insiders insights, honest answers and solid solutions to help you go pro.

WaSP InterAct Curriculum
Designed to keep up with the fast-moving industry, WaSP InterAct is a living curriculum that prepares students for careers on the Web. Courses are divided into several learning tracks, covering everything from the foundations to professional practice. Recommended reading lists, assignments and exam questions help you to become a real Web professional.

Conference Organiser’s Handbook
Are you planning to organize a conference? Then, the Conference Organiser’s Handbook is the best place to start. The website was put together by Peter-Paul Koch and provides information on everything you need to know, from start to finish.

Expanding Your General Knowledge

TED
TED is devoted to “ideas worth spreading.” You can watch talks on technology, design, business, global issues, science and entertainment. Get inspired by other thinkers, and get involved in a community of curious people!

Khan Academy
The Khan Academy wants to provide anyone anywhere in the world with a world-class education — for free! All you need is an Internet connection. A huge video library provides you with lessons on a wide array of topics, covering everything from basic maths to macroeconomics to programming basics and even art history. Test your knowledge, track your progress and earn badges.

University of Reddit
The University of Reddit is an open-source peer-to-peer learning platform. The courses are free and range from computer science to mathematics to languages.

VideoLectures.Net
Registering on this site gives you free access to educational video lectures. The videos cover many fields of science and feature distinguished scholars and scientists at conferences, workshops and other events. The high-quality content is aimed at both the scientific community and the general public.

P2PU
The Peer 2 Peer University is an open-education project that encourages lifelong learning, following its credo “We are all teachers and we are all learners.” Everybody can participate and make use of the content. It also features a School of Webcraft, with some basic tutorials.

Online Courses
Online courses offers 100 open courses for tech geeks. Among them, you will find general computer science topics and courses on Web design and development. The website also provides information on accredited schools, college finances and studying.

Lynda
Lynda helps you learn software, creative and business skills. As a member, you get unlimited access to a huge library of high-quality video tutorials, taught by working professionals. Topics also include design and development.

Learners TV
Learners TV provides a huge collection of free downloadable video lectures on all sorts of topics, including computer science. The website also features science animations, lecture notes and live, timed online tests with instant feedback and explanations.

ReadWrite
ReadWrite covers all things Web, tech and social media. Its list of tech-focused instructional websites links you to platforms that teach a wide array of topics. The topics are pretty general, ranging from computing to hacking.

Learn a new language

Radio Lingua
Radio Lingua is a podcast that helps you learn languages where, when and how you want. There are quick starter courses if you want to learn the absolute basics of a language, or you can take your skills to the next level by diving into grammar and vocabulary. The episodes are aimed at learners of all ages and conducted by experienced teachers and native speakers.

Busuu
Learning a language with Busuu is completely different from what you are used to. As a member of the platform’s community, you learn directly from native speakers via video chat. That way, everyone is not only a learner, but also a teacher. To keep you motivated, the language you are learning is represented as a tree, which grows with the effort you put in. Joining Busuu is free.

Open University classes & University-style classes

Udacity
Udacity’s learning experience is different from other education platforms. Learn by solving challenging projects and by interacting with renowned university instructors and other students. The courses are as demanding as studying at a real university, but a range of certificate options are available.

OnlineCourses (formerly know as Lecturefox)
On OnlineCourses you will find high-quality classes from renowned universities such as Harvard, Berkeley and MIT. Topics range from biology to accounting, foreign languages to science.

Education Portal
Making education accessible is the goal of the Education Portal. The platform offers articles and videos on researching schools, degree programs and online courses. Covering everything from arts to sciences, it also has a list of free Web design courses that lead to college credits.

OpenClassroom
Stanford University’s OpenClassroom provides videos of computer sciences courses. You can watch the videos for free, and the lessons are split up into short chunks of quality information.

MIT OpenCourseWare
MIT OpenCourseWare publishes virtually all MIT course content. The open platform doesn’t require any registration, and it features free lecture notes, exams and videos.

OpenCourseWare
The OCW consortium is a collaboration of higher-education institutions and associated organizations from around the world to create a broad and deep body of open-education content using a shared model.

The Faculty Project
The Web isn’t be the only thing you are interested in. If so, then the Faculty Project might be for you. It brings lectures from leading university professors to anyone with an Internet connection. The free courses are taught through video, slideshows and reading resources, and they cover lessons from maths to economics to history.

Academic Earth
Whether you want to advance your career or just take classes that interest you, Academic Earth provide anyone with the opportunity to earn a world-class education. The website offers free lessons and learning tools from many disciplines. If you would like to study further, it also connects you to universities and scholars.

Course Hero
Course Hero has a mission to help college students get the most out of their education by giving them access to the best academic content and materials available. Search for study documents by department, keyword and even school. After registering, you can use the resources for free.

edX
edX is a not-for-profit enterprise by MIT, Harvard, Berkley and the University of Texas System. Take part in high-quality online courses from different disciplines — including computer science — and obtain a certificate from one of the renowned universities. The institutions use the insights they gain from the platform to research how technology can transform learning.

Coursera
Partnering with the top universities from around the world, Coursera offers free online courses. The lectures are taught by renowned professors and cover a variety of disciplines. Assignments and interactive exercises help you test and reinforce your knowledge.

Webcast.berkeley
Since 2001, Webcast.berkeley has been a window into UC Berkeley’s classrooms, publishing courses and campus events for students and learners everywhere in the world. View audio and video recordings of lectures online, or download them to your device.

The Open University
The Open University is open to anyone and offers over 570 courses at many different levels, from short introductory courses to postgraduate and research degrees. Studying is flexible and adapts to your lifestyle. You can even connect to other learners online and use the activities to assess your progress.

Last Click…

WeekendHacker
Do you have a small project or idea in mind but need a little help? WeekendHacker is a place to reach out to designers and developers who may be able to assist. Simply sign up, post your project, and sit back and wait for someone to help.

Until Next Time!

We hope that this list of learning resources will help you to further develop your skills and open doors for you. Of course, you’re more than welcome to share other resources that are missing in this round-up in the comments section below! Also, we look forward to hearing which resource you find most valuable, and why!

By the way, you may also want to check out Melanie Lang’s list of inspirational podcasts — we highly recommend it!

(sh, ml, ea, il)

Front page image credits: Programmr.

Advertising

Airbnb and Housing - The Airbnb Public Policy Blog

Fri, 14 Feb 2014 08:54:18 -0800

Comments: "Airbnb and Housing"

URL: http://publicpolicy.airbnb.com/airbnb-housing/

This morning, you might have seen a story on Airbnb and housing prices in Marfa, Texas, and beyond. We strongly believe that Airbnb makes communities more affordable and we know it has already helped families stay in the home and community they know and love.

First, let’s start with some context. As readers of this blog know, Airbnb has more than 500,000 listings around the world. If you’re looking for a place to stay in Marfa this evening, there are a total of five options available. In the six year history of Airbnb, only 17 properties have ever been booked in Marfa. So it’s difficult to argue that Airbnb is having any impact on the housing market in this community.

But many have asked an interesting question about whether home-sharing has an effect on housing prices in communities where more people share their homes. We believe home-sharing makes it possible for more people to pay their bills and stay in their own homes. When Airbnb first got started, we heard from hosts who told us how sharing helped them pay their bills and avoid foreclosure or eviction.

Then, we started doing some research and the data shows that people depend on Airbnb to help pay their bills. We conducted a series of studies in cities around the world. Here are just a few of the key data points:

56% of Airbnb hosts in San Francisco said they use their Airbnb income to help pay their mortgage or rent.
46% of Airbnb hosts in Paris said they use income for essential living expenses such as rent and mortgage payments.
87% of Airbnb hosts in New York share only the home in which they live. And 62% of Airbnb hosts said Airbnb helped them stay in their homes.

The sharing economy is relatively new, so there isn’t much academic research on this question, but noted UC Berkeley Professor and housing expert Ken Rosen conducted a detailed study for us and asked whether home-sharing is responsible for rising rents in San Francisco. Here’s what he wrote:

In cities like San Francisco, the cost of a home or an apartment is never far from anyone’s mind and there is no shortage of theories about why rents continue to rise. One of the latest theories posits that the “sharing economy” and short-term rentals are to blame for high rents. But not only is there no evidence to suggest that short-term rentals are making homes less affordable, our research and analysis indicate that home sharing has the potential to make urban housing more affordable for more families.

Rosen’s work also examined whether some people would stop renting their apartments to permanent residents and start sharing them only on Airbnb. Here’s what he found:

Although there have been media reports of renters and landlords benefiting financially from converting traditional apartments to dedicated short-term rentals, we believe this represents isolated cases of individuals and not the market as a whole.

Data shows that most Airbnb hosts occasionally share only the home in which they live and use the money they earn to help make ends meet. That makes home-sharing an important lifeline that helps families around the world afford to live in the city they love.

Crazy ants take on fire ants and win | Ars Technica

Fri, 14 Feb 2014 08:55:18 -0800

Comments: "Crazy ants take on fire ants and win | Ars Technica"

URL: http://arstechnica.com/science/2014/02/crazy-ants-take-on-fire-ants-and-win/

Fire ant, meet crazy ant.

If you’ve ever been attacked by red imported fire ants, you can likely attest that these tiny insects have a nasty defense mechanism. When threatened, fire ants inject or dab their enemy with a potent neurotoxic venom that quickly dispatches most other ants and can sometimes even send humans to the hospital.

This deadly assault is a pretty effective deterrent to most other ant species, which tend to keep their distance. But the fire ants have now run up against another invasive species that's willing to take them on: the tawny crazy ant. This unassuming little ant has the surprising habit of aggressively barreling right into a colony of fire ants, seemingly undeterred by their toxic venom.

In this week’s issue of Science, researchers from the University of Texas at Austin report that crazy ants are actually able to detoxify fire ants’ venom, helping them displace this usually dominant species.

A crazy ant’s headlong charge into a mass of fire ants almost always results in it being smeared with venom. But once covered in the neurotoxin, these ants perform a systematic and ritualized behavior. First, an ant stands on its hind legs and curls up its abdomen, touching its mandibles to a small gland at the tip of its body called the acidopore. The ant then runs its front legs through its mandibles and grooms itself fastidiously.

It looks like the ant is covering itself with a secretion from its own body as a response to the fire ant's venom. To determine whether this behavior actually counteracts the venom’s effect, the researchers ran a controlled test. They used nail polish to seal the acidopore of one group of crazy ants, and simply sham-treated a second control group. After coming into contact with fire ant venom, the crazy ants with the sealed acidopores—which could not secrete any chemical defenses—had a survival rate of just 48 percent, whereas 98 percent of the control group survived. Clearly, something originating from the acidopore was increasing the survival of ants covered in venom.

By testing crazy ant secretions, the researchers found that the life-saving substance was actually formic acid from the crazy ants’ own venom. So far, it's unclear exactly how this chemical detoxifies fire ant venom. It’s possible that formic acid denatures the enzymes that enable neurotoxins to enter cells.

While this rare ability confers a huge advantage for crazy ant survival, its biggest implications are ecological. Ever since fire ants were imported into the southern US in the 1930s, they have been the dominant ant species in most grassland ecosystems. But crazy ants—introduced only about 12 years ago—are now taking over, thanks in part to their ability to detoxify fire ant venom. When the two species fight over food or space, crazy ants come out on top 93 percent of the time.

Digging into these two species’ past sheds light on this asymmetry. Tawny crazy ants and red imported fire ants share an evolutionary history since their native ranges overlap in parts of South America. Their arms race began there, with fire ants evolving venom to defend themselves and crazy ants evolving a detoxification mechanism as a counter-defense. Now the chemical warfare has been re-engaged here on a second continent, playing out across the Gulf Coast. And for a second time in the past century, a new invasive ant species is dominating and drastically transforming ecological communities.

Related PSA: crazy ants are attracted to electronics. So if you're a technology lover living in the southeastern US, watch your computers and appliances because these tiny invaders are headed your way.

Science, 2014. DOI: 10.1126/science.1245833 (About DOIs).

Listing image by University of Texas

Fullstack Academy - Romance.js - Programming Valentine's Day Poetry

Fri, 14 Feb 2014 09:06:18 -0800

Comments: "Fullstack Academy - Romance.js - Programming Valentine's Day Poetry"

URL: http://blog.fullstackacademy.com/post/76605703216/romance-js-programming-valentines-day-poetry

On this Valentine’s Day - two aspiring poets at Fullstack Academy want to help you use programming to further your own romantic endeavors.

A bit of background

Nimit and I (David), now instructors at Fullstack Academy, actually met on the first day of college over 14 years ago and bonded over our mutual love of Web technologies and the ethos of open-source (our youthful form of rebellion consisted of running Linux instead of Windows). That’s our founder story and why we continue to this day to love working with the Web and training aspiring Web developers. However, what’s less well known is that we also share a mutual love of poetry and considered ourselves somewhat accomplished amateur poets throughout college.

Although our poetry career never fully blossomed, on occasion you might still find one of us counting syllables on fingers or looking up rhymes as we construct a poem for our loved ones. I’ve always found the hardest thing to do is find inspiration - find something that knows what I want to say and how I want to say it. Fortunately, with a bit of computer programming, we can train our computer to mimic any poet, including ourselves.

If you’ve started with Codecademy or Codeschool’s JavaScript course, this exercise should be right up your alley. It’s a fun way to explore language and we hope it will inspire you this Valentine’s Day.

Sounding like ourselves

If you’ve ever played Mad Libs, you’ve experience the amusing quality of text interpolated with some randomness. Our mind has an amazing ability to impose a story onto that randomness. Our poetry program is like Mad Libs but with two differences:

Our program chooses every word rather than filling in blanks Our program trains itself by building a set of all words that follow each word in the corpus (the corpus is the poetry or text you want to mimic). Our program picks a random word from the corpus to start. Then it picks from the set of words that have followed this word.

For example, if we take one of my favorite poems from e.e. cummings:

since feeling is first
who pays any attention
to the syntax of things
will never wholly kiss you;

wholly to be a fool
while Spring is in the world

my blood approves,
and kisses are better fate
than wisdom
lady i swear by all flowers. Don’t cry
—the best gesture of my brain is less than
your eyelids’ flutter which says

we are for each other: then
laugh, leaning back in my arms
for life’s not a paragraph

And death i think is no parenthesis

We first identify the unique words that appear in the poem: “since”, “feeling”, “is”, “first”, “who”, “pays”, “any”, “attention”, etc. Then for each word, we identify the list of words that follow that word. For example, for the word “is” we see “first”, “in”, “less”, “no” and for the word “my” we see “blood”, “brain”, “arms”. We store these “following” words associated with each starting word.

The magic about this is that based on how we train our model (what body of text we put in and what sequences it has) it can create a pretty good approximation of what the author of that corpus sounds like.

Although you can be the judge of whether or not you like the poetry this generates, it does pose an interesting philosophical question: are we anything more than the aggregate of all our experiences and language combined in some probabilistic web.

Setting up the Corpus (poetry you want to mimic)

For our code to work, it first needs some body of text to train itself on. Let’s set up a place in our HTML where we can dump a bunch of text. For that, we’re going to use a trick that web developers use to store long strings in HTML - script tags that aren’t JavaScript. By setting it up this way, the browser ignores it but makes it still easy for us to grab the text out. Feel free to follow along by opening your own JSFiddle.net fiddle.

Now let’s set up a way to store all the pairs. For our implementation, we’ll create a JavaScript object where the keys are single words and the values are an array of all the words that follow that word in our corpus. Every time we see a new word combination, we’ll store the combination in our object for use later. We’re going to store duplicates as well so later on, we don’t have to worry about storing probability weights, we just need to randomly choose a word and the probability will work itself out.

Great, now we have two helpful pieces of data: words and wordpairs. words is a long list of every word in our corpus and wordpairs is where the pairs are stored. wordpairs[“love”] will return an array (a list) of every word that our program has ever seen follow love.

Making Poetry

Now that we’ve prepped the kitchen we just need to flambe the paper (don’t worry, your program will botch its metaphors even worse). Let’s write a function called “writePhrase” that takes a length of words and returns a phrase of poetry. We also write a helper function to randomly choose from an array since we’ll be doing that several times.

Take a look at this following JSFiddle (set up with Shakespeare’s Sonnets) to see what kind of output it creates. Open the JSFiddle and you can change out the corpus and see what kind of other poems you can create! Perhaps you can use it as an inspiration for a beautiful poem for your own loved one.

Further Challenges

The core system that we’ve built is called a Markov Chain (read more on Wikipedia). It’s a simple and elegant way to model various problems in Computer Science and as we’ve seen, can be used to generate amusing text based off a training corpus. However, there are still many directions to go from here:

Our program doesn’t handle sentence structure in the original corpus, this makes it start and stop each phrase awkwardly
We’re pretty aggressive about removing punctuation, this produces a bland ending text - try to keep two versions of the word, one that has been normalized and one that keeps the original formatting

If you’d like to continue exploring programming and dive deeper into computer science and web development, feel free to reach out to me at david@fullstackacademy.com. We’re hosting a free one-day introduction to web programming called Road to Code in early March at Fullstack Academy where beginners learn to do other awesome things with code!

usablica/progress.js · GitHub

Fri, 14 Feb 2014 09:09:18 -0800

Comments: "ProgressJS – A themable HTML5 progress-bar library"

URL: https://github.com/usablica/progress.js/

ProgressJS

ProgressJs is a JavaScript and CSS3 library which help developers to create and manage progress bar for every objects on the page.

How To Use

1) Include progress.js and progressjs.css in the page (use minified version from minified folder for production)

2) Execute following JavaScript code in the page:

//to set progress-bar for whole page
progressJs().start();
//or for specific element
progressJs("#targetElement").start();

Use other methods to increase, decrease or set a auto-increase function for your progress-bar. Furthermore, you can change the template using setOption method.

API

Check the API and method usage with example here: https://github.com/usablica/progress.js/wiki/API

Build

First you should install nodejs and npm, then first run this command: npm install to install all dependencies.

Now you can run this command to minify all static resources:

make build

Roadmap

Add example folder and provide examples
More browser compatibility + mobile/tablet device support
Add more templates

Release History

v0.1.0 - 2014-02-14
- First version
- Increase, decrease and auto-increase functions
- Ability to design and add templates

Author

Afshin Mehrabani

License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Making Mistakes - Aaron's Blog

Fri, 14 Feb 2014 09:41:31 -0800

Comments: " Making Mistakes - Aaron's Blog "

URL: http://www.aaronkharris.com/making-mistakes

At 10 years old, I lost a trillion dollar bet to my older brother. I bet him it was Wednesday. It was actually Thursday. I was very sure of myself (for reasons I can't recall), and saw a good opportunity to shave off some of the debt I owed him. Luckily, he has yet to call the debt. At the time, all I felt was keen embarrassment at my stupidity. As time went on It became clear I had learned a valuable lesson about taking deals that seem too good to be true.

Though mistakes that I make can be painful in the near term (and sometimes in the long term), I've found that they're a critical part of how I learn. I'm fairly certain that the mistakes I made which led to the end of Tutorspree taught me far more about how startups work than immediate success would have.

Success feels good

Success is usually idiosyncratic. Strategies that lead to success are self-validating. We build narratives around the cause and effect of success based on incomplete information and our own biases [1]. This makes it very easy to falsely attribute success to the factors that are easily seen without doing the work necessary to properly understand what happened. This tendency gets even stronger when we're looking at our own successes. At that point, ego starts to discount things like luck, which are frequently a huge part of success. Because success makes us feel good, it lulls our faculties for critical thinking, which almost by definition means it is harder to learn deep lessons [2].

Making mistakes doesn't give us the same kind of happy feelings that success does. Because the mistakes hurt, we investigate them more closely. Because we're thinking critically and comparing causal chains leading up to and flowing from mistakes, we're more likely to consider complexity and examine why things really happened as they did. That doesn't necessarily mean that each time I make a mistake I learn a critically important lesson about myself, but by thinking hard enough, I generally do learn something useful [3].

Mistakes vs. Failure

Near as I can tell, I'm not alone in believing that mistakes are a valuable tool for learning. In fact, in Silicon Valley, there's a tendency to talk about failure as a point of pride. But there's a disconnect between how we talk about Failure (intentional big "F") and how we talk about mistakes. While the internet is littered with post-mortems on failed companies, it's rare to find founders or investors who will freely admit to being wrong about a public comment or investment [4].

That doesn't make sense given what we know about mistakes. It does, however, start to make more sense with the addition of two other factors. The first is the increasing permanence and public nature of all media. It's relatively easy for me to admit mistakes to small and trusted groups because I don't fear malicious repercussions.[5] As that circle expands, the difficulty of admitting the mistake increases because I don't trust the intentions or actions of everyone in it. In the competition between wanting to learn by admitting mistakes and wanting to not be perceived as stupid or attacked for the same, not looking stupid wins.

This directly informs the second factor: increasing obsession with "personal brand." Personal brand isn't a new concept, but it has become increasingly important to more people because of the pressure to constantly tell the story of your life in public through social media. That publicity + the expanded circle again leads back to wanting to present a perfect image. Through that lens, each instant broadcast that is inconsistent with that narrative and "off-brand" appears to be a public failure in front of an untrusted circle. Not only do we look stupid for making a mistake; the mistake jeopardizes the narrative we've built about ourselves. [6]

Even if "building a brand" isn't something we consciously think about, knowing how public everything is makes being honest about mistakes hard. So how do we get as comfortable looking at recent mistakes as we are looking at the ones in the distant past? We probably can't - there's too much baggage. But I think there are ways to start moving in the right direction. Recognizing the cycle that makes it hard to admit mistakes is a good start. Developing a close friend, set of friends, or mentor, with whom you can speak honestly is another step. Most importantly, I think we probably need to take it easy and remember that no mistake, public or private, is likely to be the defining moment of our lives [7]. At the same time, cutting some slack for others who make mistakes will likely do a lot to ease the culture of recrimination/fear that has built up around making mistakes.[8] Really, we just need to be decent and thoughtful. Hard, but important.

[1] Fitting facts into a story is a common trap that seems to go the base of how our brains are built.

[2] If you happen to be watching the success of someone you dislike, the reverse might be true. Your critical thinking faculties might be working just fine, though your conclusions and avenues of investigation might get clouded by envy or jealousy.

[3] That might be "be careful when stopping with your new clipless pedals." Maybe small, but better to learn the lesson than assume it was easy.

[4] Interestingly, you'll see more evidence of VCs admitting to investments they missed than investments they should not have made. See Bessemer's Anti-Portfolio.

[5] That certainly wasn't always easy. I've had to work on being able to admit my mistakes. The benefits I've reaped by doing so have made it easier and easier.

[6] Truth is, I haven't prioritized my personal brand that much. I firmly believe that trying to build a brand is the best way to get the reputation of just being a scenester. I think I should be judged on the things I actually do with and for the people around me. That, however, is a completely different topic.

[7] With the possible exception of Bill Buckner in and around Boston.

[8] That may mean you lose the chance to show Twitter how clever and snarky you can be. That's a good trade in the long run.

The Coinbase Blog — Introducing “BitHack”: Hackathon by Coinbase

Fri, 14 Feb 2014 09:41:31 -0800

Comments: "The Coinbase Blog — Introducing “BitHack”: Hackathon by Coinbase"

URL: http://blog.coinbase.com/post/76553987867/introducing-bithack-hackathon-by-coinbase

We’re excited to announce the launch of Bithackathon.com – an online hackathon to inspire developers across platforms and continents to build solutions with bitcoin.

We will judge app entries based on creativity, usability, and execution. The prize? Bitcoins!

1st prize: $10,000 worth of bitcoin
2nd prize: $5,000 worth of bitcoin
3rd prize: $3,000 worth of bitcoin

Criteria

We are looking for apps that excel in three areas:

1) Creativity:

Originality of idea
Innovation

2) Usability:

3) Execution:

We invite any and all developers around the world to participate in the competition. Check out www.bithackathon.com for more information – spread the word! Look forward to seeing you there.

Cryptic Crossword: Amateur Crypto and Reverse Engineering

Fri, 14 Feb 2014 09:49:31 -0800

Comments: "Cryptic Crossword: Amateur Crypto and Reverse Engineering"

URL: http://www.muppetlabs.com/~breadbox/txt/acre.html

Real-time tech support with Olark — break the bit

Fri, 14 Feb 2014 10:10:31 -0800

Comments: "Real-time tech support with Olark integration into your client-side app"

URL: http://breakthebit.org/post/75335427347/real-time-tech-support-with-olark

Foreword

We came a long way since we started the public beta testing of Dubjoy, the video voice-over solution in the browser.

We’re targeting a pretty specific public: Language Service Providers, voice actors, voice talents, translators and interpreters. This is mostly a non-technical blend, that like most people, can’t help you efficiently debug, reproduce or describe problems as they occur.

We came a long way since then, with most of the problems being solved and the software approaching production quality fast.

But still, we were desperate for a way to better assist our customers, preferably in real-time.

There are many moving parts to a voice recording app in the browser. And moving parts always make for a fun array of problems customers encounter.

We have to be able to assist people while learning how to use the software for the first time. There can be workflow issues, microphone sensitivity and permission problems, Flash versions, etc.

Communication with your customers is key, and I can’t describe how overwhelmingly positive the reactions have been.

They love to see that you have their back at all times.

Required capabilities

So our ideal system would have the following capabilities:

real-time feedback and help,
log forwarding,
error forwarding,
diagnostic checks,
recovery routines,
reset routines,
system information.

And we set out to find something out there that could help.

Olark

If you’re selling anything on the web and don’t use Olark you’re missing out.

They’re making a chat widget, that you integrate into your site. Once installed your website visitors appear as chat contacts in your IM program like Google Talk.

You can click on anyone and start talking them up, or wait that someone need help and clicks the “Chat with us” button.

So this tool by itself eliminates our first capability requirement: real-time feedback and help.

But as we delved deeper into their developer API documentation we discovered that you can easily extend the functionality of the chat widget by creating your own custom commands and binding to certain events, like when the conversation begins.

Anatomy of our Olark integration

Olark has a nice feature that chat operators can issue commands.

A command is simply any word prefixed with an exclamation, like !debugon.

The “brain” of the integration is a simple parser, that hooks up to the api.chat.onCommandFromOperator event.

A simple example of this, an implementation of the !explainer command:

olark 'api.chat.onCommandFromOperator', (event) ->
 # !explainer
 # Show the popup with the explainer video.
 if event.command.name is 'explainer'
 V.olark.send "[EXPLAINER] Showing popup"
 V.overlay.help()

So Dubjoy’s current integration looks like this (you can list the current commands by issuing !dubjoy:

# !dubjoy
# Show Dubjoy help and commands.
if event.command.name is 'dubjoy'
 V.olark.send "[HELP] Dubjoy Olark integration\n"
 V.olark.send "!status - Status report (env, kombajn, video, frags, app)"
 V.olark.send "!debugon [<level>] - Turn on log fwd at a level"
 V.olark.send "!debugoff - Turn off log fwd"
 V.olark.send "!reload [<restore>] - Force reload and restore state"
 V.olark.send "!undo - Undo last step"
 V.olark.send "!explainer - Show the explainer popup"
 V.olark.send "!fragments - Output detailed fragments data"
 V.olark.send "!fragmiss - Output fragments that are missing audio"
 V.olark.send "!fragclear <fragment_id> - Clear audio data for fragment"
 V.olark.send "!fragseek <fragment_id> - Seek to fragment"
 V.olark.send "!diagnose - Run system checks"
 V.olark.send "!system <details> - Show system information"
 V.olark.send "!video - Show video information, such as YouTube ID, etc."
 V.olark.send "!mic - Show if mic access is allowed"
 V.olark.send "!audio - Show the average and latest audio levels"
 V.olark.send "!audiotest - Send the audio test URL and instructions"
 V.olark.send "!exec <command> - Execute command in V. namespace (e.g.: '!exec video.play()' would execute 'V.video.play()'"

We have a variety of commands for performing basic to advanced tasks to help the customer, run diagnostic tests and check system information.

If you prefer reading code to prose and to learn more, check out our Olark integration class.

Real-time feedback and help

It’s super useful to be able to help customers who are lost or just in the app for the first time.

One of our options is to just issue a !explainer command and this pops up a short video on the customer’s screen, showing her how to use the app.

Using Olark this way makes customers feel like you always have their back. And they appreciate this and in turn easily forgive you the early bugs.

Log forwarding and error reporting

We rely heavily on logging to know in-depth what’s going on in our application. Everything from events firing, video currentTime updating to audio encoding progress is being logged, with various levels of specificity.

It doesn’t hurt to be instantly alerted whenever a breaking error occurs on the client side either. It instantly pops up a chat window to all of our engineers and the one that responds to it first, takes care of the customer.

Now imagine this scenario:

A customer is trying to voice-over a video in Dubjoy and gets stuck with the voice not recording.

She finds the Olark widget and writes us “Help! My voice is not being recorded!”.

We reply “Just a second” and turn on log forwarding with a !debugon custom command implemented for the Olark API.

This starts to forward all of the logging data the customer is generating instead of in his console to your chat window. All in real-time.

This is beyond powerful, you can instantly see what the customer is doing or clicking and of course what the app itself is doing.

How do we do it?

We have some central logging routines that we use throughout the app.

This made it trivial to plug in some code, that also sends this through Olark. This isn’t done by default, but rather the current operator can turn this on or off as simple as issuing the !debugon command.

This is a snippet from the logging routine that integrates with Olark:

# Log to Olark
if V.olark 
 if output_routine is 'error'
 # Log errors ALWAYS to Olark.
 V.olark.log type: 'ERROR', text: msg, args: args
 else if V.olark.debug and V.olark.debug is true
 # Forward logs to Olark if debugging is turned on.
 V.olark.log text: msg, args: args

A typical use case looks like this:

Diagnostic checks

It’s useful to have a single command that runs some basic diagnostic checks on the customer’s system.

We quickly check if the microphone permissions are set correctly, if the mic sensitivity is in order, Flash version, native MP4 support, video buffer status and more.

Here’s a whipped !diagnose command in action:

We also have detailed audio diagnosis commands like !audio that show the gain levels of the last recording the customer did. This way we can quickly see if the mic’s not getting any information through or the sensitivity is too low, etc.

Recovery and reset routines

It’s useful that if a customers’ session gets corrupted somehow we can trigger a reload on his end and choose whether we want to restore his data or start with a clean slate.

System information

Olark by itself shows some customer’s system information, like browser version in the tooltip of your IM app.

But it’s useful for us to have a manual way of bringing up some relevant information.

By issuing !system we get a bunch of useful information about his browser and system.

By issuing !video we get crucial information about the video he’s currently working on.

Conclusion

We’re extremely happy with the way this turned out and so are our customers.

The extensibility of the Olark platform offers unlimited potential for customer support in any JavaScript client-side application.

UpCounsel Launches Outside General Counsel Program For Companies Needing Long-Term Legal Help | TechCrunch

Fri, 14 Feb 2014 10:55:35 -0800

Comments: "UpCounsel Launches Outside General Counsel Program For Companies Needing Long-Term Legal Help | TechCrunch"

URL: http://techcrunch.com/2014/02/14/upcounsel-outside-general-counsel/

Attorney marketplace UpCounsel has spent the last several months helping startups and other small businesses get affordable legal help. But for the most part, that help has mainly been focused on short-term projects that don’t require a ton of assistance over a longer period of time.

The startup hopes to change that with a new service that will connect technology companies in San Francisco with an outside general counsel to replace the legal help they’d usually get from a traditional law firm. Those firms can charge up to $800 per hour to work with a partner, but UpCounsel believes that by setting companies up with attorneys on its platform, it can drastically reduce that cost over time.

The Outside General Counsels it connects startups with are former senior associates and partners from large firms who have previously served in the general counsel role of technology companies. The only difference is now they’re working virtually through the UpCounsel platform.

To make sure that the general counsels are a good fit, UpCounsel does interviews with interested companies to determine what their needs are, and then tries to pair them with attorneys who understand their business and have the correct skill sets to support them. Attorneys get a company profile and dossier to review only if they are selected by the company to possibly represent them.

More than just making the connection between startups and the outside general counsel, UpCounsel also handles all admin and support for them. That includes billing, but also means helping them to find paralegals as well.

As part of the program, UpCounsel is also opening up not just to attorneys, but to professionals who have served as paralegals to support them. Again, since it doesn’t have all the overhead of the big firms, paralegals can be billed at about a third of what the big firms charge for their hourly work.

In addition to the lower cost, UpCounsel believes that its outside general counsels will be more responsive to legal requests than the folks who work at more traditional firms that are loaded up on casework. CEO Matt Faustman tells me that in its early trial, some startups have used the program to complement their existing firms for when they need more immediate help.

But the platform is also seeing some startups move completely to adopt its outside general counsels, with about 10 totally jumping ship from some big firms you’ve probably heard of.

Now that it’s launched, we’ll see how well the program actually works. In the meantime, UpCounsel has raised $1.5 million in seed funding from folks that include Homebrew, Bobby Yazdani, SV Angel, Collaborative Fund, Haroon Mokhtarzada, and other angels.

Rendered Prose Diffs · GitHub

Fri, 14 Feb 2014 10:37:31 -0800

Comments: "Rendered Prose Diffs · GitHub"

URL: https://github.com/blog/1784-rendered-prose-diffs

Today we are making it easier to review and collaborate on prose documents. Commits and pull requests including prose files now feature source and rendered views.

Click the "rendered" button to see the changes as they'll appear in the rendered document. Rendered prose view is handy when you're adding, removing, and editing text:

Or working with more complex structures like tables:

Non-text changes appear with a low-key dotted underline. Hover over the text to see what has changed:

Building great software is about more than code. Whether you're writing docs, planning development, or blogging what you've learned, better prose makes for better products. Go forth and write together!

Need help or found a bug? Contact us.

First geologic map of Ganymede made with Voyager data | Ars Technica

Fri, 14 Feb 2014 10:55:35 -0800

Comments: "First geologic map of Ganymede made with Voyager data | Ars Technica"

URL: http://arstechnica.com/science/2014/02/first-geologic-map-of-ganymede-made-with-voyager-data/

Imagery of Ganymede's surface (right) and the new map of its geology (left). USGS

Maps have always been an integral part of exploration. They take the in out of terra incognita. Some things are easier to map than others, of course. The geology of a world a few hundred million miles away is one of those other things. Nevertheless, the United States Geological Survey just released a geologic map of Jupiter’s moon Ganymede—an icy satellite larger than Mercury.

The map was created through the hard work of a team led by Wheaton College’s Geoffrey Collins using imagery from the Voyager probes and the more recent Galileo mission. Much in the way that geologists can determine the relative ages of Earth rocks by noting which rocks cut into or through others, Ganymede’s surface can tell us about its own geologic history.

The researchers identified three basic periods in that history, which they named the Gilgameshan, Harpagian, and Nicholsonian periods. The oldest is marked by an abundance of impact craters, the second by extensive tectonic activity that altered and deformed the surface, and the youngest by an absence of significant activity.

A PDF of the detailed map, which might look great on your wall, is available on the USGS website.

Phaser

Fri, 14 Feb 2014 11:12:35 -0800

Comments: "Phaser"

URL: http://phaserapp.com

Explore – …the appointee’s wife was granted a divorce from...

Fri, 14 Feb 2014 11:29:35 -0800

Comments: "...was granted a divorce because he was constantly working calculus problems"

URL: http://explore.noodle.org/post/73954140444/the-appointees-wife-was-granted-a-divorce-from

The Science Behind 'Brain Training' - Dan Hurley - The Atlantic

Fri, 14 Feb 2014 12:08:16 -0800

Comments: "The Science Behind 'Brain Training' - Dan Hurley - The Atlantic"

URL: http://www.theatlantic.com/health/archive/2014/02/the-science-behind-brain-training/283634/

Increasing fluid intelligence has proven beneficial for people diagnosed with ADHD, and selling memory improvement is a big business. Are the claims overheated?

anvilon/flickr

In 2002, Torkel Klingberg, a psychologist at Sweden’s Karolinska Institute, published a study involving 14 children with attention deficit hyperactivity disorder. All of the children were asked to spend a total of 10.5 hours, over five weeks, practicing computerized games that put demands on their working memory—their moment-by-moment attention and ability to juggle and analyze the objects of their attention.

Seven of the children played the games only at the beginner’s level; for the other seven, the games became progressively harder as the children got better. At the study’s end, the group who trained progressively not only improved on the games, but also on other measures of working memory. Their hyperactivity, as measured by head movement, lessened. And incredibly, even bizarrely by the standards of orthodoxy then holding sway, they also did much better on the Raven’s progressive matrices, long regarded as psychology’s single best measure of fluid intelligence. If the results were to be believed, the kids had gotten smarter.

"We don't have these huge studies that drug companies have. On the other hand, this is not something that is dangerous."

At first scoffed at, the little study has since led to dozens of other studies (15 of them listed here) aimed at replicating and expanding its finding. It also quickly led Klingberg and the Karolinska Institute to form a company, Cogmed, to turn working-memory training into a business. The initial target market was children with ADHD, whose parents hoped to find something other than drugs to improve their children’s attention; but soon the market expanded to treatments for both adults and children with a variety of cognitive disorders. By 2010, in a step suggesting just how vast a business this brain training could be, Cogmed was sold to Pearson, the largest education company in the world.

“Cogmed is a leader in the emerging field of evidence-based cognitive training,” the company states on its website. “We have scientifically validated research showing that Cogmed training provides substantial and lasting improvements in attention for people with poor working memory—in all age groups. That makes Cogmed’s products the best-validated products on the market.”

Aren’t claims like this rather overheated? I posed that question to Klingberg at Joe Coffee, a tiny, crowded coffee shop on West 23rd Street in Manhattan, where he was in town to give a talk at Columbia University. He wore a black leather jacket and a momentary scowl, having heard such critical questions many times before.

“Yeah, well,” he said with a shrug. “We did start to do research in 1999. Of course you can say that we still don’t have—we should wait another 10 years until we have thousands of participants. This is a general problem with cognitive training studies that we don’t have these huge studies that drug companies have. On the other hand, this is not something that is dangerous.”

He pointed out that Cogmed claims only that it can improve working memory, not fluid intelligence per se—even though many studies have found that working memory and fluid intelligence are closely related.

“What we see, over and over again,” he said, “is improvement of working memory and also of attention, including attention in everyday life. This is not everything, but it’s good enough for me if we can have that. Working-memory problems and attention problems are huge for many children and adults. Right now I don’t have any financial interest in Cogmed anymore. The influence I have had over Cogmed has been to make them very cautious. They don’t make claims about rejuvenating your brain or improving intelligence.”

At a total cost to families of about $2,000 for the 25 sessions, Cogmed compares favorably with many other kinds of ADHD treatments.

I asked him to describe exactly what kind of computerized training tasks Cogmed offers.

“There are 12 tasks,” he said. “They’re all visuospatial. The role of attention in working memory almost always has a spatial dimension. When you’re paying attention—even when you’re paying attention to me talking here in this café—there’s a spatial component. When there’s a loud noise, you might shift your attention to where it’s coming from. Being able to maintain your spatial focus on me is important for you right now. Even though it’s words coming from me, there’s an important component of space. So if you can improve the stability of that spatial aspect, you will be better at visuospatial tasks and be better at keeping your focus on me rather than on that noise over there.”

Still wanting a better sense of the exercises Cogmed offers, I scheduled a meeting with a clinical psychologist, Nicole Garcia, who offers the training just a few miles from my home in Montclair, New Jersey. She allowed me to sit down at her computer to play a handful of the games. (She emphasized that Cogmed calls them “training tasks,” not games. But they looked like games to me.)

I clicked one called Hidden, which showed a standard numeric keypad, the kind used on cell phones and calculators. The keypad was hidden while a man’s voice recited a short list of numbers. When his list was complete, the keypad reappeared, and I was supposed to click on the list—in reverse order. Another game showed a circle with nine smaller circles strung along it like carriages on a Ferris wheel. As the big circle slowly rotated in a clockwise direction, the little circles lit up in a random sequence. Once the sequence was completed, I had to click on the little circles in the same order.

All of the games were easy on the first pass, but immediately grew hard enough—meaning that the sequence to be remembered grew longer and was presented faster—that I began making mistakes.

Having offered Cogmed to a few dozen of her patients, as young as six and as old as 63 (including a successful attorney whose ADHD was diagnosed in her forties), Garcia said she’s convinced of its benefits, sometimes in combination with medication and sometimes on its own. And at a total cost to families of about $2,000 for the 25 sessions, she said, it compares favorably with many other kinds of ADHD treatments.

Where Cogmed beats all other forms of cognitive training is in the number of published, randomized clinical trials demonstrating its benefits and the number of trials still under way, led by independent researchers at leading institutions without any commercial connection to the company.

Julie Schweitzer, director of the ADHD Program at the University of California in Davis’s MIND Institute, conducted a randomized study of children diagnosed with ADHD. When published in July 2012 in the journal Neurotherapeutics, Schweitzer’s study found that children in the placebo group spent just as much time off-task at the end of the study as they had at the beginning, but those who trained on Cogmed sharply increased the amount of time they spent doing school work.

"Around 20 to 40 percent of children treated for leukemia will end up with cognitive changes. For those treated for brain tumors, the figure is around 60 to 80 percent."

Children who have survived cancer are another group often in need of cognitive rehabilitation. “Somewhere around 20 to 40 percent of children treated for leukemia will end up with cognitive changes over time,” said Kristina K. Hardy, a neuropsychologist at Children’s National Medical Center in Washington, D.C. “For those treated for brain tumors, the figure is conservatively around 60 to 80 percent.”

What distinguishes these young survivors from most others seeking cognitive rehabilitation is that the effects of radiation or chemotherapy on the brain become apparent only with the passage of time. Immediately following treatment, a recent study found, survivors of acute lymphoblastic leukemia showed no significant change in their verbal IQ scores, but by early adulthood, their scores had dropped by an average of 10.3 points.

In 2012, Hardy reported the results of a pilot study comparing Cogmed to a placebo form of computerized. Among 20 children who had survived either brain cancer or leukemia, those who trained with Cogmed saw substantial improvements compared to the placebo group on their visual working memory and in parent-rated learning problems.

Most recently, children with Down syndrome have been shown to benefit from Cogmed. “Following training,” concluded a study published last June, “performance on trained and untrained visuospatial short-term memory tasks was significantly enhanced for children in the intervention group. This improvement was sustained four months later. These results suggest that computerized visuospatial memory training in a school setting is both feasible and effective for children with Down syndrome.”

Brian Skotko, co-director of the Down Syndrome Program at Massachusetts General Hospital, told me, “If Cogmed was a drug, everyone would call this study groundbreaking.”

Not all studies of Cogmed have been positive. A large one published in October found little benefit. But as Klingberg has written in defense of Cogmed in particular and working-memory training in general: “Working memory training is still a young field of research. As with all science, no single experiment explains everything, and results are never perfectly consistent … Many questions remain. But there is no going back to the notion that working memory capacity is fixed.”

This post is adapted from Dan Hurley's Smarter: The New Science of Building Brain Power.

Stephen Law: How the US Treasury imposes sanctions on me and every other "Stephen Law" on the planet - my letter to OFAC

Fri, 14 Feb 2014 12:26:16 -0800

Comments: "Stephen Law: How the US Treasury imposes sanctions on me and every other "Stephen Law" on the planet - my letter to OFAC"

URL: http://stephenlaw.blogspot.com/2014/02/how-us-treasury-imposes-sanctions-on-me.html

Right, here's another thing I am getting off my chest - email letter to OFAC (edited slightly from version sent).

Dear OFAC

This correspondence is copied to my UK Member of Parliament The Right Hon. Andrew Smith. Please copy him into your reply.

My name is "Stephen Law". The name "Stephen Law" appear on OFAC's "specially designated nationals" list:

Here is the actual OFAC listing for "Stephen Law", alias of "Steven Law"

https://ofac.data-list-search.com/Entities/ByName/steven-law

This person is Burmese and is suspected by US Treasury of drug trafficking. He is the son of Lo Hsing Han (dubbed by US Treasury as "The Godfather of Heroin") and has a Singaporean wife. His addresses, as listed by you, are all in Burma and Singapore. None are in the UK.

I have discovered that, as a result of this listing, US Customs block shipments of goods to me here in the UK. Also when people try to wire me money from abroad (not just from the US, but from anywhere), for e.g. occasional travel expenses for academic conference attendance, the payment is interrupted and various checks are made before the funds are released. This became so bad during one period (a series of payments every single one of which triggered a block) that I had to switch to a different bank account. At no point was I told why this was happening (i.e. that you, OFAC, are responsible). The banks concerned believe they must keep this information from me (I was told this by my bank branch). Hence it took me many months to figure out what the source of the problem was: OFAC/US Treasury.

It appears any "Stephen Law" anywhere in the world will suffer this same treatment, as indeed will anyone who merely happens to have the same name or alias as one of your "specially designated nationals". This has proved frustrating, time-consuming and also costly to me personally. E.g. I have paid US$77 postage for goods it turns out I can never receive because they are returned by US customs to the US vendor because my name is listed. As a result of the OFAC listing, I cannot now order goods from - or receive gifts from friends and relatives in - the United States.

Can you inform me: given I am very obviously NOT the Burmese Stephen Law:

(i) how I can avoid having all goods shipped to me from the US to my UK address being blocked and returned to sender by US customs?

(ii) how I can avoid my own bank repeatedly asking me who I am (and requesting information including my DOB, which they already possess) before unblocking any payment from abroad?

My bank knows who I am, and they know I am not the Burmese "Stephen Law" on the specially designated nationals list, but still I have to go through this same rigmarole every single time money is wired to me. How do I avoid this please?

Yours faithfully

Stephen Law

PS Ofac-caused delays to payments to me can run into weeks. On one occasion I ran up overdraft charges as a result of not receiving funds blocked by OFAC.

PPS I was interviewed by Foreign Policy magazine about all this a short while ago.Also interviewed by News Hour on BBC World Service.

Fri, 14 Feb 2014 12:32:16 -0800

Comments: ""

URL: http://www.darpa.mil/opencatalog/

Aptima Inc. Network Query by Example Analytics 2014-07 https://github.com/Aptima/pattern-matching.git stats Hadoop MapReduce-over-Hive based implementation of network query by example utilizing attributed network pattern matching. ALv2 Boeing/Pitt
Publications SMILE-WIDE: A scalable Bayesian network library Analytics 2014-07 https://github.com/SmileWide/main.git stats SMILE-WIDE is a scalable Bayesian network library. Initially, it is a version of the SMILE library, as in SMILE With Integrated Distributed Execution. The general approach has been to provide an API similar to the existing API SMILE developers use to build "local," single-threaded applications. However, we provide "vectorized" operations that hide a Hadoop-distributed implementation. Apart from invoking a few idioms like generic Hadoop command line argument parsing, these appear to the developer as if they were executed locally. ALv2 Carnegie Mellon University
Publications Support Distribution Machines Analytics 2014-07 https://github.com/dougalsutherland/py-sdm.git stats Python implementation of the nonparametric divergence estimators described by Barnabas Poczos, Liang Xiong, Jeff Schneider (2011). Nonparametric divergence estimation with applications to machine learning on distributions. Uncertainty in Artificial Intelligence. ( http://autonlab.org/autonweb/20287.html ) and also their use in support vector machines, as described by Dougal J. Sutherland, Liang Xiong, Barnabas Poczos, Jeff Schneider (2012). Kernels on Sample Sets via Nonparametric Divergence Estimates. ( http://arxiv.org/abs/1202.0302 ). BSD Continuum Analytics Blaze Infrastructure 2014-07 https://github.com/ContinuumIO/blaze.git stats Blaze is the next-generation of NumPy. It is designed as a foundational set of abstractions on which to build out-of-core and distributed algorithms over a wide variety of data sources and to extend the structure of NumPy itself. Blaze allows easy composition of low level computation kernels (C, Fortran, Numba) to form complex data transformations on large datasets. In Blaze, computations are described in a high-level language (Python) but executed on a low-level runtime (outside of Python), enabling the easy mapping of high-level expertise to data without sacrificing low-level performance. Blaze aims to bring Python and NumPy into the massively-multicore arena, allowing it to leverage many CPU and GPU cores across computers, virtual machines and cloud services. BSD Continuum Analytics Numba Infrastructure 2014-07 https://github.com/numba/numba.git stats Numba is an Open Source NumPy-aware optimizing compiler for Python sponsored by Continuum Analytics, Inc. It uses the LLVM compiler infrastructure to compile Python syntax to machine code.

It is aware of NumPy arrays as typed memory regions and so can speed-up code using NumPy arrays. Other, less well-typed code is translated to Python C-API calls effectively removing the "interpreter" but not removing the dynamic indirection.

Numba is also not a tracing just in time (JIT) compiler. It compiles your code before it runs either using run-time type information or type information you provide in the decorator.

Numba is a mechanism for producing machine code from Python syntax and typed data structures such as those that exist in NumPy.

BSD Continuum Analytics Bokeh Visualization 2014-07 https://github.com/ContinuumIO/bokeh.git stats Bokeh (pronounced bo-Kay or bo-Kuh) is a Python interactive visualization library for large datasets that natively uses the latest web technologies. Its goal is to provide elegant, concise construction of novel graphics in the style of Protovis/D3, while delivering high-performance interactivity over large data to thin clients. BSD Continuum Analytics and Indiana University
Publications Abstract Rendering Visualization 2014-07 https://github.com/JosephCottam/AbstractRendering.git stats Information visualization rests on the idea that a meaningful relationship can be drawn between pixels and data. This is most often mediated by geometric entities (such as circles, squares and text) but always involves pixels eventually to display. In most systems, the pixels are tucked away under levels of abstraction in the rendering system. Abstract Rendering takes the opposite approach: expose the pixels and gain powerful pixel-level control. This pixel-level power is a complement to many existing visualization techniques. It is an elaboration on rendering, not an analytic or projection step, so it can be used as an epilogue to many existing techniques. In standard rendering, geometric objects are projected to an image and represented on that image's discrete pixels. The source space is an abstract canvas that contains logically continuous geometric primitives and the target space is an image that contains discrete colors. Abstract Rendering fits between these two states. It introduces a discretization of the data at the pixel-level, but not necessarily all the way to colors. This enables many pixel-level concerns to be efficiently and concisely captured. BSD Continuum Analytics CDX Visualization 2014-07 https://github.com/ContinuumIO/cdx.git stats Software to visualize the structure of large or complex datasets / produce guides that help users or algorithms gauge the quality of various kinds of graphs & plots. BSD Continuum Analytics and Indiana University
Publications Stencil Visualization 2014-07 https://github.com/JosephCottam/Stencil.git stats Stencil is a grammar-based approach to visualization specification at a higher-level. BSD Data Tactics Corporation Vowpal Wabbit Analytics 2014-07 https://github.com/JohnLangford/vowpal_wabbit.git stats The Vowpal Wabbit (VW) project is a fast out-of-core learning system sponsored by Microsoft Research and (previously) Yahoo! Research. Support is available through the mailing list. There are two ways to have a fast learning algorithm: (a) start with a slow algorithm and speed it up, or (b) build an intrinsically fast learning algorithm. This project is about approach (b), and it's reached a state where it may be useful to others as a platform for research and experimentation. There are several optimization algorithms available with the baseline being sparse gradient descent (GD) on a loss function (several are available). The code should be easily usable. Its only external dependence is on the boost library, which is often installed by default. BSD Data Tactics Corporation Circuit Infrastructure 2014-07 https://code.google.com/p/gocircuit/source/checkout Go Circuit reduces the human development and sustenance costs of complex massively-scaled systems nearly to the level of their single-process counterparts. It is a combination of proven ideas from the Erlang ecosystem of distributed embedded devices and Go's ecosystem of Internet application development. Go Circuit extends the reach of Go's linguistic environment to multi-host/multi-process applications. ALv2 Georgia Tech / GTRI
Publications libNMF: a high-performance library for nonnegative matrix factorization and hierarchical clustering Analytics 2014-07 Pending LibNMF is a high-performance, parallel library for nonnegative matrix factorization on both dense and sparse matrices written in C++. Implementations of several different NMF algorithms are provided, including multiplicative updating, hierarchical alternating least squares, nonnegative least squares with block principal pivoting, and a new rank2 algorithm. The library provides an implementation of hierarchical clustering based on the rank2 NMF algorithm. ALv2 IBM Research
Publications SKYLARK: Randomized Numerical Linear Algebra and ML Analytics 2014-07 2014-05-15 SKYLARK implements Numerical Linear Algebra (NLA) kernels based on sketching for distributed computing platforms. Sketching reduces dimensionality through randomization, and includes Johnson-Lindenstrauss random projection (JL); a faster version of JL based on fast transform techniques; sparse techniques that can be applied in time proportional to the number of nonzero matrix entries; and methods for approximating kernel functions and Gram matrices arising in nonlinear statistical modeling problems. We have a library of such sketching techniques, built using MPI in C++ and callable from Python, and are applying the library to regression, low-rank approximation, and kernel-based machine learning tasks, among other problems. ALv2 Institute for Creative Technologies / USC Immersive Body-Based Interactions Visualization 2014-07 http://code.google.com/p/svnmimir/source/checkout stats Provides innovative interaction techniques to address human-computer interaction challenges posed by Big Data. Examples include:
* Wiggle Interaction Technique: user induced motion to speed visual search.
* Immersive Tablet Based Viewers: low cost 3D virtual reality fly-through's of data sets.
* Multi-touch interfaces: browsing/querying multi-attribute and geospatial data, hosted by SOLR.
* Tablet based visualization controller: eye-free rapid interaction with visualizations. ALv2 Johns Hopkins University
Publications igraph Analytics 2014-07 https://github.com/igraph/xdata-igraph.git stats igraph provides a fast generation of large graphs, fast approximate computation of local graph invariants, fast parallelizable graph embedding. API and Web-service for batch processing graphs across formats. GPLv2 Trifacta (Stanford, University of Washington, Kitware, Inc. Team) Vega Visualization 2014-07 https://github.com/trifacta/vega.git stats Vega is a visualization grammar, a declarative format for creating and saving visualization designs. With Vega you can describe data visualizations in a JSON format, and generate interactive views using either HTML5 Canvas or SVG. BSD Kitware, Inc. Tangelo Visualization 2014-07 https://github.com/Kitware/tangelo.git stats Tangelo provides a flexible HTML5 web server architecture that cleanly separates your web applications (pure Javascript, HTML, and CSS) and web services (pure Python). This software is bundled with some great tools to get you started. ALv2 Harvard and Kitware, Inc.
Publications LineUp Visualization 2014-07 https://github.com/Caleydo/org.caleydo.vis.lineup.demos.git stats LineUp is a novel and scalable visualization technique that uses bar charts. This interactive technique supports the ranking of items based on multiple heterogeneous attributes with different scales and semantics. It enables users to interactively combine attributes and flexibly refine parameters to explore the effect of changes in the attribute combination. This process can be employed to derive actionable insights as to which attributes of an item need to be modified in order for its rank to change. Additionally, through integration of slope graphs, LineUp can also be used to compare multiple alternative rankings on the same set of items, for example, over time or across different attribute combinations. We evaluate the effectiveness of the proposed multi-attribute visualization technique in a qualitative study. The study shows that users are able to successfully solve complex ranking tasks in a short period of time. BSD Harvard and Kitware, Inc.
Publications LineUp Web Visualization 2014-07 2014-06 LineUpWeb is the web version of the novel and scalable visualization technique. This interactive technique supports the ranking of items based on multiple heterogeneous attributes with different scales and semantics. It enables users to interactively combine attributes and flexibly refine parameters to explore the effect of changes in the attribute combination. BSD Stanford, University of Washington, Kitware, Inc. Lyra Visualization 2014-07 2014-02 Lyra is an interactive environment that makes custom visualization design accessible to a broader audience. With Lyra, designers map data to the properties of graphical marks to author expressive visualization designs without writing code. Marks can be moved, rotated and resized using handles; relatively positioned using connectors; and parameterized by data fields using property drop zones. Lyra also provides a data pipeline interface for iterative, visual specification of data transformations and layout algorithms. Visualizations created with Lyra are represented as specifications in Vega, a declarative visualization grammar that enables sharing and reuse. BSD Phronesis stat_agg Analytics 2014-07 https://github.com/kaneplusplus/stat_agg.git stats stat_agg is a Python package that provides statistical aggregators that maximize ensemble prediction accuracy by weighting individual learners in an optimal way. When used with the laputa package, learners may be distributed across a cluster of machines. The package also provides fault-tolerance when one or more learners becomes unavailable. ALv2 Phronesis flexmem Infrastructure 2014-07 https://github.com/kaneplusplus/flexmem.git stats Flexmem is a general, transparent tool for out-of-core (OOC) computing in the R programming environment. It is launched as a command line utility, taking an application as an argument. All memory allocations larger than a specified threshold are memory-mapped to a binary file. When data are not needed, they are stored on disk. It is both process- and thread-safe. ALv2 Phronesis laputa Infrastructure 2014-07 https://github.com/kaneplusplus/laputa.git stats Laputa is a Python package that provides an elastic, parallel computing foundation for the stat_agg (statistical aggregates) package. ALv2 Phronesis bigmemory Infrastructure 2014-07 http://cran.r-project.org/web/packages/bigmemory/index.html Bigmemory is an R package to create, store, access, and manipulate massive matrices. Matrices are allocated to shared memory and may use memory-mapped files. Packages biganalytics, bigtabulate, synchronicity, and bigalgebra provide advanced functionality. ALv2 Phronesis bigalgebra Infrastructure 2014-07 https://r-forge.r-project.org/scm/viewvc.php/?root=bigmemory Bigalgebra is an R package that provides arithmetic functions for R matrix and big.matrix objects. ALv2 MDA Information Systems, Inc., Jet Propulsion Laboratory, USC/Information Sciences Institute OODT Infrastructure 2014-07 https://svn.apache.org/repos/asf/oodt/ stats APACHE OODT enables transparent access to distributed resources, data discovery and query optimization, and distributed processing and virtual archives. OODT provides software architecture that enables models for information representation, solutions to knowledge capture problems, unification of technology, data, and metadata. ALv2 MDA Information Systems, Inc.,Jet Propulsion Laboratory, USC/Information Sciences Institute Wings Infrastructure 2014-07 https://github.com/varunratnakar/wings.git stats WINGS provides a semantic workflow system that assists scientists with the design of computational experiments. A unique feature of WINGS is that its workflow representations incorporate semantic constraints about datasets and workflow components, and are used to create and validate workflows and to generate metadata for new data products. WINGS submits workflows to execution frameworks such as Pegasus and OODT to run workflows at large scale in distributed resources. ALv2 MIT-LL
Publications Query By Example (Graph QuBE) Analytics 2014-07 2014-02-15 Query-by-Example (Graph QuBE) on dynamic transaction graphs. ALv2 MIT-LL
Publications Julia Analytics 2014-07 https://github.com/JuliaLang/julia.git stats Julia is a high-level, high-performance dynamic programming language for technical computing, with syntax that is familiar to users of other technical computing environments. It provides a sophisticated compiler, distributed parallel execution, numerical accuracy, and an extensive mathematical function library. MIT,GPL,LGPL,BSD MIT-LL
Publications Topic Analytics 2014-07 Pending Probabilistic Latent Semantic Analysis (pLSA) Topic Modeling. ALv2 MIT-LL
Publications SciDB Infrastructure 2014-07 https://github.com/wujiang/SciDB-mirror.git stats Scientific Database for large-scale numerical data. GPLv3 MIT-LL
Publications Information Extractor Analytics 2014-07 Pending Trainable named entity extractor (NER) and relation extractor. ALv2 Next Century Corporation Ozone Widget Framework Visualization 2014-07 https://github.com/ozoneplatform/owf.git stats Ozone Widget Framework provides a customizable open-source web application that assembles the tools you need to accomplish any task and enables those tools to communicate with each other. It is a technology-agnostic composition framework for data and visualizations in a common browser-based display and interaction environment that lowers the barrier to entry for the development of big data visualizations and enables efficient exploration of large data sets. ALv2 Next Century Corporation Neon Visualization Environment Visualization 2014-07 https://github.com/NextCenturyCorporation/neon.git stats Neon is a framework that gives a datastore agnostic way for visualizations to query data and perform simple operations on that data such as filtering, aggregation, and transforms. It is divided into two parts, neon-server and neon-client. Neon-server provides a set of RESTful web services to select a datastore and perform queries and other operations on the data. Neon-client is a javascript API that provides a way to easily integrate neon-server capabilities into a visualization, and also aids in 'widgetizing' a visualization, allowing it to be integrated into a common OWF based ecosystem. ALv2 Oculus Info Inc.
Publications ApertureJS Visualization 2014-07 https://github.com/oculusinfo/aperturejs.git stats ApertureJS is an open, adaptable and extensible JavaScript visualization framework with supporting REST services, designed to produce visualizations for analysts and decision makers in any common web browser. Aperture utilizes a novel layer based approach to visualization assembly, and a data mapping API that simplifies the process of adaptable transformation of data and analytic results into visual forms and properties. Aperture vizlets can be easily embedded with full interoperability in frameworks such as the Ozone Widget Framework (OWF). MIT Oculus Info Inc.
Publications Influent Visualization 2014-07 https://github.com/oculusinfo/influent.git stats Influent is an HTML5 tool for visually and interactively following transaction flow, rapidly revealing actors and behaviors of potential concern that might otherwise go unnoticed. Summary visualization of transactional patterns and actor characteristics, interactive link expansion and dynamic entity clustering enable Influent to operate effectively at scale with big data sources in any modern web browser. Influent has been used to explore data sets with millions of entities and hundreds of millions of transactions. MIT Oculus Info Inc.
Publications Aperture Tile-Based Visual Analytics Visualization 2014-07 https://github.com/oculusinfo/aperture-tiles.git stats New tools for raw data characterization of 'big data' are required to suggest initial hypotheses for testing. The widespread use and adoption of web-based maps has provided a familiar set of interactions for exploring abstract large data spaces. Building on these techniques, we developed tile based visual analytics that provide browser-based interactive visualization of billions of data points. MIT Oculus Info Inc.
Publications Oculus Ensemble Clustering Analytics 2014-07 https://github.com/oculusinfo/ensemble-clustering.git stats Oculus Ensemble Clustering is a flexible multi-threaded clustering library for rapidly constructing tailored clustering solutions that leverage the different semantic aspects of heterogeneous data. The library can be used on a single machine using multi-threading or distributed computing using Spark. MIT Raytheon BBN Content and Context-based Graph Analysis: PINT, Patterns in Near-Real Time Analytics 2014-07 https://github.com/plamenbbn/XDATA.git stats Patterns in Near-Real Time will take any corpus as input and quantify the strength of the query match to a SME-based process model, represent process model as a Directed Acyclic Graph (DAG), and then search and score potential matches. ALv2 Raytheon BBN Content and Context-based Graph Analysis: NILS, Network Inference of Link Strength Analytics 2014-07 https://github.com/plamenbbn/XDATA.git stats Network Inference of Link Strength will take any text corpus as input and quantify the strength of connections between any pair of entities. Link strength probabilities are computed via shortest path. ALv2 Royal Caliber
Publications GPU based Graphlab style Gather-Apply-Scatter (GAS) platform for quickly implementing and running graph algorithms Analytics 2014-07 https://github.com/RoyalCaliber/vertexAPI2.git stats Allows users to express graph algorithms as a series of Gather-Apply-Scatter (GAS) steps similar to GraphLab. Runs these vertex programs using a single or multiple GPUs - demonstrates a large speedup over GraphLab. ALv2 Scientific Systems Company, Inc., MIT, and University of Louisville BayesDB Analytics 2014-07 https://github.com/mit-probabilistic-computing-project/BayesDB.git stats BayesDB is an open-source implementation of a predictive database table. It provides predictive extensions to SQL that enable users to query the implications of their data --- predict missing entries, identify predictive relationships between columns, and examine synthetic populations --- based on a Bayesian machine learning system in the backend. ALv2 Scientific Systems Company, Inc., MIT, and University of Louisville Crosscat Analytics 2014-07 https://github.com/mit-probabilistic-computing-project/crosscat.git stats CrossCat is a domain-general, Bayesian method for analyzing high-dimensional data tables. CrossCat estimates the full joint distribution over the variables in the table from the data via approximate inference in a hierarchical, nonparametric Bayesian model, and provides efficient samplers for every conditional distribution. CrossCat combines strengths of nonparametric mixture modeling and Bayesian network structure learning: it can model any joint distribution given enough data by positing latent variables, but also discovers independencies between the observable variables. ALv2 Sotera Defense Solutions, Inc.
Publications Zephyr Infrastructure 2014-07 http://github.com/Sotera/zephyr stats Zephyr is a big data, platform agnostic ETL API, with Hadoop MapReduce, Storm, and other big data bindings. ALv2 Sotera Defense Solutions, Inc.
Publications Page Rank Analytics 2014-07 https://github.com/Sotera/page-rank.git stats Sotera Page Rank is a Giraph/Hadoop implementation of a distributed version of the Page Rank algorithm. ALv2 Sotera Defense Solutions, Inc.
Publications Louvain Modularity Analytics 2014-07 https://github.com/Sotera/distributed-louvain-modularity.git stats Giraph/Hadoop implementation of a distributed version of the Louvain community detection algorithm. ALv2 Sotera Defense Solutions, Inc.
Publications Spark MicroPath Analytics 2014-07 https://github.com/Sotera/aggregate-micro-paths.git The Spark implementation of the micropath analytic. ALv2 Sotera Defense Solutions, Inc.
Publications ARIMA Analytics 2014-07 https://github.com/Sotera/rhipe-arima stats Hive and RHIPE implementation of an ARIMA analytic. ALv2 Sotera Defense Solutions, Inc.
Publications Leaf Compression Analytics 2014-07 https://github.com/Sotera/leaf-compression.git stats Recursive algorithm to remove nodes from a network where degree centrality is 1. ALv2 Sotera Defense Solutions, Inc.
Publications Correlation Approximation Analytics 2014-07 https://github.com/Sotera/correlation-approximation stats Spark implementation of an algorithm to find highly correlated vectors using an approximation algorithm. ALv2 Stanford University - Boyd
Publications QCML (Quadratic Cone Modeling Language) Analytics 2014-07 https://github.com/cvxgrp/qcml.git stats Seamless transition from prototyping to code generation. Enable ease and expressiveness of convex optimization across scales with little change in code. ALv2 Stanford University - Boyd
Publications PDOS (Primal-dual operator splitting) Analytics 2014-07 https://github.com/cvxgrp/pdos.git stats Concise algorithm for solving convex problems; solves problems passed from QCML. ALv2 Stanford University - Boyd
Publications SCS (Self-dual Cone Solver) Analytics 2014-07 https://github.com/cvxgrp/scs.git stats Implementation of a solver for general cone programs, including linear, second-order, semidefinite and exponential cones, based on an operator splitting method applied to a self-dual homogeneous embedding. The method and software supports both direct factorization, with factorization caching, and an indirect method, that requires only the operator associated with the problem data and its adjoint. The implementation includes interfaces to CVX, CVXPY, matlab, as well as test routines. This code is described in detail in an associated paper, at http://www.stanford.edu/~boyd/papers/pdos.html (which also links to the code). ALv2 Stanford University - Boyd
Publications ECOS: An SOCP Solver for Embedded Systems Analytics 2014-07 https://github.com/ifa-ethz/ecos.git stats ECOS is a lightweight primal-dual homogeneous interior-point solver for SOCPs, for use in embedded systems as well as a base solver for use in large scale distributed solvers. It is described in the paper at http://www.stanford.edu/~boyd/papers/ecos.html. ALv2 Stanford University - Boyd
Publications Proximal Operators Analytics 2014-07 https://github.com/cvxgrp/proximal.git stats This library contains sample implementations of various proximal operators in Matlab. These implementations are intended to be pedagogical, not the most performant. This code is associated with the paper Proximal Algorithms by Neal Parikh and Stephen Boyd. ALv2 Stanford University - Hanrahan
Publications imMens Visualization 2014-07 https://github.com/StanfordHCI/imMens.git stats imMens is a web-based system for interactive visualization of large databases. imMens uses binned aggregation to produce summary visualizations that avoid the shortcomings of standard sampling-based approaches. Through data decomposition methods (to limit data transfer) and GPU computation via WebGL (for parallel query processing), imMens enables real-time (50fps) visual querying of billion+ element databases. BSD Stanford University - Hanrahan
Publications trelliscope Visualization 2014-07 https://github.com/hafen/trelliscope.git stats Trellis Display, developed in the 90s, also divides the data. A visualization method is applied to each subset and shown on one panel of a multi-panel trellis display. This framework is a very powerful mechanism for all data, large and small. Trelliscope, a layer that uses datadr, extends Trellis to large complex data. An interactive viewer is available for viewing subsets of very large displays, and the software provides the capability to sample subsets of panels from rigorous sampling plans. Sampling is often necessary because in most applications, there are too many subsets to look at them all. BSD Stanford University - Hanrahan
Publications RHIPE: R and Hadoop Integrated Programming Environment Infrastructure 2014-07 https://github.com/saptarshiguha/RHIPE.git stats In Divide and Recombine (D&R), big data are divided into subsets in one or more ways, forming divisions. Analytic methods, numeric-categorical methods of machine learning and statistics plus visualization methods, are applied to each of the subsets of a division. Then the subset outputs for each method are recombined. D&R methods of division and recombination seek to make the statistical accuracy of recombinations as large as possible, ideally close to that of the hypothetical direct, all-data application of the methods. The D&R computational environment starts with RHIPE, a merger of R and Hadoop. RHIPE allows an analyst to carry out D&R analysis of big data wholly from within R, and use any of the thousands of methods available in R. RHIPE communicates with Hadoop to carry out the big, parallel computations. ALv2 Stanford University - Hanrahan
Publications Riposte Analytics 2014-07 https://github.com/jtalbot/riposte.git stats Riposte is a fast interpreter and JIT for R. The Riposte VM has 2 cooperative subVMs for R scripting (like Java) and for R vector computation (like APL). Our scripting code has been 2-4x faster in Riposte than in R's recent bytecode interpreter. Vector-heavy code is 5-10x faster. Speeding up R can greatly increases the analyst's efficiency. BSD Stanford University - Olukotun
Publications Delite Infrastructure 2014-07 https://github.com/stanford-ppl/Delite.git stats Delite is a compiler framework and runtime for parallel embedded domain-specific languages (DSLs). BSD Stanford University - Olukotun
Publications SNAP Infrastructure 2014-07 https://github.com/snap-stanford/snap stats Stanford Network Analysis Platform (SNAP) is a general purpose network analysis and graph mining library. It is written in C++ and easily scales to massive networks with hundreds of millions of nodes, and billions of edges. It efficiently manipulates large graphs, calculates structural properties, generates regular and random graphs, and supports attributes on nodes and edges. BSD SYSTAP, LLC bigdata Infrastructure 2014-07 https://bigdata.svn.sourceforge.net/svnroot/bigdata/ stats Bigdata enables massively parallel graph processing on GPUs and many core CPUs. The approach is based on the decomposition of a graph algorithm as a vertex program. The initial implementation supports an API based on the GraphLab 2.1 Gather Apply Scatter (GAS) API. Execution is available on GPUs, Intel Xenon Phi (aka MIC), and multi-core GPUs. GPLv2 SYSTAP, LLC mpgraph Analytics 2014-07 http://svn.code.sf.net/p/mpgraph/code/ stats Mpgraph enables massively parallel graph processing on GPUs and many core CPUs. The approach is based on the decomposition of a graph algorithm as a vertex program. The initial implementation supports an API based on the GraphLab 2.1 Gather Apply Scatter (GAS) API. Execution is available on GPUs, Intel Xenon Phi (aka MIC), and multi-core GPUs. ALv2 UC Davis Gunrock Analytics 2014-07 https://github.com/gunrock/gunrock.git stats Gunrock is a CUDA library for graph primitives that refactors, integrates, and generalizes best-of-class GPU implementations of breadth-first search, connected components, and betweenness centrality into a unified code base useful for future development of high-performance GPU graph primitives. ALv2 Draper Laboratory
Publications Analytic Activity Logger Infrastructure 2014-07 https://github.com/draperlab/xdatalogger.git stats Analytic Activity Logger is an API that creates a common message passing interface to allow heterogeneous software components to communicate with an activity logging engine. Recording a user's analytic activities enables estimation of operational context and workflow. Combined with psychophysiology sensing, analytic activity logging further enables estimation of the user's arousal, cognitive load, and engagement with the tool. ALv2 University of California, Berkeley
Publications BDAS Infrastructure 2014-07 N/A BDAS, the Berkeley Data Analytics Stack, is an open source software stack that integrates software components being built by the AMPLab to make sense of Big Data. ALv2, BSD University of California, Berkeley
Publications Spark Infrastructure 2014-07 https://github.com/mesos/spark.git stats Apache Spark is an open source cluster computing system that aims to make data analytics both fast to run and fast to write. To run programs faster, Spark offers a general execution model that can optimize arbitrary operator graphs, and supports in-memory computing, which lets it query data faster than disk-based engines like Hadoop. To make programming faster, Spark provides clean, concise APIs in Python, Scala and Java. You can also use Spark interactively from the Scala and Python shells to rapidly query big datasets. ALv2 University of California, Berkeley
Publications Shark Infrastructure 2014-07 https://github.com/amplab/shark.git stats Shark is a large-scale data warehouse system for Spark that is designed to be compatible with Apache Hive. It can execute Hive QL queries up to 100 times faster than Hive without any modification to the existing data or queries. Shark supports Hive's query language, metastore, serialization formats, and user-defined functions, providing seamless integration with existing Hive deployments and a familiar, more powerful option for new ones. ALv2 University of California, Berkeley
Publications BlinkDB Infrastructure 2014-07 https://github.com/sameeragarwal/blinkdb.git stats BlinkDB is a massively parallel, approximate query engine for running interactive SQL queries on large volumes of data. It allows users to trade-off query accuracy for response time, enabling interactive queries over massive data by running queries on data samples and presenting results annotated with meaningful error bars. To achieve this, BlinkDB uses two key ideas: (1) An adaptive optimization framework that builds and maintains a set of multi-dimensional samples from original data over time, and (2) A dynamic sample selection strategy that selects an appropriately sized sample based on a query's accuracy and/or response time requirements. We have evaluated BlinkDB on the well-known TPC-H benchmarks, a real-world analytic workload derived from Conviva Inc. and are in the process of deploying it at Facebook Inc. ALv2 University of California, Berkeley
Publications Mesos Infrastructure 2014-07 https://git-wip-us.apache.org/repos/asf/mesos.git stats Apache Mesos is a cluster manager that provides efficient resource isolation and sharing across distributed applications, or frameworks. It can run Hadoop, MPI, Hypertable, Spark, and other applications on a dynamically shared pool of nodes. ALv2 University of California, Berkeley
Publications Tachyon Infrastructure 2014-07 https://github.com/amplab/tachyon.git stats Tachyon is a fault tolerant distributed file system enabling reliable file sharing at memory-speed across cluster frameworks, such as Spark and MapReduce. It achieves high performance by leveraging lineage information and using memory aggressively. Tachyon caches working set files in memory, and enables different jobs/queries and frameworks to access cached files at memory speed. Thus, Tachyon avoids going to disk to load datasets that are frequently read. BSD University of Southern California
Publications goffish Infrastructure 2014-07 https://github.com/usc-cloud/goffish.git stats The GoFFish project offers a distributed framework for storing timeseries graphs and composing graph analytics. It takes a clean-slate approach that leverages best practices and patterns from scalable data analytics such as Hadoop, HDFS, Hive, and Giraph, but with an emphasis on performing native analytics on graph (rather than tuple) data structures. This offers an more intuitive storage, access and programming model for graph datasets while also ensuring performance optimized for efficient analysis over large graphs (millions-billions of vertices) and many instances of them (thousands-millions of graph instances). ALv2

Why Teachers Won't Be Replaced By Software

Fri, 14 Feb 2014 13:31:44 -0800

Comments: "Why Teachers Won't Be Replaced By Software"

URL: http://blog.trinket.io/teachers-wont-be-replaced/

Marc Andreesen believes that software is eating the world. It’s a very visceral image, and in one sense it’s absolutely true. Software is spreading into every industry, changing how established players must play and even what the rules of the game are. But while many in Silicon Valley and Educational Technology think that software will “eat” teachers, replacing many of them, at trinket we believe software’s role is to create openness, making teachers better and more connected. Far from there being less teachers in the future, we think openness will enable and encourage more people than ever to teach.

Godawful Teachers?

In the midst of a longer Twitter conversation I was having with him and others (which I will likely blog about separately), Andreesen made an interesting comment:

@hauspoor @bfuller181 I think a lot of people don’t understand how godawful many teachers are partic in poor areas. It’s a big problem. — Marc Andreessen (@pmarca) February 3, 2014

My suggestion was that increasing openness into what teachers are doing and what the results were was the solution to bad teaching. Sunlight, disinfectant, etc:

@hauspoor @bfuller181 Also, ruthlessly firing a ton of godawful teachers and replacing with software. — Marc Andreessen (@pmarca) February 3, 2014

Andreesen agreed but thinks there needs to be some sort of culling of the worst teachers. He thinks of education as a government monopoly that has been too long shielded from adaptive pressures. So, logically, he thinks that it’s a natural thing for Software to eat.

Software as Archetype instead of Omnivore

But, backing up, it seems that Andreesen’s assertion that software could replace the worst performing teachers isn’t the only possibility we should consider. Another possibility is suggested by the trajectory of the profession of programming itself. In this view, software won’t replace teaching so much as model its future as an occupation.

There was a time when programmers were regarded as mostly “godawful”, insulated from competence by structure and size. Those of us who have had to endure the dictates and systematic negligence of large IT departments can see where the term ‘Godawful’ might apply.

Yet software has gotten better in the past two decades. Why? How? Can we replicate this success for teaching?

Openness and Teaching’s Future

We can anticipate what’s happening with teaching by looking at how the software industry matured: it became friendler, more open, and more accessible. It did this despite more junior, inexperienced programmers flooding the job market. And, importantly, without someone having to fire the “bottom 10%” of programmers. By connecting people (rather than separating them), transparency gave a better account of who was ‘good’, helped to improve the skills of those who weren’t and has led to the craft of coding to flourish. The craft of teaching is beginning to undergo the same overhaul. In 140 characters, that is:

@pmarca I think this approach is inconsistent. We didn't have to fire bad coders to get good software. We needed openness into what they do — Elliott Hauser (@hauspoor) February 3, 2014

Coursera, Udacity and other massive platforms are delivering content to students but they’re also opening up these instructors’ methods and content to other instructors, for critique, reuse, and inspiration. The Open Courseware Initiative, spearheaded by MIT’s forward-thinking leadership, has made a default of openness a reality for a growing number of universities. And, all along, the humble course page has remained the most prevalent form of open teaching.

Professors have been sharing course materials online for almost as long as the Web has been around, often via hand-written HTML. Inspired and encouraged by this, we’re building the easiest way to make an interactive course page to support classroom teaching. While the purpose of most online course materials is to let students access them, we’re also building direct support for instructor-to-instructor interaction around materials. This is harder than it looks, but we think we’ve cracked the code. More in a future blog post. For now, let’s sum this up.

Why Andreesen and other VCs are Wrong about Software Eating Teaching

I’ll admit it’s somewhat unfair to write a blog post around a few tweets, inferring deeper thoughts on complex issues from 140 character snippets. So I may very well have misrepresented Andreesen’s thoughts, though I’m confident that I’m pretty close to the mark. Like I said before, though, I don’t think that Andreesen or most venture capitalists have malevolent intentions. Far from that: they’re seeking business opportunities that do real good for the world. In that way we’re on the same mission.

But I think they’ve made an error in logic when they assume that teachers will be replaced by technology. Encouraged by software’s staggering proliferation into every corner of the modern economy, they’ve been blinded to the parallels between the professions of programming and of teaching. If software ‘eats’ teaching, it will look like how software has ‘eaten’ itself: more tools to make humans more productive, effective, and connected. We will not see the rise and triumph of Teaching Machines that replace teachers any more than we’ve seen Coding Machines make coders obsolete. Rather, the need for teachers will increase apace of human innovation more broadly, and the most innovative companies in the ed tech space will augment, connect, and amplify these professionals.

In our industry, companies like Bloc, General Assembly, and DevBootCamp understand that the human element is central to teaching and are, similarly, building technology that augments good teachers rather than seeking to replace them. That’s also the approach we’re taking here at trinket.

We don’t know what the future of education looks like but, if we’re reading these trends right they point to more openness, more teachers, and software firmly ensconced as a tool for open teaching.

Thanks to Dave Paola from Bloc.io and Brian, Ben, Julia, and Pardees from the trinket team for reviewing earlier versions of this post. And, of course, to Marc Andreesen for helping spark the discussion on Twitter.

Throwing in the towel on becomming a programmer

Fri, 14 Feb 2014 13:31:44 -0800

Comments: "Throwing in the towel on becomming a programmer"

URL: http://waterstreetgm.org/throwing-in-the-towel-on-becomming-a-programmer/

I think ready to hang up my programmer skates. In fact, it seems more likely that I never had skates to begin with. In the past 5-10 years, I’ve attempted to learn to code in virtually all of the major web languages and environments, using all of the latest tools and and classes and tutorials—and I’ve failed miserably every single time.

I just stumbled across Dawn Casey’s omg! I’m a n00b and too afraid to start. It is unbelievably good. Go read it, I’ll wait. Some parts are sad, some parts are laugh-out-loud funny, and I’m sure there are some parts in the middle there that are encouraging to beginners, but I can see right through the whole thing. The whole ebb and flow from “holy man, I’m completely lost” to “humm…I think I’m starting to finally get this!” is something I know very, very well. I’ve felt this addictive, though ultimately disappointing feeling many times.

We’ll have some fun reliving the agony in a moment, but first a word of background for the folks at home: although I can’t program I can definitely code. The distinction needs to be made there. I’ve been coding for years and have actually gotten pretty good at it. WordPress is my main tool of choice and I’ve gotten quite handy with it — I maintain my own starter theme (a fork / amalgamation of several projects), I write all of my projects from scratch, I write (modify) all kinds of custom functions to make different parts work, and I generally know the ins and outs of building reasonably complex sites with WordPress. On top of that, I’m extremely comfortable in the command line and I use Git for almost everything I work on. All that is to say that A) I’m not a beginner, and B) I’m not non-technical. But, as we’ll now learn, I’m absolutely not a programmer.

A Sense of an Endpoint or, The Trouble with Programming

Over the years I have tried to learn all the big players: PHP, Javascript, Ruby, Python, Perl, Java and Objective C. I have failed to learn all of these. It’s almost staggering to even write/realize this. Seven languages. Seven! And I completely and utterly failed at learning all of them. What’s the issue then? After all these years, I think I’ve finally come up with the answer: although the road to starting to learn all of these languages is manageable, they all have a brick wall at the end. Let’s look at the four I spent the most time with:

PHP

PHP is my “best” language, though that’s a dubious honour. It’s the one I’ve been playing with the longest, and the one I’m most comfortable in, given all my time spent with WordPress. PHP is (should be?) a great language to learn with because all of the environment stuff is taken care of for you—just download MAMP, stick some PHP tags into a document and off you go. This is the language I’ve definitely spent the most time with — I’ve done several courses, read several thick books, read literally zillions of tutorials. I’ve gone through lengthy tutorials where I create an object that has a PDO or something to access my fake eCommerce store in my fake database. Things have actually gone fairly well a few times with PHP, in that I’ve gotten fairly far along with the material, but it never lasts long. Pretty soon it’s midnight on a Tuesday and I’m trying to access a query string that was sent via $_POST and I get thinking, “You know? Life is waaaaaay too short for this”.

I’m sorry…..what?

So, while starting with PHP is great, going beyond the basics has felt like solving a Rubik’s Cube with my toes. In the end, every single time, I’ve decided that there’s no way I’d ever want to build anything with PHP that I couldn’t already do much faster/easier/better with WordPress. And hence, I’ve given up.

Javascript

This is the real fun one! I’ve spent almost as much time with Javascript as I have with PHP. I started with jQuery (which I can use reasonably capably) and eventually worked backwards into plain Javascript. It’s actually a lot of fun, at first. The thing with Javascript is you have control over when things happen. This control is given to you by funny things called “callbacks”. Essentially, you use a function to call (or “callback”) another function. Let’s say for some reason you wanted to hide every image in on page for 10 seconds on page load. All you need to do is create a timer function that counts for 10 seconds and then call the image loading function as a callback to that. See? Fun!

The not fun part about Javascript is that brick wall I was talking about earlier. After spending a lot of time going through tutorials and courses and reading books and building little projects, I really felt like I was ready to take on the Javascript world. After you’ve got the basics down pat, the logical next step is browsing through the 500 TodoJS apps and spending a month trying to decide which MVC framework will suit you best. After you decide, it will take you another month to try and figure out what an MVC framework even does. I still don’t really know.

So, when people tell you that Javascript is the wave of the future, this is what they’re talking about. If you’re feeling pretty good about all the JS you know, just have a look at this:

I’m sorry, ({ what })?

At first I thought, “Hummm, I’m really catching onto this Javascript stuff!” Everything’s an object, callbacks, hell, I even understood what the module pattern was and why it made sense to use it (to avoid this “spaghetti” business people talk about)! But turning all that knowledge into a working Backbone app? That felt like swimming in cement. The funny thing about Javascript is that I still can’t see a way for me bridge those two worlds. I simply can’t see how I can take all these fundamentals that I know about Javascript now, and scaffold it up enough so that something like Backbone even makes sense to me. Despite hours and hours and hours of work, getting to that “next level” with Javascript feels literally impossible.

Python

I don’t have a lot to say about Python, except that I know the promise from xkcd is an empty one. I tried it a few times, and worked through the course at Codecademy, but it never felt very natural. I didn’t spend too long with it, but it never really clicked. On top of that, there’s a constant din of “Python’s not for you, it’s for them ({scientists, academics, hackers, statisticians, someone else})” out there if you look up stuff about Python. The language has always been really appealing for me, but for better or worse it’s never felt like something I should invest my time in. That, combined with the fact that I discovered Ruby meant the end for Python.

Ruby

If you’ve never touched a single language, this is the one for you. It really is beautiful, like so many say. It’s short, concise, fun, productive, and a lot of it really, truly reads like English. Of all the languages, Ruby was by far the most natural and fun. In the months I spent learning Ruby the hard way, I’d run home from work to get back to it. I really loved working on new things in Ruby — they all just made sense so quickly. By the end, I was feeling so happy and comfortable with Ruby that I even tackled some problems in Project Euler with it.

But as I look back at it now, I could have easily used PHP or Javascript for those same problems. I still like the syntax of Ruby better than all the others, but I wasn’t doing anything with Ruby that I couldn’t do with PHP or JS. I’d write a clunky function that did something with x and y and returned some value at the end. Doing it with Ruby was fun, but I wasn’t doing anything beyond playing with the primitives. Well, what’s beyond the privatives you ask? In short: Rails. Just like all the others, Ruby has a brick wall as well. It’s called Rails. The only thing is, Rails isn’t just a brick wall, it’s a brick mountain.

A few years back, I spent about a month getting comfortable with Ruby. It was actually really nice, and as I’ve said, fun. Actual, legitimate fun. After I was happy with where I was with Ruby the language, I started in ernest with Michael Hartl’s famous Rails Tutorial. I probably lasted another 6 weeks after that, but I knew pretty early on that it really wasn’t going to happen for me. In the tutorial, Hartl introduces Ruby, Rails, Git, Heroku, Test Driven Development and just about everything else you can think of, right from the start. By the end of the first month, I had literally no idea what was going on. I’d rake something and then route something else, and then I’d try and migrate up to (or down from) somewhere and absolutely none of it made any sense. By quittin’ time (around week 6) I was 100% convinced that anything I’d end up building with Rails could be build in a fraction of the time in WordPress.

Sure, but what about Sinatra? I actually did a few projects with Sinatra as well, and really liked using it. It felt pretty fun too. Way less behind the scenes magic, and you could actually see what was going on. But what was the point? Rails is still the big endpoint, and playing around with Sinatra really doesn’t get you too far down the road to learning Rails.

A light at the beginning of the tunnel

The whole business of programming is extremely complex. There are so many moving parts to anything these days, and one could easily spend a year just learning the tools available for a given language/environment. Javascript is a perfect example of this—it’s completely and utterly obsessed with tools. Not that these tools aren’t useful, there’s just a million of them.

I’ll end with two excerpts. First, a quote from the omg I’m a noob piece that I mentioned at the top, that sums all of this up nicely for me:

Second, probably the true impetus for writing this post, is a few lines from David DeSandro‘s ImagesLoaded Javascript plugin. While en route down a winding rabbit hole the other day, I stumbled across this plugin and took a second to look through the code to see if any of it made sense to me. By about line 20, I was actually laughing out loud. I have no clue whatsoever what the code is doing, despite all of my courses and books and hours spent at the screen. Here’s the selection that made me spit coffee onto my keyboard:

Really though, just what is happening here?

It’s not that I’m done trying to learn any of this, or certainly not that I don’t find any of it enjoyable. I suspect that in years to come, I’ll go pick up a fresh copy of Ruby again and spend a month or two using it to figure out some Project Euler problems, but I think that my ambitions to become a programmer have finally extinguished. And I think I’m actually relieved by this.

Here’s to spending more time outside!

MakeGamesWith.Us

Fri, 14 Feb 2014 13:07:35 -0800

Comments: "MakeGamesWith.Us"

URL: https://www.makegameswith.us/build-your-valentine-a-game-in-your-browser/?

Take a quick tour around the interface
just so you don't get lost.

Continue!

You have finished your game! You should share it on Facebook or copy the link to your valentine!

Share on Facebook! I'm Done!

It looks like you have an error. Hover over the red X next to the line of code to see the details.

Got It!

We ran into a problem trying to run your game. Please try again.

Got It!

Our servers are overloaded so your games may take some time to load. Please be patient or try again later!

Got It!

One of our partners is experiencing issues at the moment. If you have issues running your game, please try again soon!

Got It!

One of our partners is experiencing issues at the moment. If you run into an issue with your simulator, please keep clicking "Tap to Play" until it succeeds.

Got It!

Would you like to continue where you left off, or start over? Keep in mind if you start over you will lose all of your progress!

Start Over Continue

Tesla electric car catches fire in Toronto; company at a loss to explain - The Globe and Mail

Fri, 14 Feb 2014 13:11:35 -0800

Comments: "Tesla electric car catches fire in Toronto; company at a loss to explain"

URL: http://www.theglobeandmail.com/report-on-business/tesla-says-cause-of-toronto-garage-fire-not-yet-determined/article16898563/

Electric car maker Tesla Motors Inc. said it has not yet determined how a Model S sedan parked in its owner’s garage in Toronto caught fire earlier this month.

The fire comes a month after Tesla revamped the software and the wall adapters used to charge the batteries in its cars, following a November garage fire involving a Model S in Irvine, California. The Model S involved in the Toronto fire was not being charged, according to a media report.

More Related to this Story

Tesla said it has “definitively determined” that the Toronto fire did not originate in the battery, the charging system, the adapter or the electrical receptacle, noting that these components were untouched by the fire.

“In this particular case, we don’t yet know the precise cause,” Tesla said in a statement.

The company would not provide further details about the incident.

The Business Insider blog, which first reported the Toronto fire on Thursday, said the Model S caught fire after the owner came home from a drive. The four-month-old car was not plugged into an electric socket, Business Insider said, citing an anonymous source.

Model S cars, which sell for roughly $70,000 to $90,000, are powered by lithium-ion batteries that are charged by plugging the car into an electrical outlet.

Seven Tesla employees visited the Toronto owner of the vehicle that caught fire, and the company offered to take care of the damages caused by the fire, according to the Business Insider report.

The U.S. National Highway Traffic Safety Administration said it was aware of the fire in Canada.

“Since the incident occurred outside the territorial boundaries of the United States, the agency will be in contact with the manufacturer and others to gather the facts and take whatever action is warranted by the circumstances,” the NHTSA said in a statement.

Three road fires last fall in Model S sedans, including two in the United States and one in Mexico, caused Tesla’s stock to drop sharply in October, although the stock’s price since then has risen to just above $200.

The U.S. National Highway Traffic Safety Administration is investigating the two U.S. fires.

Instapainting Turns Your Photos Into Hand-Painted Oil Paintings On The Cheap | TechCrunch

Fri, 14 Feb 2014 13:16:35 -0800

Comments: "Instapainting Turns Your Photos Into Hand-Painted Oil Paintings On The Cheap | TechCrunch"

URL: http://techcrunch.com/2014/02/14/instapainting-turns-your-photos-into-hand-painted-oil-paintings-on-the-cheap/

Surprise! It’s Valentine’s Day, the stealthiest of all the holidays. Sneaks up on you, doesn’t it?

If you’re trying to get a gift today, you… might be a bit short on options. Will you go with the gas station teddy bear? The twice-crushed box of chocolates? A bouquet of acceptable-looking roses for $200?

If your nearly-forgotten flame would be content with the promise of a pretty cool gift in a few weeks, though, you might be set. Instapainting, a YC-backed company launching this morning, turns any photo into a hand-painted piece on canvas for under $100 bucks.

If you’ve ever tried to have something like this done before, you probably know: this exists. A few companies have been doing the whole photo-into-art thing for years. Where Instapainting thinks they have them beat, however, is in pricing and speed.

Instapainting’s smallest option (a 12″x12″ canvas) starts the pricing at $53 (including shipping), with the largest option (29.33″x22″) going for $130 . A quick search turns up a number of others in this space — OilPaintingExpress, OilPaintings.com, and myDavinci to name a few. The next wallet-friendliest option I could find was OilPaintingExpress, where a 12″x12″ work starts at $119. Most of them start the pricing at $200-$300 dollars.

Instapainting’s website is also a bit more… modern, for lack of a better word. Setting up your order takes all of a few seconds; upload your photo, crop it to the region you like, pick a canvas size, and you’re set. Built on top of tools like FilePicker and Stripe, the whole ordering flow is slick and simple.

So how do they keep the prices down? A few ways:

Your original photo is printed onto canvas first, and this printed piece is used as the base/foundation of the hand painted piece. In other words: they’re painting on top of the photo. The artist still has to know how to properly mix colors and how to recreate lights/shadows/etc. in oil, but it’s a whole lot quicker than starting on blank canvas. Many a professional artist might balk at the idea — but unless your friends start scratching at the paint to see what’s underneath, they probably won’t be able to tell.
As you might’ve guessed, much of the work is done overseas. Instapainting’s founders source their painters (primarily in China) one-by-one, mostly through their myriad online profiles. After quietly starting to roll the service out around a month ago, Instapainting says they have just shy of 100 painters producing pieces.
They ship your art rolled in a tube, leaving it to the customer to frame it or stretch it onto canvas. The company tells me they’re working on a quick-assembling canvas frame that they can pack into the shipping tubes, but that’s still a few months out.

But what about shoddy work? Cheaper rarely means better, after all. To keep quality up, Instapainting puts two layers of protection into the mix: first, each painting is checked by a second set of eyes before it heads out to the customer. Second, they guarantee their work; if you don’t dig the oil-painted version they send you, they’ll remake it or give you a full refund.

Meanwhile, the company is also dabbling with the idea of being a marketplace for artists looking to have their work recreated by hand. Artists upload the digital version of their painting or photograph, and Instapainting recreates their work and shares the revenue. It’s not quite the same as buying an original piece by the original artist, of course — but when your main concern is how it looks hanging above your couch, it’s a nice alternative to buying a standard print.

We’re planning on putting the just-launched service through the proper paces, so be on the lookout for a full review in the coming weeks.

Bitcore

Fri, 14 Feb 2014 13:46:44 -0800

Comments: " Bitcore "

Internet troll personality study: Machiavellianism, narcissism, psychopathy, sadism.

Fri, 14 Feb 2014 13:55:44 -0800

Comments: "Internet troll personality study: Machiavellianism, narcissism, psychopathy, sadism."

URL: http://www.slate.com/articles/health_and_science/climate_desk/2014/02/internet_troll_personality_study_machiavellianism_narcissism_psychopathy.html

The Internet is sadists' playground.Medioimages/Photodisc

In the past few years, the science of Internet trollology has made some strides. Last year, for instance, we learned that by hurling insults and inciting discord in online comment sections, so-called Internet trolls (who are frequently anonymous) have a polarizing effect on audiences, leading to politicization, rather than deeper understanding of scientific topics.

That’s bad, but it’s nothing compared with what a new psychology paper has to say about the personalities of trolls themselves. The research, conducted by Erin Buckels of the University of Manitoba and two colleagues, sought to directly investigate whether people who engage in trolling are characterized by personality traits that fall in the so-called Dark Tetrad: Machiavellianism (willingness to manipulate and deceive others), narcissism (egotism and self-obsession), psychopathy (the lack of remorse and empathy), and sadism (pleasure in the suffering of others).

It is hard to underplay the results: The study found correlations, sometimes quite significant, between these traits and trolling behavior. What’s more, it also found a relationship between all Dark Tetrad traits (except for narcissism) and the overall time that an individual spent, per day, commenting on the Internet.

In the study, trolls were identified in a variety of ways. One was by simply asking survey participants what they “enjoyed doing most” when on online comment sites, offering five options: “debating issues that are important to you,” “chatting with others,” “making new friends,” “trolling others,” and “other.” Here’s how different responses about these Internet commenting preferences matched up with responses to questions designed to identify Dark Tetrad traits:

E.E. Buckels et al, "Trolls just want to have fun," Personality and Individual Differences, 2014.

To be sure, only 5.6 percent of survey respondents actually specified that they enjoyed “trolling.” By contrast, 41.3 percent of Internet users were “non-commenters,” meaning they didn’t like engaging online at all. So trolls are, as has often been suspected, a minority of online commenters, and an even smaller minority of overall Internet users.

The researchers conducted multiple studies, using samples from Amazon’s Mechanical Turk but also of college students, to try to understand why the act of trolling seems to attract this type of personality. They even constructed their own survey instrument, which they dubbed the Global Assessment of Internet Trolling, or GAIT, containing the following items:

I have sent people to shock websites for the lulz.

I like to troll people in forums or the comments section of websites.

I enjoy griefing other players in multiplayer games.

The more beautiful and pure a thing is, the more satisfying it is to corrupt.

Yes, some people actually say they agree with such statements. And again, doing so was correlated with sadism in its various forms, with psychopathy, and with Machiavellianism. Overall, the authors found that the relationship between sadism and trolling was the strongest, and that indeed, sadists appear to troll because they find it pleasurable. “Both trolls and sadists feel sadistic glee at the distress of others,” they wrote. “Sadists just want to have fun ... and the Internet is their playground!”

The study comes as websites, particularly at major media outlets, are increasingly weighing steps to rein in trollish behavior. Last year Popular Science did away with its comments sections completely, citing research on the deleterious effects of trolling, and YouTube also took measures to rein in trolling.

But study author Buckels actually isn’t sure that fix is a realistic one. “Because the behaviors are intrinsically motivating for sadists, comment moderators will likely have a difficult time curbing trolling with punishments (e.g., banning users),” she said by email. “Ultimately, the allure of trolling may be too strong for sadists, who presumably have limited opportunities to express their sadistic interests in a socially-desirable manner.”

Using pry in production - Without shooting yourself in the foot - Bugsnag

Fri, 14 Feb 2014 14:08:44 -0800

Comments: "Using pry in production - Without shooting yourself in the foot - Bugsnag"

URL: https://bugsnag.com/blog/production-pry

Using pry in productionWithout shooting yourself in the footConrad Irwin

Bugsnag has been using pry as a replacement for ruby's irb console since before I joined (disclaimer: I'm one of the pry core team). It's better than irb for a number of reasons, but chief among them are that it syntax highlights input and output, and it crashes less often.

This is most useful in development, when you spend a considerable amount of time in the console, but it's also useful in production when you need to analyze (or even fix) production data. Here are some simple instructions to get you started.

1. Include pry in the Gemfile

Making pry work in production is easy, you just add it to the production part of the Gemfile. We also use pry-plus, but we restrict that to development because it's less useful in production and some of the plugins are less well tested than pry itself.

# Gemfile
gem 'pry-rails'
gem 'pry-plus', group: :development

Once you've changed the Gemfile, run bundle and then deploy. Pry will be available in production.

2. Change the prompt in production

Using the same console in development as production had an unforeseen problem. The prompt looked the same wherever you were. This led to code being run in production that was intended for development.

No permanent damage was done, but we decided that we should make it really really obvious which environment you're running in. To this end, we added a rails initializer that sets the prompt to something scary in production.

# config/initializers/pry.rb
# Show red environment name in pry prompt for non development environments
unless Rails.env.development?
 old_prompt = Pry.config.prompt
 env = Pry::Helpers::Text.red(Rails.env.upcase)
 Pry.config.prompt = [
 proc {|*a| "#{env} #{old_prompt.first.call(*a)}"},
 proc {|*a| "#{env} #{old_prompt.second.call(*a)}"},
 ]
end

Now it's obvious when you're in production :).

3. Wrap it in a script

Running pry in production is surprisingly fiddly, particularly if you're trying to do it to answer an urgent question. You need to remember which directory to run it from, to use bundle exec, and to pass production as an argument.

To make this easier to do we added a production-console command to our chef recipes. All it does is open pry with all the options set.

#/usr/local/bin/production-console
cd /apps/bugsnag-website/current
bundle exec rails console production

4. Designate a 'pry' machine

This solved most of out problems, until one afternoon we noticed that one of our web servers was performing signficantly less well than the others. I logged into the machine to have a look around, and I found that a large portion of its CPU and RAM were being used by a pry session someone had left in a screen.

Now we only ever use pry on our monitor machine. The monitor machine usually spends its time doing non-critical things, like running monit, graphite, and cron. As some of the cron jobs we do require our rails codebase, production-console already worked on that machine, so it was the obvious choice.

To ensure that I don't forget which machine to ssh into, I have an alias defined in my ~/.zshrc that lets me run production-console on my laptop.

# ~/.zshrc
alias production-console='ssh -t monitor zsh -l -c production-console'

I hope that makes your console better in production. If you have other tips on improving pry in production, let us know @bugsnag.

Create Your Bugsnag Account

Bugsnag captures exceptions in real-time from your web, mobile and desktop applications, helping you to understand and resolve them as fast as possible.

You should create a free Bugsnag account today.

‹ return to posts

TrueVault Launches To Bring Easy HIPAA Compliance To Startups And Health Apps | TechCrunch

Fri, 14 Feb 2014 15:12:45 -0800

Comments: "TrueVault Launches To Bring Easy HIPAA Compliance To Startups And Health Apps | TechCrunch"

URL: http://techcrunch.com/2014/02/14/truevault-launches-to-bring-easy-hipaa-compliance-to-startups-and-health-apps/

It was the best of times, it was the worst of times: In an effort to jumpstart the U.S. economy amidst the runaway blight of the “Great Recession” and financial crisis beginning in 2008, Congress scrambled to enact and then distribute its unprecedented and controversial $787 billion economic stimulus package. Among other things, the Stimulus Bill acted as a vehicle for another landmark piece of legislation, the HITECH Act, which sought to lay the foundations for sweeping healthcare reform.

Not only did the HITECH Act aim to encourage the bloated healthcare industry to lower costs and adopt healthcare information technology and electronic health records, it brought key changes to HIPAA privacy and security provisions as well. In January, these changes were finalized, and they important implications for all digital health companies, technology providers and app developers.

The rule changes (and the rules themselves) are complex, and they require startups and engineers to put in a lot of work to maintain compliance. In healthcare, where the need for efficiency-increasing, cost-reducing technology (and more engineers) is paramount, this is a problem. In a lot of cases, rather than take the time to become HIPAA-compliant, startups and developers are pairing back the features and functionality of their applications. This reduces the overall value proposition of the product and strips it of an important part of the feedback loop.

Luckily, TrueVault has your back. Launching out of Y Combinator’s most recent batch of startups, TrueVault is on a mission to unburden startups of the time-consuming, progress-stalling process of HIPAA compliance so that they can get back to focusing on what’s really important: Fixing the healthcare experience.

Over the last two years, there’s been an explosion in mobile health apps. The problem, however, is that many of them are crap. Some of them are just clones, but many of them lack the kind of functionality that people want out of a mobile health app. The average consumer wants to access health information, not uncontextualized data, but the new changes to HIPAA require compliance from apps and technology that delivering health information.

TrueVault wants to solve this problem by offering a secure API to store health data and simplify the complexity of HIPAA compliance. The idea is to save startups hundreds of development hours by ensuring that they can avoid worrying about setting up and maintaining a HIPAA-compliant application stack. Instead, TrueVault handles all physical and technical safeguards required by HIPAA, while working like the majority of API services, says co-founder Trey Swann.

TrueVault targets startups, web and mobile apps and wearables, enabling them to store and search protected health information (PHI) in any file format through RESTful APIs. It will sign a “Business Associate Agreement, and protects customers under a comprehensive Privacy and Data breach insurance policy,” as HIPAA is wont to make everyone do.

Now of course, you may say: “But, Rip, there are plenty of HIPAA-compliant hosting providers. What about those?” Touche, my friend. Touche. Familiar names like AWS, FireHost and RackSpace all offer HIPAA-compliant posting and will sign a BAA. So, you could move your applications and health data over to one of the big players.

Many startups are facing this “build vs. buy” decision right now. That’s why co-founder Trey Swann sees big opportunity for TrueVault. The value proposition that TrueVault claims over HIPAA-compliant hosting providers, he says, is that they still require companies to spend months building a HIPAA-compliant app stack in that environment, which require a laundry list of technical specifications.

The other benefit is cost. If a company wants to sign a BAA with AWS, it needs to use dedicated instances and each instance hour is 10 percent more than the standard fee. Plus, their meter starts at $1,500/month if they want to become HIPAA-compliant with AWS (meter starts at $2/instance hr, over a month it is approx. $1,500). FireHost, on the other hand, starts at $1,115/month and you are charged a $250 premium for each HIPAA-ready instance that’s added.

Instead, TrueVault is offering its service at a fairly competitive price point: $0.001/API call. Yes, that’s 100K calls for $100. Swann says that unlimited file and JSON storage are included in that price. Not bad for a service that offers automatic encryption of all data stored, APIs for searching that encrypted data, audit tracking, proactive monitoring, hashes, uptime and SLA.

The key, though, is search. In order to be compliant with HIPAA, apps have to encrypt their databases, which means your app can’t search their data, and the functionality suffers as a result. TrueVault’s service protects your data and also allows you to query that protected data. Companies can get unlimited file and JSON storage, and search any JSON document and binary field, or have their apps call TrueVault’s Search API directly to quickly add a search interface to their apps.

Today, TrueVault has about 5 million documents stored on its platform and millions of API calls are being made to its APIs every week. The startup has already signed on nearly 200 companies, including image32, LifeVest Health, Weave and Rocky Mountain Health Plans and is growing fast.

For more, check out TrueVault at home here.

Venezuelans Blocked on Twitter Amid Opposition’s Protests - Businessweek

Fri, 14 Feb 2014 15:30:39 -0800

Comments: "Venezuelans Blocked on Twitter Amid Opposition’s Protests - Businessweek"

URL: http://www.businessweek.com/news/2014-02-14/twitter-says-venezuela-blocks-its-images-amid-protest-crackdown

Twitter Inc. (TWTR:US) said the Venezuelan government blocked users’ online images as opposition groups marched through Caracas for a third day, demonstrating against record shortages and the world’s fastest inflation.

Nu Wexler, a Twitter spokesman, confirmed in an e-mail that the government was behind the disruption. President Nicolas Maduro banned protests Feb. 12 and has asked his supporters to counter with a “march against fascism” tomorrow, in a week of social unrest that has left at least three Venezuelans dead.

Related:

Boyâ€™s Life Hanging on 8-Hour Trip Shows Why Venezuelans Protest
Opinion: Let's Watch Venezuela Destroy Itself

In the absence of information from the government or local television outlets, Venezuelans have turned to foreign reporters and social media for news. Twitter users had been posting their photos of demonstrations that started in provincial towns earlier this month, providing an alternative to state-controlled media. It’s unclear if photos are blocked for users of all Internet providers in Venezuela, Wexler said.

“We won’t cease protests until all our comrades are free,” Gaby Arellano, a leader of the Andes University student union and member of the opposition party Voluntad Popular, said by telephone today. “We will continue fighting for our democratic rights.”

Maduro ordered police on Feb. 12 to detain opposition leaders for inciting violence after clashes between opposition-affiliated students and armed pro-government socialist collectives left 66 people injured and 118 under detention, according to the Interior Ministry.

Cantv Denial

State-run phone company Cia. Anonima Nacional Telefonos de Venezuela SA, or Cantv, denied blocking the images of San Francisco-based Twitter. Twitter’s servers are outside of Venezuela, and other countries experienced the same issue, the company said in an e-mailed statement today.

A spokesman for the Information Ministry, who can’t be named because of internal policy, said he had no problem seeing pictures on his Twitter account, which he uses to follow friends and family.

Students have defied Maduro’s ban on protests, blocking Caracas’ major avenues today on the way to the Eastern Cemetery to bury student Roberto Redman, one of the three killed in Feb. 12 clashes.

Only 10 of the 118 people detained have been charged to-date, mostly for instigating violence, according to the prosecutor general’s office. Human rights group Venezuelan Penal Forum put the number of detained at 148.

‘No Idea’

Alex Matute, a Caracas-based web developer, said his brother Angel, a 24-year-old student, was among the 30 protesters who were held by the National Guard without being charged and without access to lawyers or family for two days, before being driven to courts.

“We have no idea what they plan to do with him,” Alex Matute said by telephone today. “The police won’t tell us anything.”

A National Guard spokesman, who can’t be named because of internal policy, and Interior Ministry spokesman Marco Hernandez declined to comment, citing national-security risks.

Maduro has accused international outlets of bias. He took Colombian station NTN24 off the air after the protests and in a national address yesterday criticized Agence France Presse for “manipulating information.”

‘Massive Attack’

In November, Maduro asked authorities to investigate a disappearance of 6,000 of his 1.4 million Twitter followers, calling it a “massive attack” by the “international right wing.”

Billy Vaisberg, who runs an online directory of Venezuelan Twitter users called TwVen.com, said he had received several reports today from people who couldn’t see images on their feeds. In a post on its Spanish-language account, @twitter_es, Twitter advised Venezuelan users to subscribe to its text-message service to get updates.

“We are having a media blackout,” Josefina Blanco, a freelance science journalist and social media user, said in an e-mail from Caracas. Only because of Twitter, NTN24 and radio station RCR 750, “we can know what is really going on in our streets,” she said.

Inflation more than doubled in Venezuela in the past year to 56.3 percent in January, according to the central bank. At the same time, the central bank’s scarcity index rose to a record 28 percent, meaning that more than one in four basic goods was out of stock at any given time.

Bonds Fall

Amid the threat of new social unrest, the South American country’s benchmark dollar bond due in 2027 fell 0.67 cent to 64.85 cents on the dollar, near a 30-month low. The yield on the bond rose 16 basis points to 15.53 percent, at 3:40 p.m. in New York.

“The opposition has made a huge progress in the past week, as a couple of student protests have reignited the movement,” David Smilde, a senior fellow at the Washington Office on Latin America, said by telephone from Caracas yesterday. “If in the coming months the economy gets substantially worse and the protests continue, Maduro will be in tough position.”

To contact the reporters on this story: Patricia Laya in Mexico City at playa2@bloomberg.net; Sarah Frier in San Francisco at sfrier1@bloomberg.net; Anatoly Kurmanaev in Caracas at akurmanaev1@bloomberg.net

To contact the editors responsible for this story: Andre Soliani at asoliani@bloomberg.net; Nick Turner at nturner7@bloomberg.net

Dropbox’s hiring practices explain its disappointing lack of female employees

Fri, 14 Feb 2014 15:22:45 -0800

Comments: "Dropbox’s hiring practices explain its lack of female employees"

URL: http://www.washingtonpost.com/blogs/innovations/wp/2014/02/14/dropboxs-hiring-practices-explain-its-disappointing%e2%80%8b-lack-of-female-employees/

(Dropbox)

“If someone came in right now and announced that the zombie apocalypse had just started outside, what would you do in the next hour? What is something that you’re geeky about? What is a superpower you would give to your best friend?” These are the types of questions that you could be asked if you apply for a job at Dropbox. Business Insider culled these and other quirky interview questions from a career Web site, Glassdoor.

Dropbox, which provides online storage, is clearly looking for creative people who can think outside the box and wants to make interviews more fun. It is not alone; many Silicon Valley companies ask such questions. The problem is that such questions are fun only for people who understand the jokes — and who can think like the young men doing the interviews.

They don’t lead to better hiring outcomes as Google learned. Its senior vice president for people operations, Laszlo Bock, said last June in an interview with New York Times, “…we found that brainteasers are a complete waste of time. How many golf balls can you fit into an airplane? How many gas stations in Manhattan? A complete waste of time. They don’t predict anything. They serve primarily to make the interviewer feel smart.”

Such hiring practices also disadvantage women. They hurt the employer by limiting the talent pool. They fortify the male dominated frat-boy culture that Silicon Valley is increasingly being criticized for.

Telle Whitney, CEO of Anita Borg Institute, which is working on getting more women to study computer science and have more women fully engaged in creating technology, says its research shows questions such as these cause women to get screened out more often than men. As an example, the superhero concept is going to resonate much more with men, as demonstrated by the demographics of the superhero movie attendance. Whitney cites research which shows that a strong and pervasive stereotype of computer professionals as devoid of a social life alienates women. Subtle cues in the physical environment of companies such as Star Trek posters and video games lead to women being less interested in being a part of an organization when compared to a neutral office environment. This causes women to self-select out of technology jobs.

Indeed, the trend is getting worse. In 1985, 37 percent of computer science undergraduate degree recipients were women. By 2011 this proportion had dropped to 18 percent. Most technology firms refuse to release gender and diversity numbers. Data collected on Github explains why. Dropbox, for example, had only 9 women in its 143 person engineering team as of October 2013. That’s 6.3 percent in an industry in which 18 percent of the hiring pool is women.

Dropbox recently completed $250 million of funding at a valuation close to $10 billion according to the Wall Street Journal. It is rumored to be heading towards an IPO. The company has been expanding its hiring yet the number of women in management is declining. Kim Malone Scott, who headed operations and sales, left in April 2013; Anna Christina Douglas, who headed product marketing, left in August; and VP of Operations Ruchi Sanghvi left the company last October.

Two former female employees and one current employee of Dropbox shared their concerns with me. They asked not to be named because they had signed non-disparagement agreements and feared negative consequences for their careers if they spoke critically of Dropbox. One wrote in an e-mail, “When I interviewed for Dropbox, I was interviewed in a room called ‘The Break-up Room,’ by a male. It was right next to a room called the ‘Bromance Chamber.’ It felt weird I would be interviewed in such a strangely named conference room.” She said that “every time the company holds an all hands ‘goals’ meeting, the only people who talk are men. There are no females in leadership. The highest ranking is a team lead on the User Ops team.”

She spoke up because she believes that “having more females in leadership positions results in more females; when they all leave those positions, it signals poorly to the rest of us.” Freada Kapor Klein, founder of the Level Playing Field Institute, was invited in by Dropbox to talk about hidden bias research and how it may apply to startups. Her husband, Mitch Kapor, also came to the talk as someone who has been a successful entrepreneur and feels that the culture set at the outset of a company is critical. (Coincidentally they became shareholders in Dropbox when the company bought a startup in which they had invested.) Klein says that Dropbox executives, like other startup founders, honestly believe they are a meritocracy and are unaware as to how hidden bias operates. Employee referrals play a large role in their hiring as in most start-ups which further introduces bias and makes the culture exclusionary.

Her advice to Dropbox? “Founders are looking for ‘objective’ measures such as school ranking, GPAs, SAT scores, but fail to recognize that these are biased. Dropbox and other start-ups should pioneer new ways to identify people who can succeed on the core set of job responsibilities. Perhaps a question on how Dropbox might be used to solve income inequality or the unaffordability of housing in San Francisco would reveal as much about someone’s creativity—and more about their character—than questions about superheroes.”

Jet Propulsion Laboratory | News

Fri, 14 Feb 2014 15:48:40 -0800

Comments: "Jet Propulsion Laboratory | News"

URL: http://www.jpl.nasa.gov/m/news/news.php?release=2014-051

February 14, 2014

Researchers have determined the now-infamous Martian rock resembling a jelly doughnut, dubbed Pinnacle Island, is a piece of a larger rock broken and moved by the wheel of NASA's Mars Exploration Rover Opportunity in early January.

Only about 1.5 inches wide (4 centimeters), the white-rimmed, red-centered rock caused a stir last month when it appeared in an image the rover took Jan. 8 at a location where it was not present four days earlier.

More recent images show the original piece of rock struck by the rover's wheel, slightly uphill from where Pinnacle Island came to rest.

"Once we moved Opportunity a short distance, after inspecting Pinnacle Island, we could see directly uphill an overturned rock that has the same unusual appearance," said Opportunity Deputy Principal Investigator Ray Arvidson of Washington University in St. Louis. "We drove over it. We can see the track. That's where Pinnacle Island came from."

Examination of Pinnacle Island revealed high levels of elements such as manganese and sulfur, suggesting these water-soluble ingredients were concentrated in the rock by the action of water. "This may have happened just beneath the surface relatively recently," Arvidson said, "or it may have happened deeper below ground longer ago and then, by serendipity, erosion stripped away material above it and made it accessible to our wheels."

Now that the rover is finished inspecting this rock, the team plans to drive Opportunity south and uphill to investigate exposed rock layers on the slope.

Opportunity is approaching a boulder-studded ridge informally named the McClure-Beverlin Escarpment, in honor of engineers Jack Beverlin and Bill McClure. Beverlin and McClure were the first recipients of the NASA Medal of Exceptional Bravery for their actions on Feb. 14, 1969, to save NASA's second successful Mars mission, Mariner 6, when the launch vehicle began to crumple on the launch pad from loss of pressure.

"Our team working on Opportunity's continuing mission of exploration and discovery realizes how indebted we are to the work of people who made the early missions to Mars possible, and in particular to the heroics of Bill McClure and Jack Beverlin," said rover team member James Rice of the Planetary Science Institute, Tucson, Ariz. "We felt this was really a fitting tribute to these brave men, especially with the 45th anniversary of their actions coming today."

Opportunity's work on the north-facing slope below the escarpment will give the vehicle an energy advantage by tilting its solar panels toward the winter sun. Feb. 14 is the winter solstice in Mars' southern hemisphere, which includes the region where Opportunity has been working since it landed in January 2004.

"We are now past the minimum solar-energy point of this Martian winter," said Opportunity Project Manager John Callas of NASA's Jet Propulsion Laboratory in Pasadena, Calif. "We now can expect to have more energy available each week. What's more, recent winds removed some dust from the rover's solar array. So we have higher performance from the array than the previous two winters."

During Opportunity's decade on Mars, and the 2004-2010 career of its twin, Spirit, NASA's Mars Exploration Rover Project has yielded a range of findings proving wet environmental conditions on ancient Mars -- some very acidic, others milder and more conducive to supporting life.

JPL manages the Mars Exploration Rover Project for NASA's Science Mission Directorate in Washington. For more information about Spirit and Opportunity, visit: http://www.nasa.gov/rovers .

You can follow the project on Twitter and on Facebook at http://twitter.com/MarsRovers and http://www.facebook.com/mars.rovers .

kimono : The kimono blog

Fri, 14 Feb 2014 16:05:39 -0800

Comments: "kimono : The kimono blog"

URL: http://kimonify.kimonolabs.com/kimload?url=http%3A%2F%2Fkimonolabs.com%2Fcrawlblog%2F1

Sublimall

Fri, 14 Feb 2014 16:29:02 -0800

Comments: "Sublimall"

95% of Climate Models Agree: The Observations Must be Wrong « Roy Spencer, PhD

Fri, 14 Feb 2014 17:29:48 -0800

Comments: "95% of Climate Models Agree: The Observations Must be Wrong « Roy Spencer, PhD"

URL: http://www.drroyspencer.com/2014/02/95-of-climate-models-agree-the-observations-must-be-wrong/

I’m seeing a lot of wrangling over the recent (15+ year) pause in global average warming…when did it start, is it a full pause, shouldn’t we be taking the longer view, etc.

These are all interesting exercises, but they miss the most important point: the climate models that governments base policy decisions on have failed miserably.

I’ve updated our comparison of 90 climate models versus observations for global average surface temperatures through 2013, and we still see that >95% of the models have over-forecast the warming trend since 1979, whether we use their own surface temperature dataset (HadCRUT4), or our satellite dataset of lower tropospheric temperatures (UAH):

Whether humans are the cause of 100% of the observed warming or not, the conclusion is that global warming isn’t as bad as was predicted. That should have major policy implications…assuming policy is still informed by facts more than emotions and political aspirations.

And if humans are the cause of only, say, 50% of the warming (e.g. our published paper), then there is even less reason to force expensive and prosperity-destroying energy policies down our throats.

I am growing weary of the variety of emotional, misleading, and policy-useless statements like “most warming since the 1950s is human caused” or “97% of climate scientists agree humans are contributing to warming”, neither of which leads to the conclusion we need to substantially increase energy prices and freeze and starve more poor people to death for the greater good.

Yet, that is the direction we are heading.

And even if the extra energy is being stored in the deep ocean (if you have faith in long-term measured warming trends of thousandths or hundredths of a degree), I say “great!”. Because that extra heat is in the form of a tiny temperature change spread throughout an unimaginably large heat sink, which can never have an appreciable effect on future surface climate.

If the deep ocean ends up averaging 4.1 deg. C, rather than 4.0 deg. C, it won’t really matter.

Why I Dropped Out Of YC | wikichen

Fri, 14 Feb 2014 17:52:28 -0800

Comments: "Why I Dropped Out Of YC | wikichen"

URL: http://wikichen.is/writing/why-i-dropped-out-of-yc/

I bought my first Moleskine by sheer coincidence while shopping for craft supplies that a design course had required; I had avoided buying a notebook for the first two years at university by resourcefully (for which some might argue was born out of necessity from the lazy frugality of your average college kid) removing stacks of printer paper from the student center under a well-rehearsed, convincing ruse that I was somehow heroically fixing a “paper jam”.

By my third year I was making enough money from being a resident advisor and scrapping by with a delightful hodgepodge of research jobs that I could finally renounce my thieving ways and afford some decent stationeries, one of which was a proper notebook on which I could keep notes. I’m going to be taking actual notes in an actual notebook like a Shakespearean boss, I thought as I browsed the notebook section in the art supplies store. I picked the most conventional looking one from the pile: a large Moleskine Classic Notebook with a hard cover and plain, white pages. I knew not what a Moleskine was then or of its more hipster connotations (I swear) or why it cost an arm and leg for one, but I was pleased to have something I could, at long last, take notes on that’s not single sheet and A4-sized.

Naturally, those notes turned out to be nothing but the wild swirling caricatures of a sleep-deprived procrastinator nodding off every few minutes as the professor droned on. But over time that first Moleskine served as an outlet for my creative self, a blank canvas I painted with my thoughts and ideas and dreams. It captured the moments of blinding clarity and paroxysms of fleeting epiphany that so often defined checkpoints of my personal growth. More importantly, the notebook embodied me at my best and dutifully provided a record from which I could reflect and study.

I filled up that very same Moleskine at the end of last year, around the time when I decided to join the startup as she made the transition to the Bay Area after being accepted into Y Combinator. The fortuitous signs of a full notebook greeting a new opportunity in a new year got the best of my superstitious tendencies, so I ordered a brand-spanking new one off Amazon. In the five or so weeks since Y Combinator commenced in full swing, I haven’t written anything in the Moleskine. In fact, it’s still sitting on my shelf, wrapped in its original packaging.

Earlier this week we met with our advisor and YC partner Aaron over what seemed to be a divergence in the direction of the company and the underlying disagreement on how to best solve problems. In the hour we talked, what surfaced instead was an irreconcilable working relationship rooted in fundamental differences in personalities and misaligned expectations of roles and responsibilities. There were no hard feelings, just hard lessons learned.

Maybe I signed up for the wrong thing or for the wrong reason, as well-intentioned as I was from the start. Maybe it was more about Y Combinator, the subject of numerous pages in my Moleskine, and that was wrong. Maybe in the wake of a failed startup I deluded myself into thinking great teams are predicated on great friendships, a truism that no longer holds absolute truth.

It was also the acceptance that the startup would never be something I could call my own, not just in stake but in equal say, that cemented my decision to walk away. A sense of ownership can be a powerful motivator for a startup; in this case the lack thereof tore it apart. But if you asked me for the one reason why it didn’t work out, the truth is that it just wasn’t fun anymore, and when you’re grinding away on an early stage venture with no pay, the enjoyment you derive from working with your partners is all you have.

Egos clashed and convictions shaken, we came to the consesnsus that it’d be best if I part ways with the startup. To some extent I was relieved, freed from an incompatible environment that brought no party joy, and it hardly mattered that, to those like me who held the institution on a pedestal, this is Y Combinator we’re talking about. Aaron put it this way, “Stop thinking about YC. YC is an artificial construct, a forcing function that augments a startup’s chances to succeed. But if you can’t work together, then none of it matters. If someone tells me I can do YC but I’ll have to wear hot pants the whole time, I wouldn’t do it.” And I wholeheartedly agree with him: life’s too short to wear hot pants.

It’s been a few days since my departure, and I’m as uncertain as ever regarding my next steps, largely given that I’m still digesting what I’ve learned from this experience, and partly because I’ve grown jaded and disillusioned with Silicon Valley at large. What’s certain is that I won’t be touching startups for a very long time, and I might even stay away from Hacker News for a while. If anything, when the time comes and that startup itch manifests itself again, I’ve taken to heart that it will be of my own creation, with a team I can entrust equal ownership, and on my own terms, Y Combinator or not.

Taking the new Moleskine from the shelf and removing it from its plastic wrap, I turned to the first blank page and picked up my pen.

Here we go again.

The New Normal: 200-400 Gbps DDoS Attacks — Krebs on Security

Fri, 14 Feb 2014 18:29:48 -0800

Comments: "The New Normal: 200-400 Gbps DDoS Attacks — Krebs on Security"

URL: http://krebsonsecurity.com/2014/02/the-new-normal-200-400-gbps-ddos-attacks/

Over the past four years, KrebsOnSecurity has been targeted by countless denial-of-service attacks intended to knock it offline. Earlier this week, KrebsOnSecurity was hit by easily the most massive and intense such attack yet — a nearly 200 Gpbs assault leveraging a simple attack method that industry experts say is becoming alarmingly common.

At issue is a seemingly harmless feature built into many Internet servers known as the Network Time Protocol (NTP), which is used to sync the date and time between machines on a network. The problem isn’t with NTP itself, per se, but with certain outdated or hard-coded implementations of it that attackers can use to turn a relatively negligible attack into something much, much bigger. Symantec‘s writeup on this threat from December 2013 explains the problem succinctly:

Similar to DNS amplification attacks, the attacker sends a small forged packet that requests a large amount of data be sent to the target IP Address. In this case, the attackers are taking advantage of the monlist command. Monlist is a remote command in older version of NTP that sends the requester a list of the last 600 hosts who have connected to that server. For attackers the monlist query is a great reconnaissance tool. For a localized NTP server it can help to build a network profile. However, as a DDoS tool, it is even better because a small query can redirect megabytes worth of traffic.

Matthew Prince, the CEO of Cloudflare — a company that helps Web sites stay online in the face of huge DDoS attacks — blogged Thursday about a nearly 400 Gbps attack that recently hit one of the company’s customers and leveraged NTP amplification. Prince said that while Cloudflare “generally [was] able to mitigate the attack, it was large enough that it caused network congestion in parts of Europe.”

“Monday’s DDoS proved these attacks aren’t just theoretical. To generate approximately 400Gbps of traffic, the attacker used 4,529 NTP servers running on 1,298 different networks,” Prince wrote. “On average, each of these servers sent 87Mbps of traffic to the intended victim on CloudFlare’s network. Remarkably, it is possible that the attacker used only a single server running on a network that allowed source IP address spoofing to initiate the requests. An attacker with a 1 Gbps connection can theoretically generate more than 200Gbps of DDoS traffic.”

NO TIME LIKE THE PRESENT

Prince suggests a number of solutions for cleaning up the problem that permits attackers to seize control over so many ill-configured NTP servers, and this is sound advice. But what that post does not mention is the reality that a great many of today’s DDoS attacks are being launched or coordinated by the same individuals who are running DDoS-for-hire services (a.k.a “booters”) which are hiding behind Cloudflare’s own free cloud protection services.

As I noted in a talk I gave last summer with Lance James at the Black Hat security conference in Las Vegas, a funny thing happens when you decide to operate a DDoS-for-hire Web service: Your service becomes the target of attacks from competing DDoS-for-hire services. Hence, a majority of these services have chosen to avail themselves of Cloudflare’s free content distribution service, which generally does a pretty good job of negating this occupational hazard for the proprietors of DDoS services.

Lance James, Yours Truly, and Matthew Prince.

Mr. Prince took strong exception to my remarks at Black Hat, which observed that this industry probably would destroy itself without Cloudflare’s protection, and furthermore that some might perceive a credibility issue with a company that sells DDoS protection services providing safe haven to an entire cottage industry of DDoS-for-hire services.

Prince has noted that while Cloudflare will respond to legal process and subpoenas from law enforcement to take sites offline, “sometimes we have court orders that order us to not take sites down.” Indeed, one such example was CarderProfit, a Cloudflare-protected carding forum that turned out to be an elaborate sting operation set up by the FBI.

He said the company has a stated policy of not singling out one type of content over another, citing a fear of sliding down a slippery slope of censorship.

In a phone interview today, Prince emphasized that he has seen no indication that actual malicious packets are being sent out of Cloudflare’s network from the dozens of booter service Web sites that are using the service. Rather, he said, those booter services are simply the marketing end of these operations.

“The very nature of what we are trying to build is a system by which any content can be online and we can make denial-of-service attacks a thing of the past. But that means that some controversial content will end up on our network. We have an attack of over 100 Gbps almost every hour of every day. If I really thought it would solve the problem, and if our network was actually being used in these attacks, that’s a no-brainer. But I can’t get behind the idea that we should deny service to a marketing site just so that it can be attacked by these other sites, and that this will will somehow make the problem go away. I don’t think that’s right, and it starts us down a slippery slope.”

As a journalist, I’m obviously extremely supportive of free speech rights. But it seems to me that most of these DDoS-for-hire services are — by definition — all about stifling speech. Worse yet, over the past few months the individuals behind these offerings have begun to latch onto NTP attacks, said Allison Nixon, a researcher for NTT Com Security who spoke about DDoS protection bypass techniques at last year’s Black Hat.

“There is a growing awareness of NTP based attacks in the criminal underground in the past several months,” Nixon said. “I believe it’s because nobody realized just how many vulnerable servers are out there until recently. “The technical problem of NTP amplification has been known for a long time. Now that more and more attack lists are being traded around, the availability of DDoS services with NTP attack functionality is on the rise.”

(S)KIDS JUST WANNA HAVE FUN

The shocking thing about these DDoS-for-hire services is that — as I’ve reported in several previous stories — a majority of them are run by young kids who apparently can think of no better way to prove how cool and “leet” they are than by wantonly knocking Web sites offline and by launching hugely disruptive assaults. Case in point: My site appears to have been attacked this week by a 15-year-old boy from Illinois who calls himself “Mr. Booter Master” online.

Prolexic Technologies, the company that has been protecting KrebsOnSecurity from DDoS attacks for the past 18 months, said the attack that hit my site this week clocked in just shy of 200 Gbps. A year or two ago, a 200 Gbps attack would have been close to the largest attack on record, but the general upswing in attack volume over the past year makes the biggest attacks timeline look a bit like a hockey stick, according to a blog post on NTP attacks posted today by Arbor Networks. Arbor’s writeup speaks volumes about the motivations and maturity of the individuals behind a majority of these NTP attacks.

Source: Arbor Networks

The NTP attack on my site was short-lived — only about 10 minutes in duration, according to Prolexic. That suggested the attack was little more than a proof-of-concept, a demonstration.

Indeed, shortly after the attack subsided, I heard from a trusted source who closely monitors hacker activity in the cybercrime underground. The source wanted to know if my site had recently been the subject of a denial-of-service attack. I said yes and asked what he knew about it. The source shared some information showing that someone using the nickname “Rasbora” had very recently posted several indicators in a private forum in a bid to prove that he had just launched a large attack against my site.

Rasbora’s posts on Hackforums.

Apparently, Rasbora did this so that he could prove his greatness to the administrators of Darkode, a closely guarded cybercrime forum that has been profiled at length in this blog. Rasbora was anxious to show what he could contribute to the Darkode community, and his application for membership there hinged in part on whether he could be successful in taking down my site (incidentally, this is not the first time Darkode administrators have used my site as a test target for vetting prospective members who apply based on the strength of some professed DDoS prowess).

Rasbora, like other young American kids involved in DDoS-for-hire services, hasn’t done a great job of separating his online self from his real life persona, and it wasn’t long before I was speaking to Rasbora’s dad. His father seemed genuinely alarmed — albeit otherwise clueless — to learn about his son’s alleged activities. Rasbora himself agreed to speak to me, but denied that he was responsible for any attack on my site. He did, however, admit to using the nickname Rasbora — and eventually — to being consumed with various projects related to DDoS activities.

Rasbora maintains a healthy presence on Hackforums[dot]net, a relatively open forum that is full of young kids engaged in selling hacking services and malicious code of one kind or another. Throughout 2013, he ran a DDoS-for-hire service hidden behind Cloudflare called “Flashstresser.net,” but that service is currently unreachable. These days, Rasbora seems to be taking projects mostly by private contract.

Some of Rasbora’s posts prior to our phone call.

Rasbora’s most recent project just happens to be gathering, maintaining huge “top quality” lists of servers that can be used to launch amplification attacks online. Despite his insistence that he’s never launched DDoS attacks, Rasbora did eventually allow that someone reading his posts on Hackforums might conclude that he was actively involved in DDoS attacks for hire.

“I don’t see what a wall of text can really tell you about what someone does in real life though,” said Rasbora, whose real-life identity is being withheld because he’s a minor. This reply came in response to my reading him several posts that he’d made on Hackforums not 24 hours earlier that strongly suggested he was still in the business of knocking Web sites offline: In a Feb. 12 post on a thread called “Hiring a hit on a Web site” that Rasbora has since deleted, he tells a fellow Hackforums user, “If all else fails and you just want it offline, PM me.”

Rasbora has tried to clean up some of his more self-incriminating posts on Hackforums, but he remains defiantly steadfast in his claim that he doesn’t DDoS people. Who knows, maybe his dad will ground him and take away his Internet privileges.

Tags: Allison Nixon, Arbor Networks, CloudFlare, Darkode, Hackforums, Lance James, Matthew Prince, network time protocol, NTP, NTT Com Security, Prolexic Technologies, Rasbora, Symantec

This entry was posted on Friday, February 14th, 2014 at 7:13 pm and is filed under A Little Sunshine, The Coming Storm. You can follow any comments to this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Pinging is currently not allowed.

writebin

Fri, 14 Feb 2014 19:29:51 -0800

Comments: "writebin"

URL: http://writebin.io

The Dawn of the Age of Artificial Intelligence - Atlantic Mobile

Fri, 14 Feb 2014 20:52:21 -0800

Comments: "The Dawn of the Age of Artificial Intelligence"

URL: http://m.theatlantic.com/business/archive/2014/02/the-dawn-of-the-age-of-artificial-intelligence/283730/

The advances we’ve seen in the past few years—cars that drive themselves, useful humanoid robots, speech recognition and synthesis systems, 3D printers, Jeopardy!-champion computers—are not the crowning achievements of the computer era. They’re the warm-up acts. As we move deeper into the second machine age we’ll see more and more such wonders, and they’ll become more and more impressive.

How can we be so sure? Because the exponential, digital, and recombinant powers of the second machine age have made it possible for humanity to create two of the most important one-time events in our history: the emergence of real, useful artificial intelligence (AI) and the connection of most of the people on the planet via a common digital network.

Either of these advances alone would fundamentally change our growth prospects. When combined, they’re more important than anything since the Industrial Revolution, which forever transformed how physical work was done.

Thinking Machines, Available now

Digital machines have escaped their narrow confines and started to demonstrate broad abilities in pattern recognition, complex communication, and other domains that used to be exclusively human. We’ve recently seen great progress in natural language processing, machine learning (the ability of a computer to automatically refine its methods and improve its results as it gets more data), computer vision, simultaneous localization and mapping, and many other areas.

We’re going to see artificial intelligence do more and more, and as this happens costs will go down, outcomes will improve, and our lives will get better. Soon countless pieces of AI will be working on our behalf, often in the background. They’ll help us in areas ranging from trivial to substantive to life changing. Trivial uses of AI include recognizing our friends’ faces in photos and recommending products. More substantive ones include automatically driving cars on the road, guiding robots in warehouses, and better matching jobs and job seekers. But these remarkable advances pale against the life-changing potential of artificial intelligence.

We’re going to see artificial intelligence do more and more, and as this happens costs will go down, outcomes will improve, and our lives will get better.

To take just one recent example, innovators at the Israeli company OrCam have combined a small but powerful computer, digital sensors, and excellent algorithms to give key aspects of sight to the visually impaired (a population numbering more than twenty million in the United States alone). A user of the OrCam system, which was introduced in 2013, clips onto her glasses a combination of a tiny digital camera and speaker that works by conducting sound waves through the bones of the head. If she points her finger at a source of text such as a billboard, package of food, or newspaper article, the computer immediately analyzes the images the camera sends to it, then reads the text to her via the speaker.

Reading text ‘in the wild’—in a variety of fonts, sizes, surfaces, and lighting conditions—has historically been yet another area where humans outpaced even the most advanced hardware and software. OrCam and similar innovations show that this is no longer the case, and that here again technology is racing ahead. As it does, it will help millions of people lead fuller lives. The OrCam costs about $2,500—the price of a good hearing aid—and is certain to become cheaper over time.

Digital technologies are also restoring hearing to the deaf via cochlear implants and will probably bring sight back to the fully blind; the FDA recently approved a first-generation retinal implant. AI’s benefits extend even to quadriplegics, since wheelchairs can now be controlled by thoughts. Considered objectively, these advances are something close to miracles—and they’re still in their infancy.

Billions of Innovators, Coming Soon

In addition to powerful and useful AI, the other recent development that promises to further accelerate the second machine age is the digital interconnection of the planet’s people. There is no better resource for improving the world and bettering the state of humanity than the world’s humans—all 7.1 billion of us. Our good ideas and innovations will address the challenges that arise, improve the quality of our lives, allow us to live more lightly on the planet, and help us take better care of one another. It is a remarkable and unmistakable fact that, with the exception of climate change, virtually all environmental, social, and individual indicators of health have improved over time, even as human population has increased.

This improvement is not a lucky coincidence; it is cause and effect. Things have gotten better because there are more people, who in total have more good ideas that improve our overall lot. The economist Julian Simon was one of the first to make this optimistic argument, and he advanced it repeatedly and forcefully throughout his career. He wrote, “It is your mind that matters economically, as much or more than your mouth or hands. In the long run, the most important economic effect of population size and growth is the contribution of additional people to our stock of useful knowledge. And this contribution is large enough in the long run to overcome all the costs of population growth.”

We do have one quibble with Simon, however. He wrote that, “The main fuel to speed the world’s progress is our stock of knowledge, and the brake is our lack of imagination.” We agree about the fuel but disagree about the brake. The main impediment to progress has been that, until quite recently, a sizable portion of the world’s people had no effective way to access the world’s stock of knowledge or to add to it.

In the industrialized West we have long been accustomed to having libraries, telephones, and computers at our disposal, but these have been unimaginable luxuries to the people of the developing world. That situation is rapidly changing. In 2000, for example, there were approximately seven hundred million mobile phone subscriptions in the world, fewer than 30 percent of which were in developing countries.

By 2012 there were more than six billion subscriptions, over 75 percent of which were in the developing world. The World Bank estimates that three-quarters of the people on the planet now have access to a mobile phone, and that in some countries mobile telephony is more widespread than electricity or clean water.

The first mobile phones bought and sold in the developing world were capable of little more than voice calls and text messages, yet even these simple devices could make a significant difference. Between 1997 and 2001 the economist Robert Jensen studied a set of coastal villages in Kerala, India, where fishing was the main industry.10 Jensen gathered data both before and after mobile phone service was introduced, and the changes he documented are remarkable. Fish prices stabilized immediately after phones were introduced, and even though these prices dropped on average, fishermen’s profits actually increased because they were able to eliminate the waste that occurred when they took their fish to markets that already had enough supply for the day. The overall economic well-being of both buyers and sellers improved, and Jensen was able to tie these gains directly to the phones themselves.

Now, of course, even the most basic phones sold in the developing world are more powerful than the ones used by Kerala’s fisherman over a decade ago. And cheap mobile devices keep improving. Technology analysis firm IDC forecasts that smartphones will outsell feature phones in the near future, and will make up about two-thirds of all sales by 2017.

This shift is due to continued simultaneous performance improvements and cost declines in both mobile phone devices and networks, and it has an important consequence: it will bring billions of people into the community of potential knowledge creators, problem solvers, and innovators.

'Infinite Computing' and Beyond

Today, people with connected smartphones or tablets anywhere in the world have access to many (if not most) of the same communication resources and information that we do while sitting in our offices at MIT. They can search the Web and browse Wikipedia. They can follow online courses, some of them taught by the best in the academic world. They can share their insights on blogs, Facebook, Twitter, and many other services, most of which are free. They can even conduct sophisticated data analyses using cloud resources such as Amazon Web Services and R, an open source application for statistics.13 In short, they can be full contributors in the work of innovation and knowledge creation, taking advantage of what Autodesk CEO Carl Bass calls “infinite computing.”

Until quite recently rapid communication, information acquisition, and knowledge sharing, especially over long distances, were essentially limited to the planet’s elite. Now they’re much more democratic and egalitarian, and getting more so all the time. The journalist A. J. Liebling famously remarked that, “Freedom of the press is limited to those who own one.” It is no exaggeration to say that billions of people will soon have a printing press, reference library, school, and computer all at their fingertips.

We believe that this development will boost human progress. We can’t predict exactly what new insights, products, and solutions will arrive in the coming years, but we are fully confident that they’ll be impressive. The second machine age will be characterized by countless instances of machine intelligence and billions of interconnected brains working together to better understand and improve our world. It will make mockery out of all that came before.

This post is adapted from Erik Brynjolfsson and Andrew McAfee's The Second Machine Age: Work, Progress, and Prosperity in a Time of Brilliant Technologies.

codebyjeff

Fri, 14 Feb 2014 20:58:21 -0800

Comments: "The End of Mrs. and Miss"

URL: http://codebyjeff.com/blog/2014/02/the-end-of-mrs-and-miss

The end of Mrs and Miss 2014-02-15

Morten Rand-Hendriksen (@mor10) asked an excellent question on Twitter today:

I never understood why women are required to prefix their names based on marital status.
 Mrs., Miss, Ms. #archaic
So why do we still have the options of Miss and Mrs.? Why do we need these prefixes at all?

Of course, Ms. has been around for years, and is thoroughly accepted, and yet: We still see these older prefixes on forms and never stop to question it.

Why ARE we asking for these prefixes?

There has been a tremendous amount of attention paid lately to gender equality in the programming world, which is an excellent thing. I've actually for the most part stayed out of the conversation, mostly because I'm a bit older than most programmers (I can remember, as a child, the "bra-burning days"). What may seem to you like a brand new conversation is actually an old one going through another iteration, as we wind closer and closer to our final destination of true, in our hearts and minds rather than just our words, Equality.

The most difficult part of these changes, I've always felt, has not really been the obvious cases. Most of us know better than to tell racist jokes at a party or make comments like, "Women can't do X". Most importantly, though, the environment has changed sufficiently that we are not afraid to show our disapproval of that sort of behavior. In most situations, you no longer feel the need to laugh or go along with things. (You may point to the recently breaking story of the Miami Dolphins. I'll contend that 10 years ago, it would have been swept under the rug, and when I was a child, no one would have even thought it worthy of being reported.)

The thing that is very difficult for people not in the minority group to understand is that, where the actual issue lies is usually not in people doing the blatantly bad - the crowd will take care of that - but rather in the environment that is created by the often innocent everyday habits and remarks. We all understand the concept of "atmosphere" - a party that has all the right ingredients, but just doesn't take off; a team of superb players who just can't find the chemistry to win. This is a terribly difficult thing to pin down, and yet this is what determines the ultimate success or failure of a project.

So to tie this back to my original question - why are we asking women to put information on a form that has no use other than to let us know if she might be a potential mate?

Putting it bluntly like that, the problem jumps right out, doesn't it? If we need to know gender - put a gender radio set on your form. If there is a reason to ask marital status, then do the same - for men and women. Don't put a question on the form that implicitly asks, "Please let me know if you have a husband lurking around". Remove this little, old-fashioned question that adds meta data to a woman's record about her status in the world with regards to possible availability for sex. Change that small part of the atmosphere.

Why do I bring this up in a programming blog? Quite simply, because we programmers have the power to affect this particular small change. Most forms these days are online - created by technical people. Us. This little drop in the bucket can be OUR drop, joining with others to change over time how people think about each other.

Here's what I'm asking you to do:

If you make a new form, limit salutations to Dr., Mr., Ms.

If your customer wants Mrs. & Miss, push back. Up to you to decide how far and how hard, but make an effort.

If your current company uses forms that have Mrs. & Miss, propose the field & forms be changed. If you feel your direct boss won't be amenable, consider finding someone in sales or marketing with a bit of clout who might champion the cause

That's it. Not very hard to do. Perhaps 10 years from now, the thought of a form that asks a woman for her marital status for no reason will be met with the same reaction as a sexist joke in a high-level meeting is most places today.

I welcome discussion on this subject on HN: https://news.ycombinator.com/item?id=7242727