Four Short Links

Nat Torkington's eclectic collection of curated links.

Four short links: 22 September 2017

Molecular Robots, Distributed Deep Nets, SQL Notebook, and Super-Accurate GPS

  1. Scientists Create World’s First ‘Molecular Robot’ Capable Of Building Molecules -- Each individual robot is capable of manipulating a single molecule and is made up of just 150 carbon, hydrogen, oxygen and nitrogen atoms. To put that size into context, a billion billion of these robots piled on top of each other would still only be the same size as a single grain of salt. The robots operate by carrying out chemical reactions in special solutions which can then be controlled and programmed by scientists to perform the basic tasks. (via Slashdot)
  2. Distributed Deep Neural Networks -- in Adrian Colyer's words: DDNNs partition networks between mobile/embedded devices, cloud (and edge), although the partitioning is static. What’s new and very interesting here though is the ability to aggregate inputs from multiple devices (e.g., with local sensors) in a single model, and the ability to short-circuit classification at lower levels in the model (closer to the end devices) if confidence in the classification has already passed a certain threshold. It looks like both teams worked independently and in parallel on their solutions. Overall, DDNNs are shown to give lower latency decisions with higher accuracy than either cloud or devices working in isolation, as well as fault tolerance in the sense that classification accuracy remains high even if individual devices fail. (via Morning Paper)
  3. Franchise -- an open-source notebook for sql.
  4. Super-Accurate GPS Chips Coming to Smartphones in 2018 (IEEE Spectrum) -- 30cm accuracy (today: 5m), will help with the reflections you get in cities, and with 50% energy savings.

Four short links: 21 September 2017

Synthetic Muscles, Smarter SSH, Kickstarter Post-Mortem, and Computational Drawing

  1. Additive Synthetic Muscles -- electrically-actuated high stress, high strain, low density, 3D-printable muscles.
  2. teleport -- modern SSH that groks bastion hosts, certificates, and more.
  3. Anatomy of a Kickstarter -- It is possible to outsource much of the Kickstarter process, including copywriting, fulfilment, customer support and marketing. I treated the whole process as a learning experience and set aside 50% of my time for three months to appreciate its nuances from start to finish, with a hard-stop due to other commitments. Post-Kickstarter I committed another three months over the following year to deliver experiences such as the expedition to Afghanistan and stretch goals. BackerKit was the obvious candidate to outsource operations to, but was rejected for violating the no-asshole rule: they were tone-deaf, evasive on responding to cost estimates, and nagging in a way that only organisations that live and die by CRM systems can be.
  4. rune.js -- a JavaScript library for programming graphic design systems with SVG in both the browser or node.js.

Four short links: 20 September 2017

AI Needs Ethics, Automotive-Grade Linux, Drawing Clocks, and Facial Recognition

  1. AI Research Needs an Ethical Watchdog (Wired) -- Right now, if government-funded scientists want to research humans for a study, the law requires them to get the approval of an ethics committee known as an institutional review board, or IRB. Stanford’s review board approved Kosinski and Wang’s study. But these boards use rules developed 40 years ago for protecting people during real-life interactions, such as drawing blood or conducting interviews. “The regulations were designed for a very specific type of research harm and a specific set of research methods that simply don’t hold for data science,” says Metcalf.
  2. Automotive-Grade Linux Debuts On The 2018 Toyota Camry -- you heard it here first: 2018 is the year of the Linux hatchback. You heard it here first!
  3. Clocks for Software Engineers -- The first and perhaps most difficult part of learning hardware design is to learn that all hardware design is parallel design. Things don’t take place serially, as in one instruction after another ... like they do in a computer. Instead, everything happens at once.
  4. Facial Recognition is Here to Stay -- I have to admit that when I saw facial recognition improving, and realised it'd be useful in a few years, I never imagined the use case would be "so the cashier at Chik-Fil-A would know your name."

Four short links: 19 September 2017

BMI, Govt Apps Threatened, Geospatial Jupyter, and W3C Adds DRM to HTML (*spit*).

  1. Brain Machine Interface Isn't SF Any More (Wired) -- the demo is typing without a keyboard, the article is really about the CEO (started Internet Explorer, got a classics degree at 30, then got a PhD in neuroscience).
  2. Is Apple About to Accidentally Kill Government as a Platform? (Jen Pahlka) -- In an effort to reduce the proliferation of spam apps, Apple changed its App Store review guidelines to ban “apps created from a commercialized template or app generation service.” In what appears to be a misguided interpretation of an otherwise reasonable rule, Apple has decided to included white-labeled government apps in this category.
  3. geonotebook -- A Jupyter notebook extension for geospatial visualization and analysis.
  4. World Wide Web Consortium Abandons Consensus, Standardizes DRM, EFF resigns (Cory Doctorow) -- EFF no longer believes that the W3C process is suited to defending the open web.

Four short links: 18 September 2017

AI Journos, AI Hype, Faces from Photos, and Regulating Online Advertising

  1. AI-Produced Journalism -- In its first year, the Post has produced around 850 articles using Heliograf. That included 500 articles around the election that generated more than 500,000 clicks — not a ton in the scheme of things, but most of these were stories the Post wasn’t going to dedicate staff to anyway. [...] It’s unclear how that approach can be scaled to cover local communities, where the digital news model has fallen short. Heliograf can be used to digest data like standardized test scores and crime stats; covering a zoning board meeting is another matter. And AI isn’t being used beyond big news organizations, Lewis pointed out. “There’s such a huge gap between the AI haves and have-nots. We are many years away from these things being implemented at the local level.”
  2. Deep Learning Hype in One Picture (Alex Lebrun) -- NIPS conference registrations, 2002 through 2017).
  3. Facial Reconstruction From a Single Photo -- experiment with the code from the paper.
  4. How Did We End Up Here? (John Battelle) -- US regulators are looking at the online ad world, and may align its regulations with those of newspapers (which must attribute political speech, etc.). That has implications for platform immunity, not to mention profits.

Four short links: 15 September 2017

Hardware Life Tetris, VR-64, Face Average, and LoRa Backscatter

  1. Tetris From the Ground Up -- quixotic brilliance. Hardware to Game of Life to Tetris.
  2. VR Goggles For C64 -- I built the VR64 using three components: a $10 plastic VR goggle, a $26 LCD, and a cheap power transformer (plus lots of glue gun fun!). I split the screen into two sections, one for the left eye and one for the right. Each section is 19 columns by 25 rows, and the center two rows are not used. Each eye, has 152X200 pixels in high resolution and only 76X200 in multi-color mode! (via Vice)
  3. The Average Face of a UK Member of Parliament -- the idea of a facial mean disconcerts me still.
  4. LoRa Backscatter -- they reverse-engineered the proprietary LoRa physical layer to do this! (Readable article about the tech also available, explaining why this is interesting for IoT)

Four short links: 14 September 2017

Self-Folding Electronics, Mozilla Comments, Observability, and NLP Library

  1. 3D-Printed Self-Folding Electronics -- Here, we demonstrate a method for spontaneous folding of three-dimensional (3D)-printed composites with embedded electronics at room temperature. The composite is printed using a multimaterial 3D-printing process with no external processing steps. Upon peeling from the print platform, the composite self-shapes itself using the residual forces resulting from polymer swelling during the layer-by-layer fabrication process. As a specific example, electrochromic elements are printed within the composite and can be electrically controlled through its folded legs.
  2. WaPo Deploys Mozilla's Comments System -- Mozilla has a whole group working on better tools for digital journalism.
  3. A Field Guide to Observability - when you don't have observability, you can't tell the difference between normal and abnormal. Nice.
  4. Allen NLP -- an open source NLP research library, built on PyTorch.

Four short links: 13 September 2017

Traffic Interception, AI Security, Security Must-Knows, and Learning Game Engines

  1. Understanding Web Traffic Interception (CloudFlare) -- We found that between 4% and 10% of the web’s encrypted traffic (HTTPS) is intercepted.
  2. Awesome AI Security -- curated list of AI security resources.
  3. What Every Software Engineer Should Know About Search -- the key to success in search is building processes for evaluation and tuning into the product and development cycles. A search system architect should think about processes and metrics, not just technologies.
  4. Game Engine Learning from Video -- trained on a speedrunner video, uses 2m of footage of the game being played to build its own game engine. Started with Mega Man and Sonic, now using Super Mario Bros. See also the university's press release.

Four short links: 12 September 2017

Open Source Guides, Music Generation, Modern ISP Tech, and Interactive Web Narrative Tool

  1. TODO Group Open Source Guides -- a set of living guides to help you learn more about setting up an open source program.
  2. Deep Learning Techniques for Music Generation -- This book is a survey and an analysis of different ways of using deep learning (deep artificial neural networks) to generate musical content.
  3. Building an ISP in 2017 -- and this is how some new ISPs look on the inside. VERY different than what they were building a decade ago, thanks to cloud, kit, APIs, and modern deployment tools.
  4. Idyll -- a tool that makes it easier to author interactive narratives for the web. The goal of the project is to provide a friendly markup language—and an associated toolchain—that can be used to create dynamic, text-driven web pages.

Four short links: 11 September 2017

Criminal Smart Contracts, Economic Damaged Goods, Crypto Bar, and Equifax Advice

  1. Investigating the Future of Criminal Smart Contracts (A Paper a Day) -- readable and interesting summary of a paper on using smart contracts around criminal activities: leaking stolen confidential information, buying stolen keys, and assassination.
  2. Damaged Goods -- this is how economics refers to intentionally crippled offerings (e.g., a student version that only has half the features of the pro version, when the code for the pro features has already been written and the marginal cost to the vendor for including those features is 0). The provoking example is Tesla (60kWh and 75kWh models have the same batteries, the lower range is software-imposed based on how much you've paid for your car). Without selling to the high willingness-to-pay customers at the high price, the good might not be produced at all because the profit from customers who are only willing to buy at a discount aren’t enough to support the R&D. Thus, the high willingness-to-pay customers aren’t worse off from the existence of a discounted version and the low willingness to pay customers and the firm are clearly better off. See also Tesla offers $20K in software-upgradable options when you buy a car and Cory's take.
  3. The Bletchley -- Use WW2 Enigma machines and protocols, and Sherlock's deduction principles to create personalized cocktail recipes. The recipes will be ciphered and handed over to you with your drinks, for these are to stay a secret between and you and our agents. Neat video in this tweet.
  4. Credit Report/Identity Theft Advice -- in the wake of the Equifax breach, some solid steps to take in the scenarios that might play out with your identity. In particular, the problem of someone else opening a bank account with your identity (the bank won't close it, as you're not the person who opened it, and therein lies most of the pain).

Four short links: 8 September 2017

CryptoCurrency Fails, AI Interchange, Big Data Surveillance, and Foragers vs. Farmers

  1. Cryptographic Vulnerabilities in IOTA -- The cryptocurrency space is heating up—Protocol Labs raised $200M for Filecoin, Bancor raised $150M, and Tezos raised $232M. [...] [T]he due diligence required to make sound investments in the technology isn’t keeping up with the pace of the hype. Don't. Roll. Your. Own. Crypto!
  2. Microsoft and Facebook Launch AI Interoperability -- Open Neural Network Exchange (ONNX) format, a standard for representing deep learning models that enables models to be transferred between frameworks.
  3. Big Data Surveillance: The Case of Policing -- based on observations and interviews with the Los Angeles Police Department, the author finds: First, discretionary assessments of risk are supplemented and quantified using risk scores. Second, data are used for predictive, rather than reactive or explanatory, purposes. Third, the proliferation of automatic alert systems makes it possible to systematically surveil an unprecedentedly large number of people. Fourth, the threshold for inclusion in law enforcement databases is lower, now including individuals who have not had direct police contact. Fifth, previously separate data systems are merged, facilitating the spread of surveillance into a wide range of institutions.
  4. Forager vs. Farmer (Robin Hanson) -- a safe, playful, talky collective isn’t always the best way to deal with things. I think Robin Hanson is saying it's OK to punch Nazis but not OK to punch a coworker—EVEN IF THEY SUGGEST WRITING THE NEW SYSTEM IN {some language that has recently been mentioned on Hacker News}.

Four short links: 7 September 2017

IoT Future, DolphinAttack, Grid Threat, and Personal Communicators

  1. A Tough Week for IoT (Matt Webb) -- The native business model of Enterprise IoT is hardware-enabled SaaS. [...] What "hardware-enabled" means is that although the hardware is necessary (it's a sensor, or a camera, or whatever), it's not core. It can be commodity.
  2. The DolphinAttack -- In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers (e.g., f > 20 kHz) to achieve inaudibility. [...] We validate DolphinAttack on popular speech recognition systems, including Siri, Google Now, Samsung S Voice, Huawei HiVoice, Cortana, and Alexa. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile.
  3. Hackers Gain Switch-Flipping Access to U.S. Power Grid (Wired) -- Chien reasons that they may have been seeking the option to cause an electric disruption but waiting for an opportunity that would be most strategically useful—say, if an armed conflict broke out, or potentially to issue a well-timed threat that would deter the U.S. from using its own hacking capabilities against another foreign nation's critical infrastructure.
  4. Orion Labs -- Orion is a communicator with smarts on the back end—and they just released real-time translation. It's hard to make good hardware, and harder to make good social software, so this is a hell of an accomplishment.

Four short links: 6 September 2017

Flat UI, Essential Knowledge, Haunted Hardware, and Late-Stage Capitalism

  1. Flat UI Elements Attract Less Attention and Cause Uncertainty (Nielsen Norman Group) -- On average participants spent 22% more time (i.e., slower task performance) looking at the pages with weak signifiers [flat UI].
  2. Every Programmer Should Know -- even if you disagree with some/all of this list, compiling your own is a useful exercise.
  3. Demon-Haunted World (Cory Doctorow) -- In the 21st century, we have come full circle. Non-human life forms—limited liability corporations—are infecting the underpinnings of our "smart" homes and cities with devices that obey a different physics depending on who is using them and what they believe to be true about their surroundings.
  4. Rochester vs. Cupertino (NY Times) -- really interesting piece about the difference between Kodak then and Apple now: fewer workers, fewer of them permanent, and no opportunity for those on the bottom to up-skill and grow. But as more companies have outsourced more functions over more time, a strong body of evidence is emerging that it's not just about efficiency. It seems to be a way for big companies to reduce compensation costs.

Four short links: 5 September 2017

Deep Crowdturfing, Design Omissions, Zork in Hardware, and Checking In Secrets

  1. Automated Crowdturfing Attacks and Defenses in Online Review Systems -- In this paper, we identify a new class of attacks that leverage deep learning language models (recurrent neural networks, or RNNs) to automate the generation of fake online reviews for products and services. Not only are these attacks cheap and therefore more scalable, but they can control rate of content output to eliminate the signature burstiness that makes crowdsourced campaigns easy to detect. [...] Finally, we develop novel automated defenses against these attacks, by leveraging the lossy transformation introduced by the RNN training and generation cycle. We consider countermeasures against our mechanisms, show that they produce unattractive cost-benefit tradeoffs for attackers, and that they can be further curtailed by simple constraints imposed by online service providers. (via Bruce Schneier)
  2. Fifty Things You Probably Forgot to Design -- it's details all the way down, people. (via Glen Barnes)
  3. Zork CPU -- A Verilog implementation of the Infocom Z-Machine V3. Finally, Zork in Hardware!
  4. An Introduction to Managing Secrets Safely with Version Control Systems (Digital Ocean) -- In this guide, we will first talk about how to check for sensitive data already committed to your repository and introduce some mitigation strategies if any material is found. Afterwards, we will cover some tools and techniques for preventing the addition of secrets to repositories, ways to encrypt sensitive data before committing, and alternatives for secure secret storage. Not everything belongs in your version control system.

Four short links: 4 September 2017

Autonomy and AI, Reinforcement Learning Hacks, Hyperscale vs. Lifestyle, and Kickstarter for Public Benefit

  1. Genevieve Bell to Lead New Autonomy and AI Research Unit -- The institute will be investigating the issues raised by the autonomy of artificial intelligence, the questions around how much agency autonomous beings would or should have, and the problem of regulating artificial intelligence to give humans a comfortable level of assurance.
  2. Deep RL Hacks -- From a talk given by John Schulman titled "The Nuts and Bolts of Deep RL Research" (Aug 2017). A lot of good practitioner knowledge, and I believe that Start simple until you see signs of life works for every problem.
  3. Tim O'Reilly and Reid Hoffman Debate -- ostensibly about blitz scaling vs. indie.vc. One thing I think Bryce has done brilliantly in Indie.vc is to create an investment vehicle that actually supports the choice of the founders to go either way [hyperscale or lifestyle].
  4. Kickstart's Journey to Public Benefit Corporation -- Strickler and Chen received an email from Albert Wenger, who was a partner at Union Square Ventures, the firm that led Kickstarter’s last round of funding. “Albert reached out to Perry and me, as PBC was about to become legal in Delaware, to say, ‘Hey, here’s this new instrument that’s available. It’s very fitting of where you are. You guys should go for this. This is your destiny,’” Strickler said. But at first, he and Chen weren’t sure. “I think when he first shared that, we thought, Albert’s more radical than we are.” The push came from their VC!

Four short links: 1 September 2017

Math is Hard, Rare Data, Social Spam, and Device Fragmentation

  1. P vs. NP Proof Retracted -- author: The proof is wrong. I shall elaborate precisely what the mistake is. For doing this, I need some time. I shall put the explanation on my homepage. This is how science and mathematics is supposed to work, great to see it actually happen.
  2. Object Detection: an Overview in the Age of Deep Learning -- Data sets play a very important (and sometimes underrated) role in research. Every time a new data set is released, papers are released, and new models are compared and often improved upon, pushing the limits of what’s possible. Unfortunately, there aren’t enough data sets for object detection. Data is harder (and more expensive) to generate, companies probably don’t feel like freely giving away their investment, and universities do not have that many resources.
  3. Measuring Social Spam and the Effect of Bots on Information Diffusion on Social Media -- Lastly, social spam bots sit in the bottom-right quadrant. Differently from traditional spammers, their connectivity growth is much more similar to that of influential accounts. Their followership increases at a pace higher than their following others. They still produce disproportionately more tweets than the retweets they receive, but their embeddedness in the social network looks somewhat effective. Further analysis reveals that many of these spam bots tend to reciprocate followership to external users (accounts not present in the spam data set) but also tend to follow each other; this coordinated behavior gives the appearance of network influence.
  4. Android Announce ARCore -- ARCore will run on millions of devices, starting today with the Pixel and Samsung’s S8, running 7.0 Nougat and above. We’re targeting 100 million devices at the end of the preview. Android has billions of devices in the field, and most won't be able to run this. That's gotta chafe.

Four short links: 31 August 2017

The API Line, Pacemaker Upgrades, AR HIG, and Door Upgrades

  1. Premium Mediocre (Venkatesh Rao) -- Today, you’re either above the API or below the API. You either tell robots what to do, or are told by robots what to do.
  2. 465K Patients Must Visit Doctor for Pacemaker Firmware Upgrade (Ars Technica) -- this vulnerability was exposed by a margin trading firm (Muddy Waters) that bet against the manufacturer (St Jude). We are living in Peak Gibson days.
  3. Apple's AR Human Interface Guidelines -- Scaling is not a remedy for adjusting the distance of an object—making an object larger to make it appear closer, for example, just results in a larger object that's still far away. I picture junior deities, in their Elemental Schools, being taught lessons like this.
  4. The Hotel Hacker -- a reminder that, as software eats the world, everything becomes a service. You don't buy a pacemaker or a door and never think about it again. If your heart or your door has software, you'll need to upgrade it and probably more than once.

Four short links: 30 August 2017

IRS Mining, Government as a Platform, Developing for Alexa, and Testing Reading Comprehension

  1. The IRS Is Mining Taxpayer Data On Social Media -- Although historically, the IRS chose tax returns to audit based on internal mathematical mistakes or mismatches with third-party reports (such as W-2s), the IRS is now engaging in data mining of public and commercial data pools (including social media) and creating highly detailed profiles of taxpayers upon which to run data analytics. This article argues that current IRS practices, mostly unknown to the general public, are violating fair information practices. (via Slashdot)
  2. Government as a Platform, Tranche 1 (Pia Waugh) -- One of the dangers is that if you see something better than what you have, and assume it to be sufficient, then you miss the opportunity to leapfrog. I like Pia's approach here (identify three concepts that came from the user research, and then from all the different things that users were trying to do, from their needs we identified a couple of juicy examples that would show and help us test those concepts).
  3. Why it’s Hard to Develop a Conversational Alexa Skill -- Alexa’s interaction model is not conversation-friendly. [...] Lack of context is a common problem. [...] Alexa’s language model has fewer problems with interpreting “female,” but it is not unusual to see “email” in the transcripts. This article has a lot of good detail about what goes wrong.
  4. Adversarial Examples for Evaluating Reading Comprehension Systems -- Our method tests whether systems can answer questions about paragraphs that contain adversarially inserted sentences, which are automatically generated to distract computer systems without changing the correct answer or misleading humans. In this adversarial setting, the accuracy of 16 published models drops from an average of 75% F1 score to 36%; when the adversary is allowed to add ungrammatical sequences of words, average accuracy on four models decreases further to 7%. Suggesting that current software doesn't understand the text, it merely performs well on the tests. So...as good as most high school students, then?

Four short links: 29 August 2017

Hardware Security, Streaming SQL, GAN Successes, and Blame to Accountability

  1. Titan in Depth -- Google's new chip that tries very hard to guarantee a secure foundation for the booting and operation of a larger computer. The steps they take are incredible. The Register has a version that's somewhat more intelligible to non-security folks.
  2. KSQL -- a streaming SQL engine for Apache Kafka. Open source. Blog post helps you understand the use case. KSQL runs are continuous queries—transformations that run continuously as new data passes through them—on streams of data in Kafka topics. In contrast, queries over a relational database are one-time queries—run once to completion over a data set—as in a SELECT statement on finite rows in a database.
  3. The Best Uses of Generative Adversarial Models -- they'll blow your mind.
  4. Moving from Blame to Accountability -- Accountability comes from clear contracting, ongoing conversations, and an organizational commitment to support accountability rather than blame. The contracting focuses on tasks to be accomplished, roles to be taken, processes to be used, standards sought, and expected results.

Four short links: 28 August 2017

Fishing for Fishermen, Conversation Analysis, Paper Walkthrough, and Botwiki

  1. TopCoder: Fishing for Fishermen -- NASA wishes to identify the type of fishing being performed by a vessel, based on AIS broadcast reports and contextual data. In this second round of the challenge, we will be building upon the first round a bit, by now attempting to further classify based upon the type of fishing taking place. Stuff that matters.
  2. Using Chatbots Against Voicespam: Analyzing Lenny’s Effectiveness (Paper a Day) -- a bot to tie up phone scammers, built using insights from conversation analysis (CA). Key results from CA date back to the 1970s. There are four main mechanisms in conversations that have been isolated and explained: (1) The turn-taking apparatus: methods used to minimize gaps and overlaps while taking turns in a conversation. (2) Trouble management: how speakers repair any trouble in hearing, understanding, or speaking. (3) The ‘sequential organizations of actions in talk exchanges’ that describes how conversationalists assemble their turns in sequences of actions that go together. One common type of sequence is the adjacency pair: for example, question -> answer, greeting exchanges, offers -> accept/reject, and so on. (4) The last mechanism clarifies how speakers use membership categories during talk exchanges (for example, being elderly).
  3. A Paper Explained: How DeepMind Taught AI to Play Video Games -- a wonderfully gentle explanation of this important paper in AI.
  4. Botwiki -- an open catalog of friendly, useful, artistic online bots, and tools and tutorials that can help you make them.