Four Short Links

Nat Torkington's eclectic collection of curated links.

Four short links: 31 May 2017

Open Data, Microsploit, Misunderstanding Secure Comms, and Interactive Dialogue

  1. csv,conf,v3 -- notes from the recent open data conference.
  2. Microsploit -- Fast and easy, create a backdoor office exploitation using module metasploit packet—Microsoft Office, Open Office, Macro attack, Buffer Overflow. (via Aditya Gupta)
  3. Obstacles to the Adoption of Secure Communication Tools -- of 60 participants, 57 participants provided various incorrect explanations of digital signatures, and that was representative of most questions about How Stuff Works. Video of the talk is also online. (via Trammell Hudson)
  4. YarnSpinner -- a C# library for interactive dialogue in games [...] similar to Twine. (via The Secret Lab)

Four short links: 30 May 2017

World Problems, Story AI, Medical Security Horrors, and OSS Fuzz Winning

  1. The World's Biggest Problems -- data for you to consider when you choose to work on Stuff That Matters.
  2. The Strong Story Hypothesis and the Directed Perception Hypothesis -- I ask why humans are smarter than other primates, and I hypothesize that an important part of the answer lies in what I call the Strong Story Hypothesis, which holds that storytelling and understanding have a central role in human intelligence. Next, I introduce another hypothesis, the Driven Perception Hypothesis, which holds that we derive much of our common sense, including the common sense required in story understanding, by deploying our perceptual apparatus on real and imagined events. Paper on CSAIL's Genesis story system, which understands, tells, and composes stories using common sense rules and higher level concept patterns.
  3. Medical Implants and Hospital Systems are Still Infosec Dumpster Fires (Cory Doctorow) -- has pointers to two writeups of the horrors in various medical systems. Whitescope's whitepaper on pacemaker security analyzes seven different pacemaker programming devices from four different manufacturers (devices that can reprogram a pacemaker remotely, generally by using radio signals) and finds that they are collectively undefended against 8,000 known vulnerabilities, and do not have even simple authentication between pacemakers and pacemaker programmers, meaning that there's no way your implanted pacemaker can tell whether it is connected to a legit device or an attacker's hacking tool. Cory points out that the DMCA exemption that allowed this paper to end is (a) expiring and (b) not broad enough to permit the release of sample code and the other stuff that helps to improve software security.
  4. OSS Fuzz Improving Open Source -- Google's open source fuzzer has found numerous security vulnerabilities in several critical open source projects: 10 in FreeType2, 17 in FFmpeg, 33 in LibreOffice, 8 in SQLite 3, 10 in GnuTLS, 25 in PCRE2, 9 in gRPC, and 7 in Wireshark. This is an excellent service from Google, which runs the testing on their servers. Their criteria for accepting projects: a large user base and/or be critical to Global IT infrastructure.

Four short links: 29 May 2017

Formal Correctness, Conversational Maxims, Learn Datalog, and AlphaGo Retires

  1. An Empirical Study on the Correctness of Formally Verified Distributed Systems (Paper a Day) -- the formal verification ensured the protocol was bug free. By far, the biggest group of bugs relates to assumptions about the behaviour of components that the formally verified system interacts with. These bugs manifest in the interface (or shim layer) between the verified and non-verified components. Buffers, escaping, incomplete reads, unreliable communications, all tripped them up.
  2. Google's Three Secrets to Designing Perfect Conversations -- One secret to making sure that line one leads to two, and two leads to three, comes from James Giongola, creative lead on conversation design and voice direction at Google. He recommends that chat designers take advantage of the rules baked into the Cooperative Principle, a concept created by British philosopher Paul Grice in the 1970s. Grice theorized that people employ all sorts of norms (which are known as Grice’s Maxims) to make sure that conversations flow normally. These maxims serve as simple hacks for anyone writing robo-conversations—the key is to make sure your bot is always offering enough information to keep a conversation going.
  3. Learn Datalog Today -- Learn Datalog Today is an interactive tutorial designed to teach you the Datomic dialect of Datalog. Datalog is a declarative database query language with roots in logic programming. Datalog has similar expressive power as SQL. Prolog as a query language, more or less, designed to parallelize, so popular with the Big Data kids. This is gentler info than reading the Datalog papers.
  4. AlphaGo "Retires" -- DeepMind will release the data from 50 games of the AI playing against itself for the Go community to study. DeepMind is also working on a teaching tool based on AlphaGo to be released sometime in the future. Ke Jie will collaborate with DeepMind on the tool, which Hassabis says should give “all players and fans the opportunity to see the game through the lens of AlphaGo.” I certainly hope this happens. It seems cheap to pop up and win the title, then retire and never play again. IBM's Deep Blue team did this after their software beat Kasparov. If it means the humans never get to learn how to beat the software, then this feels like the engineers using the game rather than loving the game. If you loved the game, you'd leave the game better than you found it rather than unsettled and unresolved.

Four short links: 26 May 2017

Service Availability, Data Share, Eventual Consistency Explained, and Reproducible Deep Learning

  1. The Calculus of Service Availability -- A service cannot be more available than the intersection of all its critical dependencies. If your service aims to offer 99.99% availability, then all of your critical dependencies must be significantly more than 99.99% available. Internally at Google, we use the following rule of thumb: critical dependencies must offer one additional 9 relative to your service—in the example case, 99.999% availability—because any service will have several critical dependencies, as well as its own idiosyncratic problems. This is called the "rule of the extra 9."
  2. datproject -- open source crypto—guaranteed distributed data share, designed for versioned data sets.
  3. How Your Data is Stored -- eventual consistency VERY LUCIDLY explained. It follows the original (entertaining) paper by Leslie Lamport but spells everything out clearly for non-computer-scientists.
  4. OpenAI Baselines -- open source implementations of the interesting published algorithms in deep learning. The papers often gloss over some of the details, so a full and working implementation truly lets others build on research. It's like the reproducibility project for deep learning.

Four short links: 25 May 2017

Crypto vs. Regulation, Crippling Genomic Research, There Are Bots, and Web Security

  1. Chaffinch -- crypto system that's an interesting response to an attempt to regulate crypto. The Chaffinch system allows several further messages to be steganographically concealed behind the main message. This allows cover traffic to be divulged to any authorities who wish to inspect the confidential information, without compromising the hidden material. The system is evaluated not only in terms of the traditional threat to confidentiality, eavesdroppers with significant computing power, but also in terms of its interaction with the U.K.'s Regulation of Investigatory Powers (RIP) Act, one of the first laws to attempt to engage with cryptography.
  2. We’re About to Cripple the Genomic Medical Era (DJ Patil) -- When we were developing the Precision Medicine Initiative and meeting with Americans across the country, a key concern was ensuring that their data couldn’t be used against them or their families (this is genetic information, so if you share a biological basis, you have overlap in the data). If there is any threat of this data being used in a way that is contrary to research, my deep fear is that people won’t be willing to donate their data. And there are too many people who have diseases who need us to donate our data to help.
  3. There Are Bots, Look Around (Renee DiResta) -- Something very similar happened in finance with the advent of high-frequency trading (the world I came from as a trader at Jane Street): technology was used to distort information flows and access in much the same way it is now being used to distort and game the marketplace of ideas. The future arrived a lot earlier for finance than for politics.
  4. Web Developer Security Checklist -- This checklist is simple, and by no means complete. I’ve been developing secure web applications for over 14 years, and this list contains some of the more important issues that I’ve painfully learned over this period. I hope you will consider them seriously when creating a web application.

Four short links: 24 May 2017

Travel Mode, Justice Data, Threat Dragon, and Voice Editing

  1. 1Password Travel Mode -- enable Travel Mode, and all devices not marked Safe For Travel are deleted from your devices. There's no indicator to let border agents know that Travel Mode is enabled.
  2. Measures for Justice -- collects data on justice systems in several states, funded by Gates and Zuckerberg foundations. As Bach says, “Justice in America happens in 3,000 counties, each with its own justice system.” (via Wired)
  3. OWASP Threat Dragon -- open source threat modeling tool from OWASP. It can be used as a standalone desktop app for Windows, MacOS, and Linux or as a web application. (via Tech Beacon)
  4. More Detail on Adobe's Voice Editing Software -- VoCo is based on an optimization algorithm that searches the voice recording and chooses the best possible combinations of phonemes (partial word sounds) to build new words in the user’s voice. To do this, it needs to find the individual phonemes and sequences of them that stitch together without abrupt transitions. It also needs to be fitted into the existing sentence so that the new word blends in seamlessly. Words are pronounced with different emphasis and intonation depending on where they fall in a sentence, so context is important. [...] In case the synthesized word isn’t quite right, VoCo offers users several versions of the word to choose from. The system also provides an advanced editor to modify pitch and duration, allowing expert users to further polish the track.

Four short links: 23 May 2017

TensorFlow Cookbook, Welcoming Newcomers, Patent Win, and Face Classification

  1. TensorFlow Cookbook Code -- code from Nick McClure's TensorFlow Machine Learning Cookbook.
  2. How I Welcome Newcomers (Dan Meyer) -- he has a Chrome extension to highlight newbie tweeters in math chats, so he can give them a warm welcome. What a great idea!
  3. Supreme Court Smacks Down Venue Shopping for Patent Cases -- huzzah, those pricks in the Eastern District of Texas get what they deserve. More than 40% of all patent lawsuits are filed in East Texas. Of those, 90% are brought by "patent trolls," according to a study published in a Stanford Law School journal.
  4. Face Classification -- Real-time face detection and emotion/gender classification using fer2013/imdb data sets with a keras CNN model and openCV.

Four short links: 22 May 2017

Meta Tutorial, Network Game, Indigenous VR, and Facebook Moderation

  1. An Interactive Tutorial on Making Interactive Tutorials -- full of the little details that you only learn by doing many times. (via @redblobgames)
  2. Netsim -- a simulator game designed to teach high schoolers about networking theory. (via @errorinn)
  3. Indigenous Australia in VR (SMH) -- The idea is to create a complex game where the user, wearing an Oculus Rift virtual reality headset, can engage with and learn about Aboriginal culture—and it's the campus elders and other Indigenous people who are driving the content.
  4. The Facebook Files -- the Guardian has copies of some of Facebook's moderation docs. Eye-wateringly, and eye-openingly, comprehensive guides to the situations that crop up online and the rules for navigating them. In one of the leaked documents, Facebook acknowledges “people use violent language to express frustration online” and feel “safe to do so” on the site. It says: “They feel that the issue won’t come back to them and they feel indifferent toward the person they are making the threats about because of the lack of empathy created by communication via devices as opposed to face to face. There's a lot of (perhaps amateur) psychological analysis behind these guidelines because of the complex social and personal circumstances in the edge-cases and conflicts. The big challenge for Facebook is to curtail some behaviour without removing the engagement-driving illusion that it's "my Facebook" that I am posting to (when, in fact, it might be more accurate to refer to posting as "crapping all over my friends' screens.")

Four short links: 19 May 2017

Algorithmic Fallibility, AI Sketches, Traffic Obfuscation, and Engineer-Manager Pendulum

  1. Algorithmic Fallibility and Economic Organization -- algorithms have benefits (when they get the right answer) and costs (when they get the wrong answer). This article creates three scenarios and uses the tools of economics to analyze them.
  2. Google Releases Sketches -- Sketch-RNN, a generative model for vector drawings, is now available in Magenta. Comes with 50M drawings as training data.
  3. Bedlam -- Google Chrome extension to generate random web traffic/DNS requests to make your web traffic data less valuable for selling.
  4. The Engineer-Manager Pendulum (Charity Majors) -- The best frontline eng managers in the world are the ones who are never more than 2-3 years removed from hands-on work, full time down in the trenches. The best individual contributors are the ones who have done time in management.

Four short links: 18 May 2017

Checking Fact-Checkers, Simpler Java, JSON Feed, and Street-Fighting Mathematics

  1. Checking How Fact-checkers Check -- I evaluate the performance of two major online fact-checkers, Politfact at Tampa Bay Times and Fact Checker at Washington Post, comparing their interrater reliability using a method that is regularly utilized across the social sciences. I show that fact-checkers rarely fact-check the same statement, and when they do, there is little agreement in their ratings. Approximately, 1 in 10 statements is fact-checked by both fact-checking outlets, and among claims that both outlets check, their factual ratings have a Cohen’s κ of 0.52, an agreement rate much lower than what is acceptable for social scientific coding. The results suggest that difficulties in fact-checking elites’ statements may limit the ability of journalistic fact-checking to hold politicians accountable. (via Marginal Revolution)
  2. Kotlin -- a Swift-like take on Java. Statically typed programming language for modern multiplatform applications 100% interoperable with Java and Android. Steve Yegge loves it, and here's a rundown of the main language features.
  3. JSON Feed -- another tilt at the content syndication windmill. "It's Atom but in convenient COBOL Object Notation," he said twitching. "Both remaining bloggers have signed up to use it!"
  4. Street-Fighting Mathematics (PDF) -- MIT book on the art of educated guessing and opportunistic problem-solving. The major sections are: Dimensions; Easy cases; Lumping; Pictorial proofs; Taking out the big part; Analogy.

Four short links: 17 May 2017

Shipping Apps, Cloud Economics, Computational Theory, and Imitation Learning

  1. How Etsy Ships Apps -- starts with a nifty summary of their chatops-based push process, then moves to how they tackle shipping for mobile apps. So, we built a vessel that coordinates the status, schedule, communications, and deploy tools for app releases. Here’s how Ship helps: (1) keeps track of who committed changes to a release; (2) sends Slack messages and emails to the right people about the relevant events; (3) manages the state and schedule of all releases.
  2. Usage Patterns and the Economics of the Cloud (Adrian Colyer) -- cloud providers overwhelmingly use static pricing models; what’s going on? Here’s the short summary: the data shows that there is actually very little variation in demand volatility for cloud datacenters at the moment, thus the current pricing model makes sense. If you look more closely at actual CPU utilization rates, though, you see that behind the constantly powered-on VMs, there are true variations in usage patterns. Therefore, as we move to cloud-native applications, and especially to models such as serverless that can much more effortlessly and granularly scale up and down in response to changing demands, we can expect the optimum pricing models to also change. Even then, it appears that having just two price bands, peak and off-peak—with off-peak times set in advance, would obtain the majority of the efficiency gains available.
  3. New Kind of Science -- available free. (via Stephen Wolfram's long article on NKoS and what's happened in the last 15 years).
  4. One-Shot Imitation Learning -- ideally, robots should be able to learn from very few demonstrations of any given task and instantly generalize to new situations of the same task, without requiring task-specific engineering. In this paper, we propose a meta-learning framework for achieving such capability, which we call one-shot imitation learning. (via OpenAI)

Four short links: 16 May 2017

Flash Organizations, Collaboration Data Set, De-Anonymizing Mobile Data, and Hacking Economics

  1. Flash Organizations: Crowdsourcing Complex Work By Structuring Crowds As Organizations -- Our system introduces two technical contributions: 1) encoding the crowd’s division of labor into de-individualized roles, much as movie crews or disaster response teams use roles to support coordination between on-demand workers who have not worked together before; and 2) reconfiguring these structures through a model inspired by version control, enabling continuous adaptation of the work and the division of labor. We report a deployment in which flash organizations successfully carried out open-ended and complex goals previously out of reach for crowdsourcing, including product design, software development, and game production.
  2. Media Manipulation and Disinformation Online (PDF) -- research from Data & Society that seeks to answer the questions: Who is manipulating the media? Where do these actors operate? What motivates media manipulation? What techniques do media manipulators use? Why is the media vulnerable? What are the outcomes?" (via BoingBoing)
  3. Trajectory Recovery From Ash (Adrian Colyer) -- how easy it is to deanonymize theoretically anonymous data. Even in a data set in which you might initially think there is no chance of leaking information about individuals, they can recover data about individual users with between 73% and 91% accuracy—even in data sets which aggregate data on tens of thousands to hundreds of thousands of users! Their particular context is mobile location data, but underpinning the discovery mechanism is a reliance on two key characteristics: (1) individuals tend to do the same things over and over (regularity)—i.e., there are patterns in the data relating to given individuals, and (2) these patterns are different across different users (uniqueness).
  4. Economia: A Festival on Economy Without the Economists (We Make Money Not Art) -- As curators Wiepko Oosterhuis and Olga Mink wrote: Why not start by treating economics like any other technology? Play with it, hack it, use input from other disciplines, unleash science fiction on it, approach it in an artistic manner. In short, take ownership so that we can reshape and rework economics as we see fit. I love the idea of the minimum wage machine: Turning the crank yielded a one cent euro coin every 4.018 seconds, that’s €8.96 an hour, the minimum wage in The Netherlands right now. The coins dropped as long as you turned the crank. I saw many people trying it. All of them stopped after the first few cents. You want to have a go because it’s a fun and straightforward installation, but you quickly realize how depressing and mind-numbing routine work is.

Four short links: 15 May 2017

Formal Systems, Deep Learning, Assembly Games, and Logs vs. Metrics

  1. Form and Content in Computer Science (Marvin Minsky) -- Minsky's 1970 ACM Turing Lecture. Let us consider a more elementary, but still puzzling, trade-off, that between addition and multiplication. How many multiplications does it take to evaluate the 3 X 3 determinant? If we write out the expansion as six trinomials, we need 12 multiplications. If we collect factors, using the distributive law, this reduces to nine. What is the minimum number, and how does one prove it, in this and in the n X n case? The important point is not that we need the answer. It is that we do not know how to tell or prove that proposed answers are correct! The interesting work currently being done in formal systems has a long heritage, but struggled for attention and interest in researchers for a long time.
  2. Questions & Intuition for Tackling Deep Learning Problems -- a great list. Never mind a neural network; can a human with no prior knowledge, educated on nothing but a diet of your training data set, solve the problem? Is your network looking at your data through the right lens? Is your network learning the quirks in your training data set, or is it learning to solve the problem at hand? Does your network have siblings that can give it a leg-up (through pre-trained weights)? Is your network incapable or just lazy? If it’s the latter, how do you force it to learn?
  3. Computer Games that Make Assembly Language Fun (IEEE Spectrum) -- three polished games that do a surprisingly good job of making coding in assembly language fun. To be clear, none of these titles involve writing assembly for real hardware. They all use virtual systems with minimal instruction sets. Still, they do capture the essence of assembly coding, with complex behaviors squeezed out of simple commands.
  4. Logs vs. Metrics -- difference between logs and metrics is huge. A log is an immutable record of discrete events that happened over time while metrics are a set of numbers that give information about a particular process or activity usually recorded over time to form a time series. I loved the RED method: "request rate, error rate, and duration of requests to tell you how busy your service is, whether there are any errors in it, and what its latency is."

Four short links: 12 May 2017

Amazons Competes with Investment, Answering Questions, Designing for Survivors, and Open Source Support

  1. Amazon Chows Into Its Seed Corn -- Amazon invested in Nucleus via the Alexa Fund, then released their own version of Nucleus' functionality. The move will also likely deal a blow to the Alexa Fund, the investment vehicle through which Amazon has been supporting startups building products and services to be controlled by voice.
  2. Inferring and Executing Programs for Visual Reasoning​​ -- Facebook Research's paper that uses deep learning to answer questions like "Does the small sphere have the same color as the cube left of the gray cube?". Code released on github. (via @PyTorch)
  3. Privacy & Security Practices when Coping with Intimate Partner Abuse -- Google paper that combines technology practices with three phases of abuse to provide an empirically sound method for technology creators to consider how survivors of IPA can leverage new and existing technologies. Overall, our results suggest that the usability of and control over privacy and security functions should be or continue to be high priorities for technology creators seeking ways to better support survivors of IPA. (via Martin Shelton)
  4. How the TensorFlow Team Handles Open Source Support (Pete Warden) -- A successful open source project is a denial-of-service attack on its maintainers' time, so it's really interesting to see how the Google team both prioritised support and automated much of the drudgery around it.

Four short links: 11 May 2017

First-Person Stop-Shooter, Parkinson's Wearable, Neural Net Mystery, and Fly Fast and Break Things

  1. Medusa FPS (We Make Money Not Art) -- Karolina Sobecka‘s Medusa FPS is directly inspired by these semi-autonomous and autonomous weapons. In her First Person Shooter game, the player uses an AI-assisted gun that guides his or her hand to aim more effectively and fires when a ‘target’ enters its field of view. Which of course seems to wipe out much of the thrill of playing a FPS game. Medusa FPS, however, reverses the usual logic and goals of FPS games. The challenge for the player here is to fight against his or her own in-game character and prevent it from shooting anyone. They cannot drop the weapon nor stop it from firing, but they can obstruct it (and the gun’s) vision.
  2. Microsoft's Project Emma: A Wearable for Parkinson's Sufferers -- This disease makes it impossible for her to draw straight lines or write legibly. With the wearable on her wrist, however, normal writing and drawing is possible. Remarkably, how it works isn't 100 percent known. (via Slashdot)
  3. Understanding Deep Learning Requires Rethinking Generalization (Paper a Day) -- ANNs are bloody good at memorising things (even just 2-layer ones: There exists a two-layer neural network with ReLU activations and 2n + d weights that can represent any function on a sample of size n in d dimensions). You can train them on randomness and they'll learn to parrot it perfectly, but with no predictive value. And they don't seem to sweat any harder than when you teach them patterns and have them predict values they haven't seen. In [this] case, there is no longer any relationship between the instances and the class labels. As a result, learning is impossible. Intuition suggests that this impossibility should manifest itself clearly during training, e.g., by training not converging or slowing down substantially. To our surprise, several properties of the training process for multiple standard architectures is largely unaffected by this transformation of the labels.
  4. Learning to Fly by Crashing (PDF) -- We crash our drone 11,500 times to create one of the biggest UAV crash dataset. This dataset captures the different ways in which a UAV can crash. We use all this negative flying data in conjunction with positive data sampled from the same trajectories to learn a simple yet powerful policy for UAV navigation. (via IEEE Spectrum)

Four short links: 10 May 2017

Indie Finances, Fog UI, Push on Green, and Scratch for Distributed Systems

  1. Indie Band Finances -- Pomplamoose shed light on the economics of their recent tour and how they've not so much "made it" as "are making it every day." We’re entering a new era in history: the space between “starving artist” and “rich and famous” is beginning to collapse. Interesting for those tracking the gig economy and how people make money with digital creativity.
  2. MistForm: Adaptive Shape-Changing Fog Screens -- Mistform combines affordances from both shape-changing interfaces and mid-air displays. For example, a concave display can maintain content in comfortable reach for a single user, while a convex shape can support several users engaged on individual tasks. MistForm also enables unique interaction possibilities by exploiting the synergies between shape-changing interfaces and mid-air fog displays. For instance, moving the screen will affect the brightness and blurriness of the screen at specific locations around the display, creating spaces with similar (collaboration) or different visibility (personalized content). Neat tech, but if you thought it wasn't fun sitting beside someone using their laptop on the bus, wait until their display is basically a sneeze.
  3. Push on Green (PDF) -- overview of the DevOps approach that Google takes. The nine steps of feature flags was a great a-ha for me.
  4. NetsBlox -- NetsBlox is a visual programming language and cloud-based environment that enables novice programmers to create networked programs such as multi-player games. Its visual notation is based on Scratch, and it uses the open source JavaScript code base of Snap! NetsBlox opens up the internet with its vast array of public domain scientific and other data sources, making it possible to create STEM projects, such as displaying seismic activity anywhere on Earth using an interactive Google Maps background. Similarly, weather, air pollution, and many other data sources such as the Open Movie Database and the Sloan Digital Sky Server are available. NetsBlox supports collaborative program editing similar to how Google Docs work.

Four short links: 9 May 2017

Chinese Online Shopping, Google's Fuchsia, Leaving Top-Down, and Open Source SyntaxNet

  1. Chinese Shopping Numbers (BCG) -- According to China’s National Bureau of Statistics, Chinese consumers spent $750 billion online in 2016—more than the U.S. and the U.K. combined.
  2. Google's Fuchsia Operating System -- The interface and apps are written using Google's Flutter SDK, a project that actually produces cross-platform code that runs on Android and iOS. Flutter apps are written in Dart, Google's reboot of JavaScript, which, on mobile, has a focus on high-performance, 120fps apps. It also has a Vulkan-based graphics renderer called "Escher" that lists "Volumetric soft shadows" as one of its features, which seems custom-built to run Google's shadow-heavy "Material Design" interface guidelines.
  3. Composers as Gardeners -- So, my feeling has been that the whole concept of how things are created and organized has been shifting for the last 40 or 50 years, and as I said, this sequence of science as cybernetics, catastrophe theory, chaos theory, and complexity theory, are really all ways of us trying to get used to this idea that we have to stop thinking of top-down control as being the only way in which things could be made.
  4. SyntaxNet Open Sourced -- Our release includes all the code needed to train new SyntaxNet models on your own data, as well as a suite of models that we have trained for you, and that you can use to analyze text in over 40 languages.

Four short links: 8 May 2017

Skimming Text, Image Attribute Transfer, Reproducible Research, and Robots Surviving Clutter

  1. Learning to Skim Text -- Despite their promise, many recurrent models have to read the whole text word by word, making it slow to handle long documents. For example, it is difficult to use a recurrent network to read a book and answer questions about it. In this paper, we present an approach of reading text while skipping irrelevant information if needed. The underlying model is a recurrent network that learns how far to jump after reading a few words of the input text. Basically implementing a teenager reading for school, then. (via hardmaru on Twitter)
  2. Visual Attribute Transfer through Deep Image Analogy -- the sample images are stunning.
  3. Practice of Reproducible Research -- 31 case studies of reproducible research workflows, written by academic researchers in the data-intensive sciences. Each case study describes how the author combined specific tools, ideas, and practices in order to complete a real-world research project. Emphasis is placed on the practical aspects of how the author organized his or her research to make it as reproducible as possible.
  4. Manipulation Under Clutter and Uncertainty With And Around People (YouTube) -- an hour-long lecture on the challenges of robotics in actual human environments. I hope they take a while to solve this problem, because hiding in my kid's room is literally my only survival plan for the robopocalypse.

Four short links: 5 May 2017

Question Answering, Ultrasonic Tracking, GitHub as Resume, and AI M:TG

  1. SQuAD -- Stanford Question Answering Dataset (SQuAD) is a new reading comprehension data set, consisting of questions posed by crowdworkers on a set of Wikipedia articles, where the answer to every question is a segment of text, or span, from the corresponding reading passage. With 100,000+ question-answer pairs on 500+ articles, SQuAD is significantly larger than previous reading comprehension data sets. And there's a contest to build AI to answer the questions.
  2. Ultrasonic User Tracking -- more than 200 Android apps found using ultrasound cross-device tracking (uXDT). uXDT is the practice of advertisers hiding ultrasounds in their ads. When the ad plays on a TV or radio, or some ad code runs on a mobile device or computer, it emits ultrasounds that are picked up by the microphone of nearby laptops, desktops, tablets or smartphones. (via BoingBoing)
  3. Leaving Apple -- Developers have long argued that job seekers should have a strong public portfolio, as demonstrated experience can account for the lack of a relevant degree. After years of building up my portfolio, it became apparent that most outside recruiters I talked with never looked at my blog/GitHub, despite a strong emphasis of both on my résumé.
  4. AI for Modern Card Games (PDF) -- sure you had fun at work today, but did you teach a computer to play Magic: The Gathering and get a bachelor's degree for it?

Four short links: 4 May 2017

Secure Coding, Bank Account API, Font Recognition, and How to Write a Paper

  1. Alarming State of Secure Coding (Andy Oram) -- The details below tell the same basic story in every case—only a minority of respondents think the practice is sufficiently in place, and a large chunk always reports they want to perform the practice and cannot do it at all. The bigger problem is that programmers are taught to find the golden path ("how do I get the computer to do this thing?") and not the tester/security mindset ("how can I get the computer to do something else?")
  2. Bank Account With an API -- Extend your account by building new features and integrating with other services using our securely hosted JavaScript code.
  3. Typefont -- An algorithm [implemented] in JavaScript that recognizes the font of a text in an image using the Tesseract optical character recognition engine and some image processing libraries.
  4. How to Write a Paper (PDF) -- excellent advice, also summarized in these slides.