Four Short Links

Nat Torkington's eclectic collection of curated links.

Four short links: 21 May 2018

Quantum Computing, E-Waste, Artificial Senses, and Inside printf

  1. John Preskill on Quantum Computing -- That’s what we mean by quantum entanglement. Information stored in those correlations that you can’t see when you look at the parts one at a time.
  2. The Internet of Trash -- The United Nations found that people generated 44.7 million metric tons of e-waste globally in 2016, and expects that to grow to 52.2 million metric tons by 2021. And behind the word "e-waste" lies some truly heinous chemicals that you want to keep out of your food supply chain.
  3. Artificial Senses -- visualizes sensor data of the machines that surround us to develop an understanding of how they experience the world.
  4. Inside printf -- a sweet "powers of 10" style dig into how a call to printf results in things displayed on the screen.

Four short links: 18 May 2018

Efficient Meetings, Mixed Reality in Unity, Design Power, and AI's Exponential Curve of Cost

  1. Reaching Peak Meeting Efficiency -- solid advice for business meetings, including a taxonomy with some firm opinions.
  2. United Mixed Reality Toolkit -- a collection of scripts and components intended to accelerate development of applications targeting Microsoft HoloLens and Windows Mixed Reality headsets in Unity. See blog post.
  3. Reddit's New Design Increases Power Consumption by 68GW/Month -- this Reddit user shows their working.
  4. AI and Compute (OpenAI) -- since 2012, the amount of compute used in the largest AI training runs has been increasing exponentially with a 3.5 month-doubling time (by comparison, Moore’s Law had an 18-month doubling period).

Four short links: 17 May 2018

SEC's ICO, Feeling, Win95 for iOS, and Monocular Performance Capture

  1. Howey Coins -- SEC made their own fake ICO site to illustrate the dangers of unregulated offerings. When you click through to buy, you get their information page.
  2. Graphene-Based Sensor that Feels As a Human Does -- The device detects changes in electrical conductance and resistance through the graphene film when the film is deformed. [...] The graphene film responds to deformations in just 1–2ms, which Park says is much faster than any other piezo-resistive material. [...] Park and his team incorporate their graphene film onto an artificial fingerprint structure so the film reacts to tiny vibrations caused by the ridges on the fingerprint rubbing against a textured surface. Analysing these vibration signals allows the sensor to “feel” differently textured fabrics.[...] After learning the features of known fabrics, the sensor was able to extrapolate this knowledge and significantly outperform humans when classifying 12 new fabrics – scoring 99% compared to 58% in a blind test of 50 people.
  3. ClassicKit -- a collection of classic-style UI components for iOS.
  4. MonoPerfCap -- the first marker-less approach for temporally coherent 3D performance capture of a human with general clothing from monocular video.

Four short links: 16 May 2018

Right to Repair, Entrepreneurial Privilege, Bash Style, and The Botnet Business Model

  1. Right to Repair -- John Scalzi wrote a (very short) story (pure dialogue!) for the EFF to illustrate the significance of the Right to Repair exemption to DMCA for which EFF is lobbying the Copyright Office. (via BoingBoing)
  2. Smart and Illicit: Who Becomes an Entrepreneur and Do They Earn More? -- answer: those from wealthy and privileged backgrounds, and the estimated increase in annual earnings for an individual who chooses to become an incorporated business owner is 12%. This is 2013 research. (via Quartz)
  3. Google's Bash Style Guide -- It's all good, but Use common sense and BE CONSISTENT is golden.
  4. Inside the Business Model for Botnets (MIT TR) -- costs and income. The team say that distributed denial-of-service attacks using a network of 30,000 bots can generate around $26,000 a month. This is a friendly writeup of this paper.

Four short links: 15 May 2018

Data to Sound, Black Mirror, Emulation, and PGP Vulnerability

  1. Sonify -- use data to create and play MIDI files.
  2. Recoding Black Mirror -- workshop at WWW '18. Paper a Day has reader's digest versions of the papers in two parts.
  3. Pi1541 -- a real-time, cycle exact, Commodore 1541 disk drive emulator that can run on a Raspberry Pi 3B (or 3B+). [...] Pi1541 emulates a 6502 and the two 6522s. Any code it is asked to run is run in a cycle exact way. Amazing to live in a time when we can emulate three (admittedly much slower) CPUs in real time on a cheap piece of commodity kit.
  4. EFAIL -- vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails. See EFF's recommendation not to use PGP.

Four short links: 14 May 2018

Ridesharing Suburbia, Dunbar's Number, Event Sourcing, and Product Failures

  1. Uber and Lyft Change Where People Live (Business Insider) -- Today, in our Uber-tech world, I [can be] in the back of a car with my iPhone, and I’m not losing out on anything. That has changed [commutes] dramatically. Your commute time is not lost productivity. When public transportation doesn't serve your suburb well, there's always Lyft.
  2. Are My Friends Really My Friends? (NY Times) -- One may presume that boasting thousands of social media friends or followers would inflate Dunbar’s number, but Dr. Dunbar said that is “absolutely not at all” the case. In a recent paper analyzing Facebook and Twitter data, and another one looking at mobile phone calls, his team determined that people still “showed the same frequencies of interaction as in face-to-face relationships” for the corresponding layers of intimacy, he said.
  3. Kickstarter's Simple Event Sourcing -- the four components of a minimal event sourcing system: Events to provide a history; Aggregates to represent the current state of the application; Calculator to update the state of the application; Reactors to trigger side effects as events happen.
  4. Product Failures -- 116 of them, briefly named. Many in FMCG, but plenty enough in tech. I'm struck by how many of the tech products were just too early, rather than Just Plain Bad ideas like Cocaine, Redux Beverages (2007). Pulled from shelves in 2007 for marketing itself as an alternative to illegal street drugs, this over-the-top energy drink has 2.5 times the caffeine of Red Bull.

Four short links: 11 May 2018

Leaked Secrets, WFH Productivity, Developer Growth, and Capture the Flag

  1. Used Photocopiers Leak Images -- Nearly every digital copier built since 2002 contains a hard drive - like the one on your personal computer - storing an image of every document copied, scanned, or emailed by the machine.
  2. Stanford Study Shows Productivity Up if Working From Home -- Turns out work-from-home employees work a true full-shift (or more) versus being late to the office or leaving early multiple times a week and found it less distracting and easier to concentrate at home. Additionally (and incredibly), employee attrition decreased by 50 percent among the telecommuters, they took shorter breaks, had fewer sick days, and took less time off. [...] Oh, and by the way, the company saved almost $2,000 per employee on rent by reducing the amount of HQ office space. See the original paper for more details.
  3. Developer Growth Framework (Tamara Buckland) -- a simple spreadsheet/matrix to help identify and clarify appropriate behaviours and expectations for developers at different stages of their careers. It has a summary sheet which has some high level information about expectations for developers across 4 categories '#build' '#deliver' '#lead' and '#connect' and then it deep dives into those 4 categories in more detail with relevant examples. A good start to building your ladder.
  4. Google CTF -- This repository lists most of the challenges used in the Google CTF 2017.

Four short links: 10 May 2018

Game Development, Fake Reviews, Super-Resolution, and Speech Synthesis

  1. Portal Problems -- a talk from Harvard's Intro to Game Development class, a very rendernerdy walk through a lot of bugs that showed up in Portal and how they were fixed. A lot of fixes that are "good enough" rather than "let's make this perfect."
  2. Amazon's Fake Review Problem (Buzzfeed) -- The company, through lawsuits, human moderators, and algorithms, is trying to keep fake reviews off the site, but the review mills that produce those disingenuous ratings may always be one step ahead of Amazon’s ability to moderate them.
  3. Super-Resolution (Paper a Day) -- In super-resolution, we take as input a low-resolution image [...] And produce as output an estimation of a higher resolution up-scaled version.
  4. Google Duplex -- The system also sounds more natural thanks to the incorporation of speech disfluencies (e.g., “hmm”s and “uh”s). These are added when combining widely differing sound units in the concatenative TTS or adding synthetic waits, which allows the system to signal in a natural way that it is still processing. (This is what people often do when they are gathering their thoughts.) In user studies, we found that conversations using these disfluencies sound more familiar and natural. I liked that the ums are often inserted for the same reason as a human would: "still processing, more words to come soon!"

Four short links: 9 May 2018

Fact Verification Data Set, Forecasting Software, Image Enhancement, and Effective Teamwork

  1. Fact Extraction and Verification Data Set Available -- Amazon and University of Sheffield. The claims in the data set were generated manually by human annotators who extracted them from Wikipedia pages. False claims were generated by mutating true claims in a variety of ways, some of which were meaning-altering.
  2. Forecasting Cycle Time as a Team -- I am sharing a script I use to facilitate forecasting the cycle time of a software product development initiative (not user stories, but initiatives, and only the time “in development”). (via John Cutler)
  3. Learning to See in the Dark -- using deep learning to enhance almost-no-light images, with astonishing results. Paper and source available. (via Oriol Vinyals)
  4. Effective Teamwork -- a one-page summary of all the lessons I have learned having done these many team projects (and having been a culprit in bad teammwork innumerable times). Checks out.

Four short links: 8 May 2018

Infrastructure Testing, Algorithm Check, Parallel Texts, and Dead Pixels

  1. Open Sourcing Terratest: a Swiss Army Knife for Testing Infrastructure Code -- Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
  2. Questions to Ask Before Deciding an Algorithm Is The Answer (EFF) -- a simple 5-point checklist: 1. Will this algorithm influence—or serve as the basis of—decisions with the potential to negatively impact people’s lives? 2. Can the available data actually lead to a good outcome? 3. Is the algorithm fair? 4. How will the results (really) be used by humans? 5. Will people affected by these decisions have any influence over the system? (via BoingBoing)
  3. OPUS -- corpus of open translated texts (each text in the corpus is in two or more languages) for, e.g., training machine learning models.
  4. Danger of Drone Displays -- all is good until they start falling from the skies. More detail in Gizmodo. (via IEEE Spectrum)

Four short links: 7 May 2018

Teaching Programming Languages, Security Training, Manager READMEs, and Digital Expression

  1. Teaching Programming Languages by Experimental and Adversarial Thinking -- We present a new approach to teaching programming language courses. Its essence is to view programming language learning as a natural science activity, where students probe languages experimentally to understand both the normal and extreme behaviors of their features. This has natural parallels to the "security mindset" of computer security, with languages taking the place of servers and other systems.
  2. PagerDuty Security Training -- We run two internal employee security training courses at PagerDuty; one for everyone covering a variety of general security topics relevant to all employees, and one for engineers covering more technical security concepts relevant to those in our engineering department. This site provides all of the public material for both of these courses.
  3. Example Manager READMEs -- from managers at Slack, Spotify, HubSpot, and more.
  4. Four Principles for Digital Expression (You Won’t Believe #3!) -- We need clear principles to guide and secure meaningful digital free expression. This article charts a path to provide just that. Part I exposes crucial myths surrounding digital speech and privacy in our networked age. Part II offers a conception of free speech based on a distrust of power, both public and private. Even if doctrinal analysis does not account for private barriers to free expression, the project of free expression should. Part III lays out four essential preconditions for a theory and a system of free expression in the digital age.

Four short links: 4 May 2018

Data Science Ethics, Networks and Markets, Chinese Sesame, and Refactoring Into Microservices

  1. Data Science Ethics Syllabus -- from Kant to A/B testing, it looks very comprehensive.
  2. Networks and the Next Economy (Tim O'Reilly) -- In 2018, we still think that we can organize our companies in old ways but do new things.
  3. China's Social Credit Mandatory in 2020 (New Republic) -- “Good” behavior is equally subjective. Sesame Credit automatically upgrades customers who purchase curtains or diapers, for example—items which suggest a certain middle-class stability. This is partly because Sesame “is designed to incentivize behaviors that drive profits for Alibaba,” explains Mark Natkin, managing director of Beijing-based Marbridge Consulting. Capitalism meets authoritarianism. "[I]nformation often includes errors like mistaken user identity, and some lenders deliberately misrepresent user information...they will actually put their favorite customers on their blacklist shared with other lenders, so that other platforms will reject the customer, allowing the original lender to have exclusive access.”
  4. Evolving Away from Entities -- Entity services are what you get when you only think about the data and not how you are going to use it. Really good case study of refactoring into microservices, part of a larger tutorial.

Four short links: 3 May 2018

MySQL Migrations, 3D Faces, Economics of Privacy, and Peter Principle

  1. gh-ost -- GitHub's Online Schema Migrations for MySQL. Triggerless migrations.
  2. Joint 3D Face Reconstruction and Dense Alignment with Position Map Regression Network -- In this paper, we propose an end-to-end method called "position map regression network" (PRN) to jointly predict dense alignment and reconstruct 3D face shapes. With source code. Our network is very light-weighted and spends only 9.8ms to process an image, which is much faster than previous works.
  3. The Economics of Privacy -- This page provides links to resources on the economics of privacy, financial privacy, and the economics of anonymity: papers, people, related conferences, and other links.
  4. The Cost of the Peter Principle -- The data suggest that high-performing sales representatives are indeed more likely than other workers to be promoted into management. The doubling of sales credits increases the probability that a salesperson will be promoted by 14.3% relative to the base probability of promotion. The researchers also found that pre-promotion performance data could negatively predict a new manager's value after promotion: a doubling of the new manager's pre-promotion sales was associated with a 7.5% decline in the sales performance of each new manager's subordinates.

Four short links: 2 May 2018

FPGA, Comics, Charts, and Learning to Code

  1. Retrospective on 10 Years of FPGA (IEEE) -- Xilinx introduced the first field programmable gate arrays (FPGAs) in 1984, though they were not called FPGAs until Actel popularized the term around 1988. Over the ensuing 30 years, the device we call an FPGA increased in capacity by more than a factor of 10,000 and increased in speed by a factor of 100. Cost and energy consumption per unit function decreased by more than a factor of 1,000.
  2. A Survey of Comics Research in Computer Science -- A large part of previous work is focusing on the low-level image analysis by using handcrafted features and knowledge-driven approaches. Recent research focuses more on deep learning and high-level image understanding. Still, many applications have been done for natural image, and the research about artworks and comics get more attention only very recently. A lot of unexplored fields remain, especially content generation and augmentation.
  3. TUI Chart -- easy way to draw various and essential charts on your web service.
  4. TIC computer -- a faux 8-bit system for learning to code, reminiscent of the PICO-8. This one is open source.

Four short links: 1 May 2018

Programming Competitions, Computational Propaganda, Distributed Systems, Simone Giertz

  1. Competitive Programmer's Handbook -- an algorithm and data-structure cheatsheet for the frequent programming competition entrant (and you).
  2. The Biology of Disinformation -- research report from the Institute For the Future on "computational propaganda," which is the best term I've heard for it.
  3. The TLA+ Video Course -- Leslie Lamport teaches his formal specification language+verification system for distributed systems.
  4. I Have a Brain Tumor -- the fantastic Simone Giertz is going to need your Patreon support more than ever.

Four short links: 30 April 2018

Haptic Jacket, Markup Diagrams, Idempotence meets IoT, and Rough Javascript Drawings

  1. Disney's Haptic VR Jacket (WaPo) -- The Force Jacket contains 26 inflatable compartments, which can reproduce more than a dozen "feel affects," such as a hug, a punch or a snake slithering across your body. These sensations are created by modifying the speed, force, and duration of inflating or deflating the airbags. The pressure and vibrations can also correspond with visual displays, allowing users to feel the actions they perform and witness in a VR game.
  2. Mermaid -- markup-style generation of diagrams and flowcharts.
  3. You Know How GET Requests are Meant to be Idempotent? (Will Pearse) -- hilarious short thread, where web protocol expectations and a physical interface don't mesh well with a well-meaning cloud service.
  4. Rough.js -- open source Javascript library to create graphics with a hand-drawn, sketchy appearance.

Four short links: 27 April 2018

Automating Commerce, Faster Training, MacOS Monitoring, and Formal Methods

  1. Death of A Supply-Driven World -- The company employs under a dozen engineers that built a technology stack that integrates the brand’s planning, design, marketing and commerce systems into an all-knowing brain. If a shopper adds a product to the cart and then removes it, the brand knows and feeds this info back into its demand planning system. If a shopper returns one size and keeps another, this informs how the brand will reorder that product, if it does at all. All of this happens automatically, and while there are still humans making some decisions, the brand has no merchandising team. Most of its buying and planning is entirely automated.
  2. Accelerated Neuro-Evolution -- open source code that maximizes the use of CPUs and GPUs in parallel. It runs deep neural networks on the GPU, the domains (e.g. video games or physics simulators) on the CPU, and executes multiple evaluations in parallel in a batch, allowing all available hardware to be utilized efficiently. [...] [I]t also contains custom TensorFlow operations, which significantly improve training speed.
  3. MacOS Monitoring the Open Source Way -- interesting read about how Dropbox security team monitor the employee laptops to catch malware, using osquery for snapshots, Santa for real-time process events, and OpenBSM/Audit for real-time syscall monitoring.
  4. The Great Theorem-Prover Showdown -- he chose three imperative programs with variable assignment, and challenged theorem prover Twitter to formally prove the code's correctness, with interesting results. My favourite sentence in the write-up is If the only result of this challenge is that Leftpad becomes the theorem prover’s “hello world”, I’ll be pretty happy.
  5. Note: The email edition of Four Short Links will be discontinued on Monday, April 30. New editions of Four Short Links will still be published every weekday at and through the Four Short Links feed. Please send questions about this change to

Four short links: 26 April 2018

DNA for Data, Project Names, VGA SDR, and Image Magic

  1. Exabytes in a Test Tube: The Case for DNA Data Storage -- still in its infancy, but researchers are drawn by high storage density (up to 1E12 GB/gram), unpowered, and durable in "ideal" conditions. There are even people working on random-access tech.
  2. Waggle Dance -- Hive federation service. Enables disparate tables to be concurrently accessed across multiple Hive deployments. (Hive is an Apache data warehouse project.) This easily wins today's award for Best Project Name. (Circus Train is a good name, but not as {fingerkiss} as Waggle Dance.
  3. VGA as SDR -- this is wild. osmo-fl2k allows you to use USB 3.0 to VGA adapters based on the Fresco Logic FL2000 chip, which are available for around $5, as general purpose DACs and SDR transmitter generating a continuous stream of samples by avoiding the HSYNC and VSYNC blanking intervals. Can transmit low-power FM, DAB, DVB-T, GSM, UMTS, and GPS signals.
  4. Image Inpainting for Irregular Holes Using Partial Convolutions -- the video is solid gold wow. (via NVIDIA developer news)
  5. Note: The email edition of Four Short Links will be discontinued on Monday, April 30. New editions of Four Short Links will still be published every weekday at and through the Four Short Links feed. Please send questions about this change to

Four short links: 25 April 2018

Music Biz, Amazon DNS Hijack, Embedded Platform, and Tech Change

  1. Music Industry's "Fantastic 2017" -- That $1.4 billion of growth puts the global total just below 2008 levels ($17.7 billion), meaning that the decline wrought through much of the last 10 years has been expunged. The recorded music business is locked firmly in growth mode, following nearly $1 billion growth in 2016. Cory Doctorow makes the point that while the "music industry" is booming, artist incomes aren't growing at the same rate. Or, indeed, at all.
  2. Amazon's DNS Hijacked For Two Hours -- in service of raiding a cryptocurrency website.
  3. Nerves -- Pack your whole application into as little as 12MB and have it start in seconds by booting a lean cross-compiled Linux directly to the battle-hardened Erlang VM. Let Nerves take care of the network, discovery, I/O, firmware updates, and more. Focus on what matters, and have fun writing robust and maintainable software. Nifty approach to a very real problem.
  4. Five Things We Need to Know About Technological Change (Neil Postman) -- this is incredibly prescient and good. Technological change is not additive; it is ecological.[...] A new medium does not add something; it changes everything. In the year 1500, after the printing press was invented, you did not have old Europe plus the printing press. You had a different Europe. After television, America was not America plus television. Television gave a new coloration to every political campaign, to every home, to every school, to every church, to every industry, and so on. That is why we must be cautious about technological innovation. The consequences of technological change are always vast, often unpredictable, and largely irreversible. See also a related talk by Postman. (via Daniel G. Siegel)
  5. Note: The email edition of Four Short Links will be discontinued on Monday, April 30. New editions of Four Short Links will still be published every weekday at and through the Four Short Links feed. Please send questions about this change to

Four short links: 24 April 2018

IoT, Migrations, Prisoner's Dilemma, and Security

  1. IoT Inspector -- The Princeton University research team is digging into the traffic that IoT devices do, to identify malicious or otherwise dodgy behaviour. They want to know what IoT devices you have so they can test them. They'll release their packet capture and analysis tool as open source. (via BoingBoing)
  2. Migrations (Will Larson) -- very good explanation of how to manage migrations which are usually the only available avenue to make meaningful progress on technical debt. (via Simon Willison)
  3. Beating the Prisoner's Dilemma -- In 2013 as the semester ended in December, students in Fröhlich’s "Intermediate Programming," "Computer System Fundamentals," and "Introduction to Programming for Scientists and Engineers" classes decided to test the limits of the policy, and collectively planned to boycott the final. Because they all did, a zero was the highest score in each of the three classes, which, by the rules of Fröhlich’s curve, meant every student received an A. How did they manage to avoid defection? (If just one student sat the test, that person would get an A and everyone else fail) The students waited outside the rooms to make sure that others honored the boycott, and were poised to go in if someone [broke the pact]. No one did, though. Prisoner's Dilemma only works if the prisoners can't communicate. (via Freakonomics and Ian Miers)
  4. Computer Security: The Achilles' Heel of the Air Force? -- incredibly prescient 1979 article on the important problems of security. The stories of repeatedly improving early systems like GCOS and MULTICS are super-interesting and rich with parallels for today. A contract cannot provide security. Basically, the same GCOS system was selected for a major command and control system. Advocates assured the users that it would be made multilevel secure because security was required by the contract. An extensive tiger team evaluation found there were many deep and complex security flaws that defied practical repair—the computer was finally deemed not only insecure but insecurable.
  5. Note: The email edition of Four Short Links will be discontinued on Monday, April 30. New editions of Four Short Links will still be published every weekday at and through the Four Short Links feed. Please send questions about this change to