Four short links: 9 November 2016
Lessons Learned, Large Data Sets, Julia Ports, and Light Worms
- NASA Analyzing Lessons Learned with Graph Databases — at NASA, Neo4j and a graph visualization tool called Linkurious helped Meza’s team build an interface to explore the databases of lessons, finding documents relating to particular topics and even uncovering connections between disparate subjects.
- Practical Advice for the Analysis of Large Data Sets — good advice from the person who led the Data Science team at Google.
- A Look at How Traders and Economists Are Using Julia — including the Fed’s model of the U.S. economy. FRBNY’s DSGE model—which is used for both forecasting and policy analysis—was run on Matlab. Please hold until my boggling finishes.
- World’s First Light Worm — The worm spreads by jumping directly from one lamp to its neighbors, using only their built-in ZigBee wireless connectivity and their physical proximity. […] To make such an attack possible, we had to find a way to remotely yank already installed lamps from their current networks, and to perform over-the-air firmware updates. We overcame the first problem by discovering and exploiting a major bug in the implementation of the Touchlink part of the ZigBee Light Link protocol, which is supposed to stop such attempts with a proximity test. To solve the second problem, we developed a new version of a side-channel attack to extract the global AES-CCM key that Philips uses to encrypt and authenticate new firmware. We used only readily available equipment costing a few hundred dollars, and managed to find this key without seeing any actual updates. This demonstrates once again how difficult it is to get security right, even for a large company that uses standard cryptographic techniques to protect a major product.