Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

August 17, 2016

Text [R, Scraping, Text]

Filed under: Data,R,Web Scrapers — Patrick Durusau @ 8:31 pm

Text by Amelia McNamara.

Covers “scraping, text, and timelines.”

Using R, focuses on scraping, works through some of “…Scott, Karthik, and Garrett’s useR tutorial.”

In case you don’t know the useR tutorial:

Also known as (AKA) Extracting data from the web APIs and beyond:

No matter what your domain of interest or expertise, the internet is a treasure trove of useful data that comes in many shapes, forms, and sizes, from beautifully documented fast APIs to data that need to be scraped from deep inside of 1990s html pages. In this 3 hour tutorial you will learn how to programmatically read in various types of web data from experts in the field (Founders of the rOpenSci project and the training lead of RStudio). By the end of the tutorial you will have a basic idea of how to wrap an R package around a standard API, extract common non-standard data formats, and scrape data into tidy data frames from web pages.

Covers other resources and materials.

Enjoy!

Pandas

Filed under: Data Science,Pandas,Python — Patrick Durusau @ 8:19 pm

Pandas by Reuven M. Lerner.

From the post:

Serious practitioners of data science use the full scientific method, starting with a question and a hypothesis, followed by an exploration of the data to determine whether the hypothesis holds up. But in many cases, such as when you aren’t quite sure what your data contains, it helps to perform some exploratory data analysis—just looking around, trying to see if you can find something.

And, that’s what I’m going to cover here, using tools provided by the amazing Python ecosystem for data science, sometimes known as the SciPy stack. It’s hard to overstate the number of people I’ve met in the past year or two who are learning Python specifically for data science needs. Back when I was analyzing data for my PhD dissertation, just two years ago, I was told that Python wasn’t yet mature enough to do the sorts of things I needed, and that I should use the R language instead. I do have to wonder whether the tables have turned by now; the number of contributors and contributions to the SciPy stack is phenomenal, making it a more compelling platform for data analysis.

In my article “Analyzing Data“, I described how to filter through logfiles, turning them into CSV files containing the information that was of interest. Here, I explain how to import that data into Pandas, which provides an additional layer of flexibility and will let you explore the data in all sorts of ways—including graphically. Although I won’t necessarily reach any amazing conclusions, you’ll at least see how you can import data into Pandas, slice and dice it in various ways, and then produce some basic plots.

Of course, scientific articles are written as though questions drop out of the sky and data is interrogated for the answer.

Aside from being rhetoric to badger others with, does anyone really think that is how science operates in fact?

Whether you have delusions about how science works in fact or not, you will find that Pandas will assist you in exploring data.

Nomination For #1 Impediment To IT Reform

Filed under: Humor — Patrick Durusau @ 4:39 pm

I saw this on Twitter and nominate it as the #1 impediment to IT reform. In government or private industry (in case you think there is a difference).

mistakes-460

Your nominations?

Double Standards At NPR

Filed under: Government,Journalism,News,Reporting,Wikileaks — Patrick Durusau @ 4:00 pm

NPR Host Demands That Assange Do Something Its Own Reporters Are Told Never to Do by Naomi LaChance.

From the post:

In a ten-minute interview aired Wednesday morning, NPR’s David Greene asked Wikileaks founder Julian Assange five times to reveal the sources of the leaked information he has published on the internet.

A major tenet of American journalism is that reporters protect their sources. Wikileaks is certainly not a traditional news organization, but Greene’s persistent attempts to get Assange to violate confidentiality was alarming, especially considering that there has been no challenge to the authenticity of the material in question.

NPR (National Public Radio) shows its true colors, not as a free and independent press but as a lackey of the Democratic Party in this interview with Assange.

David Greene (Morning Edition) was fixated on repeating the unconfirmed reports that the Russians (which Russians no one every says), were behind the leak of DNC emails.

You can read the transcript of Assange/Greene interview for yourself.

Greene never asks one substantive question about the 20,000 emails. Not one. The first leak of its kind and all Greene does is whine about rumors of Russian involvement.

Well, that’s not entirely fair, Greene does have this exchange with Assange:


GREENE: Well, let me – apart from the different investigations, could you see people in the U.S. government thinking that you might be a threat to national security?

ASSANGE: Well, I mean, there’s great people in the U.S. government – many of them are our sources – and there’s terrible people in the U.S. government. Unfortunately, the U.S. government is a – you know, a reflection, to some degree, of the rest of society. So it’s filled with its share of paranoid and sociopathic power climbers…

GREENE: But is it paranoid to look at these uncensored documents?

ASSANGE: …People who make errors of judgment, etc.

GREENE: Is it paranoid to look at these uncensored documents, these emails, that are released by you? And if they believe that that could change a U.S. presidential election, could be a threat to national security, why isn’t it logical…

ASSANGE: I just – I mean…

GREENE: …For them to see you as a possible threat?

Hmmm, telling the truth about DNC emails can be a threat to national security?

What a bizarre concept in a democracy! Disclosure of evidence of manipulation of the democratic process is a “…threat to national security?”

NPR can and should do better than David Greene shilling for the Democratic Party.

The Shadow Brokers: Lifting the Shadows of the NSA’s Equation Group?

Filed under: Cybersecurity,Security — Patrick Durusau @ 10:52 am

The Shadow Brokers: Lifting the Shadows of the NSA’s Equation Group?.

A detailed summary of what is or isn’t known about The Shadow Brokers and the alleged hack of the Equation Group (NSA owned and operated).

The story is being updated at this location so check back for breaking details.

Enjoy!

August 16, 2016

WikiLeaks AKP dump contains 80 types of malware (!OutLook)

Filed under: Cybersecurity,Wikileaks — Patrick Durusau @ 7:34 pm

WikiLeaks AKP dump contains 80 types of malware by Nicky Cappella.

From the post:

The latest WikiLeaks AKP email contains more than 80 types of malware, an independent researcher has confirmed. The malware includes ransomware and remote-access trojans.

WikiLeaks released emails from the Turkish political party AKP in two parts: one in July, and one on August 5. Anti-virus and malware expert Vesselin Bontchev reviewed the content of those emails and published his findings on his GitHub page. Bontchev listed more than 200 individual emails that contain a link to a confirmed malicious attachment.

His report shows a link to infected emails on the WikiLeaks site, the URL for the malware attachment within the email, and a link to a VirusTotal page, showing the way that different anti-virus scanners are reporting the malware. The URL to the malicious attachment has been made unclickable by substituting ‘hxxxxx’ for ‘https’, as the URL listed is a direct link to the malware and a click would result in an immediate download.

A word to the wise I suppose.

You weren’t going to look at a stolen email archive using OutLook were you?

A Conflict-Free Replicated JSON Datatype

Filed under: CRDT,JSON — Patrick Durusau @ 7:25 pm

A Conflict-Free Replicated JSON Datatype by Martin Kleppmann, Alastair R. Beresford.

Abstract:

Many applications model their data in a general-purpose storage format such as JSON. This data structure is modified by the application as a result of user input. Such modifications are well understood if performed sequentially on a single copy of the data, but if the data is replicated and modified concurrently on multiple devices, it is unclear what the semantics should be. In this paper we present an algorithm and formal semantics for a JSON data structure that automatically resolves concurrent modifications such that no updates are lost, and such that all replicas converge towards the same state. It supports arbitrarily nested list and map types, which can be modified by insertion, deletion and assignment. The algorithm performs all merging client-side and does not depend on ordering guarantees from the network, making it suitable for deployment on mobile devices with poor network connectivity, in peer-to-peer networks, and in messaging systems with end-to-end encryption.

Not a fast read and I need to think about its claim that JSON supports more complexity than XML. 😉

Enjoy!

strace’ing a Clojure process under lein

Filed under: Clojure,Programming — Patrick Durusau @ 7:12 pm

strace’ing a Clojure process under lein by Tim McCormack.

From the post:

Today I wanted to strace a JVM process to see if it was making network calls, and I discovered a minor roadblock: It was a Clojure program being run using the Leiningen build tool. lein run spawns a JVM subprocess and then exits, and I only wanted to trace that subprocess.

The solution is simple, but worth a post: Tell lein to run a different “java” command that actually wraps a call to java with strace. Here’s how I did it:

For the “…you never do know file…” and because it’s better to know than to assume.

August 15, 2016

BaseX 8.5.3 Released!

Filed under: BaseX,XML,XQuery — Patrick Durusau @ 7:09 pm

BaseX 8.5.3 Released! (2016/08/15)

BaseX 8.5.3 was released today!

The changelog reads:

VERSION 8.5.3 (August 15, 2016) —————————————-

Minor bug fixes, improved thread-safety.

Still, not a bad idea to upgrade today!

Enjoy!

PS: You do remember that Congress is throwing XML in ever increasing amounts at the internet?

Perhaps in hopes of burying information in angle-bang syntax.

XQuery can help disappoint them.

Hackers Say They Hacked NSA-Linked Group… (Fact or Fantasy?)

Filed under: Cybersecurity,NSA — Patrick Durusau @ 2:11 pm

Hackers Say They Hacked NSA-Linked Group, Want 1 Million Bitcoins to Share More by Lorenzo Franceschi-Biccierai.

From the post:

A mysterious hacker or hackers going by the name “The Shadow Brokers” claims to have hacked a group linked to the NSA and dumped a bunch of its hacking tools. In a bizarre twist, the hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.

“Attention government sponsors of cyber warfare and those who profit from it!!!!” the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr. “How much you pay for enemies cyber weapons? […] We find cyber weapons made by creators of stuxnet, duqu, flame.”

The hackers referred to their victims as the Equation Group, a codename for a government hacking group widely believed to be the NSA.

What is the first thing that strikes you as dodgy about this claimed hack?

If you had a hacking weapons from the NSA, wouldn’t you first approach other national governments?

The NSA would still hear about it but the buyers would be doing their best to keep sale and hack secret as well.

Here? The alleged hackers have painted a target on their backs and “chump” on anyone who parts with any bitcoins for a release of the alleged weapons.

The best to hope for is the alleged hackers aren’t prosecuted for fraud as a result of any online auction.

They shouldn’t be. Buying allegedly stolen property and being cheated isn’t a crime, it’s a valuable lesson.

August 14, 2016

Simit: A Language for Physical Simulation

Filed under: Graphs,Hypergraphs,Simulations — Patrick Durusau @ 9:28 pm

Simit: A Language for Physical Simulation by Fredrik Kjolstad, et al.

Abstract:

With existing programming tools, writing high-performance simulation code is labor intensive and requires sacrificing readability and portability. The alternative is to prototype simulations in a high-level language like Matlab, thereby sacrificing performance. The Matlab programming model naturally describes the behavior of an entire physical system using the language of linear algebra. However, simulations also manipulate individual geometric elements, which are best represented using linked data structures like meshes. Translating between the linked data structures and linear algebra comes at significant cost, both to the programmer and to the machine. High-performance implementations avoid the cost by rephrasing the computation in terms of linked or index data structures, leaving the code complicated and monolithic, often increasing its size by an order of magnitude.

In this article, we present Simit, a new language for physical simulations that lets the programmer view the system both as a linked data structure in the form of a hypergraph and as a set of global vectors, matrices, and tensors depending on what is convenient at any given time. Simit provides a novel assembly construct that makes it conceptually easy and computationally efficient to move between the two abstractions. Using the information provided by the assembly construct, the compiler generates efficient in-place computation on the graph. We demonstrate that Simit is easy to use: a Simit program is typically shorter than a Matlab program; that it is high performance: a Simit program running sequentially on a CPU performs comparably to hand-optimized simulations; and that it is portable: Simit programs can be compiled for GPUs with no change to the program, delivering 4 to 20× speedups over our optimized CPU code.

Very deep sledding ahead but consider the contributions:


Simit is the first system that allows the development of physics code that is simultaneously:

Concise. The Simit language has Matlab-like syntax that lets algorithms be implemented in a compact, readable form that closely mirrors their mathematical expression. In addition, Simit matrices assembled from hypergraphs are indexed by hypergraph elements like vertices and edges rather than by raw integers, significantly simplifying indexing code and eliminating bugs.

Expressive. The Simit language consists of linear algebra operations augmented with control flow that let developers implement a wide range of algorithms ranging from finite elements for deformable bodies to cloth simulations and more. Moreover, the powerful hypergraph abstraction allows easy specification of complex geometric data structures.

Fast. The Simit compiler produces high-performance executable code comparable to that of hand-optimized end-to-end libraries and tools, as validated against the state-of-the-art SOFA [Faure et al. 2007] and Vega [Sin et al. 2013] real-time simulation frameworks. Simulations can now be written as easily as a traditional prototype and yet run as fast as a high-performance implementation without manual optimization.

Performance Portable. A Simit program can be compiled to both CPUs and GPUs with no additional programmer effort, while generating efficient code for each architecture. Where Simit delivers performance comparable to hand-optimized CPU code on the same processor, the same simple Simit program delivers roughly an order of magnitude higher performance on a modern GPU in our benchmarks, with no changes to the program.

Interoperable. Simit hypergraphs and program execution are exposed as C++ APIs, so developers can seamlessly integrate with existing C++ programs, algorithms, and libraries.
(emphasis in original)

Additional resources:

http://simit-lang.org/

Getting Started

Simit mailing list

Source code (MIT license)

Enjoy!

Threat Intelligence Starter Resources

Filed under: Cybersecurity,Intelligence — Patrick Durusau @ 9:01 pm

Threat Intelligence Starter Resources by Amanda McKeon.

From the post:

Creating a threat intelligence capability can be a challenging undertaking, and not all companies are ready for it. Businesses that run successful threat intelligence teams generally:

  • Collect externally available data on threats and correlate it with internal events.
  • Be aware of threats driving proactive security controls.
  • Establish proactive internal hunting for unidentified threats.
  • Invest in employee and customer threat education.
  • Expand security industry peer relationships.
  • Apply methods for collecting and analyzing external threat data.

For more information, read our white paper on building an advanced threat intelligence team.

Now, if your company is just starting out with threat intelligence and doesn’t have the time or resources to dedicate an entire department to the task, there are some easy ways to begin integrating threat intelligence into your daily routine without breaking the bank.

The following resources can help build awareness of the threat landscape and prepare your company for defense.

Great starting points for collection of general threat intelligence.

Unfortunately, the elimination of repetition of the same information/reports from different sources, separation of surmises from facts, etc., remain the responsibility of the reader.

noms (decentralized database)

Filed under: Javascript,noms — Patrick Durusau @ 4:39 pm

noms

From the webpage:

Noms is a decentralized database based on ideas from Git.

This repository contains two reference implementations of the database—one in Go, and one in JavaScript. It also includes a number of tools and sample applications.

Noms is different from other databases. It is:

  • Content-addressed. If you have some data you want to put into Noms, you don’t have to worry about whether it already exists. Duplicate data is automatically ignored. There is no update, only insert.
  • Append-only. When you commit data to Noms, you aren’t overwriting anything. Instead you’re adding to a historical record. By default, data is never removed from Noms. You can see the entire history of the database, diff any two commits, or rewind to any previous point in time.
  • Strongly-typed. Noms doesn’t have schemas that you design up front. Instead, each version of a Noms database has a type, which is generated automatically as you add data. You can write code against the type of a Noms database, confident that you’ve handled all the cases you need to.
  • Decentralized. If I give you a copy of my database, you and I can modify our copies disconnected from each other, and come back together and merge our changes efficiently and correctly days, weeks, or years later.

Noms is supported on Mac OS X and Linux. Windows usually works, but isn’t officially supported.

I’m taking a chance and adding a category for noms at this point.

I need to install Go 1.6+ at this point.

Not close to prime time but content-addressing and append-only are enough to prompt further investigation.

Another Data Point On Twitter Censorship Practices

Filed under: #gamergate,Censorship,Free Speech,Twitter — Patrick Durusau @ 1:07 pm

twitter-censor-olympics-460

Alert! Non-Lobbyists Have Personal Contact For Members Of Congress!

Filed under: Censorship,Free Speech,Government — Patrick Durusau @ 12:54 pm

Hacker posts contact information for almost 200 congressional Democrats

Summary: Guccifer 2.0 posted a spreadsheet with the personal contact details of almost 200 Democratic members of Congress.

Sorry, I don’t see why non-lobbyists having personal contact information of members of Congress is a bad thing?

The very thought of non-lobbyists contacting members of Congress provoked frantic activity at WordPress, which promptly disabled Guccifer 2.0 page because of:

receipt of a valid complaint regarding the publication of private information, (WordPress blocks latest Guccifer 2.0 docs

The WordPress model of democracy looks something like this:

wordpress-democracy

I’m not vouching for the donation amounts and/or the amount of access you get for those amounts. It varies from congressional district to district.

Check with your local representative for current prices and access.

If and when you meet with your representative, be sure to ask for their new cellphone number.

August 13, 2016

Elementary Category Theory and Some Insightful Examples

Filed under: Category Theory,Functional Programming,Haskell — Patrick Durusau @ 9:33 pm

Elementary Category Theory and Some Insightful Examples (video)

From the description:

Eddie Grutman
New York Haskell Meetup (http://www.meetup.com/NY-Haskell/events/232382379/)
July 27, 2016

It turns out that much of Haskell can be understood through a branch of mathematics called Category Theory. Concepts such as Functor, Adjoints, Monads and others all have a basis in the Category Theory. In this talk, basic categorical concepts, starting with categories and building through functors, natural transformations, and universality, will be introduced. To illustrate these, some mathematical concepts such as homology and homotopy, monoids and groups will be discussed as well (proofs omitted).

Kudos to the NYC Haskell User’s Group for posting videos of its presentations.

For those of us unable to attend such meetings, these videos are a great way to remain current.

Twitter Too Busy With Censorship To Care About Abuse

Filed under: #gamergate,Censorship,Free Speech,Government — Patrick Durusau @ 9:29 pm

Complaints about Twitter ignoring cases of abuse are quite common, “A Honeypot For Assholes” [How To Monetize Assholes/Abuse]. I may have stumbled on why Twitter “ignores” abuse cases.

Twitter staff aren’t “ignoring” abuse cases, they are too damned busy being ad hoc government censors to handle abuse cases.

Consider: How Israel is trying to enforce gag orders beyond its borders by Michael Schaeffer Omer-Man.

From the post:

Israeli authorities are taking steps to block their own citizens from reading materials published online in other countries, including the United States.

The Israeli State Attorney’s Office Cyber Division has sent numerous take-down requests to Twitter and other media platforms in recent months, demanding that they remove certain content, or block Israeli users from viewing it.

In an email viewed by +972, dated August 2, 2016, Twitter’s legal department notified American blogger Richard Silverstein that the Israeli State Attorney claimed a tweet of his violates Israeli law. The tweet in question had been published 76 days earlier, on May 18. Silverstein has in the past broken stories that Israeli journalists have been unable to report due to gag orders, including the Anat Kamm case.

Without demanding that he take any specific action, Twitter asked Silverstein to let its lawyers know, “if you decide to voluntarily remove the content.” The American blogger, who says he has not stepped foot in any Israeli jurisdiction for two decades, refused, noting that he is not bound by Israeli law. Twitter is based in California.

Two days later, Twitter sent Silverstein a follow-up email, informing him that it was now blocking Israeli users from viewing the tweet in question. Or in Twitter-talk, “In accordance with applicable law and our policies, Twitter is now withholding the following Tweet(s) in Israel.”

It’s no wonder Twitter lacks the time and resources to think of robust solutions that enable free speech and at the same time, protects users who aren’t interested in listening to the free speech of certain others.

Both rights are equally important but Twitter has its hands full responding in an ad hoc fashion to unreasonable demands.

Adopt a policy of delivering any content, anywhere, from any author and empower users to choose what they see.

The seething ball of lawyers, which add no value for Twitter or its users, will suddenly melt away.

No issues to debate.

Governments block content on their own or they don’t.

Users block content on their own or they don’t.

BTW, 972mag.com needs your financial support to keep up this type of reporting. If you are having a good month, keep them in mind.

Twitter Censor Strikes Again (and again, and again)

Filed under: Censorship,Free Speech,Twitter — Patrick Durusau @ 3:54 pm

Twitter censors accounts for reasons known only to itself, but in the case, truth telling is one obvious trigger for Twitter censorship:

twitter-censors-again-460

Twitter censors accounts every day that don’t make the news and those are just as serious violations of free speech as this instance.

Twitter could trivially empower users to have free speech and the equally important right to not listen but also for reasons known only to Twitter, has chosen not to do so.

Free speech and the right to not listen are equally important.

What’s so difficult to understand about that?

August 12, 2016

Atlanta Hack Opens 1.2 Billion Vehicles

Filed under: Cybersecurity — Patrick Durusau @ 10:46 am

The reports of a wireless hack that can open 100 million Volkswagens are impressive:

vw-hack-460

Car Thieves Can Unlock 100 Million Volkswagens With A Simple Wireless Hack by Swati Khandelwal.

But I wanted to point out an Atlanta hack that opens the estimated 1.2 billion vehicles in the world.

640px-Brick

To be complete, here is film footage of this hack in action:

Both the wireless opening hack and the Atlanta hack require additional effort to drive the opened car away.

On securing your car, see: Simple hack unlocks 100 million Volkswagen vehicles – Simple Absolute Defense.

PS: Contrast the estimated $40 cost of an Arduino-based RF Transceiver (from Swati’s post) plus technical expertise with the $0.00 cost of the Atlanta hack and lack of technical expertise. Which do you think will be more widespread?

Government Toadies Target “Propaganda”

Filed under: Censorship,Government — Patrick Durusau @ 10:16 am

Sam Schechner gives a “heads up” in Tech Giants Target Terrorist Propaganda to plans by tech companies to counter “propaganda.”

From the post:

Nearly half a million teenagers and young adults who had posted content with terms like “sharia” or “mujahideen” began last fall seeing a series of animated videos pop up on their Facebook news feeds.

In one, cartoon figures with guns appear underneath an Islamic State flag. “Do not be confused by what extremists say, that you must reject the new world. You don’t need to pick,” the narrator says. “Remember, peace up. Extremist thinking out.”

The videos are part of three experiments—funded by Google parent Alphabet Inc., with help from Facebook Inc. and Twitter Inc.—that explore how to use the machinery of online advertising to counterbalance the growing wave of extremist propaganda on the internet, both from Islamist radicals and far-right groups.

The goal: See what kinds of messages and targeting could reach potential extremists before they become radicalized—and then quickly roll the model out to content producers across the internet.

The study, detailed in a report set to be published Monday by London-based think tank Institute for Strategic Dialogue, is a step toward understanding what techniques work, said Yasmin Green, who heads the counter-radicalization efforts at Jigsaw, the Alphabet unit formerly known as Google Ideas.

Sam never gives you the link to the report from the “London-based think tank Institute for Strategic Dialogue,” which you can find at: The Impact of Counter-Narratives.

Which might lead you to discover another August 2016 publication: “Shooting in the right direction”: Anti-ISIS Foreign Fighters in Syria and Iraq, a study on recruitment and facilitating the use of anti-ISIS foreign fighters in Syria and Iraq.

The Institute for Strategic Dialogue (ISD) would be better named “Institute for Strategic Propaganda.

It isn’t “propaganda” that the ISD seeks to counter but the choice of particular propaganda.

A simple count of the lives of Arabs blighted or ended by the Western Powers since 9/11 (just to pick a well known starting point), will leave you wondering who are the terrorists in this “conflict?”

If that weren’t enough disappointment, Google, Facebook and others are enabling this foolish effort by not demanding payment for their work. The lack of budget busting expenses encourages governments to act irresponsibly.

August 11, 2016

Eduard Imhof – Swiss Cartographer (Video)

Filed under: Cartography,Mapping,Maps,Visualization — Patrick Durusau @ 3:49 pm

Eduard Imhof – Swiss Cartographer

A tv documentary on the Swiss cartographer Eduard Imhof.

In Swiss German but this English sub-title caught my eye:

But what can be extracted again from the map is also important.

A concern that should be voiced with attractive but complex visualizations.

The production of topographical maps at differing scales is a recurring theme in the video.

How to visualize knowledge at different scales is an open question. Not to mention an important one as more data becomes available for visualization.

Imhof tells a number of amusing anecdotes, including answering the question: Which two cantons in Switzerland have the highest density of pigs?

Enjoy!

For background:

Virtual Library Eduard Imhof

Eduard Imhof (1895-1986) was professor of cartography at the Swiss Federal Institute of Technology Zurich from 1925 – 1965. His fame far beyond the Institute of Technology was based on his school maps and atlases. In 1995 it was 100 years since his birthday. On this occasion several exhibitions celebrated his life and work, among others in Zurich, Bern, Bad Ragaz, Küsnacht/ZH, Barcelona, Karlsruhe and Berlin. The last such exhibition took place in summer 1997 in the Graphische Sammlung of the ETH. There it was possible to show a large number of maps and pictures in the original. At the conclusion of the exhibition Imhof’s family bequested his original works to the ETH-Bibliothek Zurich. Mrs. Viola Imhof, the widow of Eduard Imhof, being very much attached to his work, had a major part in making it accessible to the public.

Imhof wie ein Kartographische Rockstar

Eduard Imhof was born in Schiers on 25 Jan 1895 to the geographer Dr. Eduard Imhof and his wife Sophie.1 At the age of 19 he enrolled in ETH Zürich,2 and after several interruptions for military service, was awarded a geodesist/surveyor diploma in 1919.

He returned to ETH as an assistant to his mentor Prof. Fridolin Becker, himself a cartographic god widely viewed as the inventor of the Swiss style shaded relief map.3 In 1925, the year after Becker’s death, Imhof became an assistent professor and founded the Kartographische Institut (Institute of Cartography). Although the Institute was initially little more than a hand-painted sign above his small office, it was nevertheless the first of its kind in the world.

In 1925 he produced his first major work – the Schulkarte der Schweiz 1:500 000 (the School map of Switzerland). Over the years he would update the national school map several times as well as produce school maps for nearly half of the cantons in the Federation. He even did the school map for the Austrian Bundesländer of Vorarlberg. (footnotes omitted)

“A Honeypot For Assholes” [How To Monetize Assholes/Abuse]

Filed under: Tweets,Twitter — Patrick Durusau @ 2:33 pm

“A Honeypot For Assholes”: Inside Twitter’s 10-Year Failure To Stop Harassment by Charlie Warzel.

From the post:

For nearly its entire existence, Twitter has not just tolerated abuse and hate speech, it’s virtually been optimized to accommodate it. With public backlash at an all-time high and growth stagnating, what is the platform that declared itself “the free speech wing of the free speech party” to do? BuzzFeed News talks to the people who’ve been trying to figure this out for a decade.

Warzel’s 6,000 word (5966 by my count) ramble uses “abuse” without ever defining the term. Nor do any of the people quoted in his post. But, like Justice Stewart, they “know it when they see it.”

One of the dangers Warzel’s post is every reader will insert their definition of “abuse.” Hard to find people who disagree that “abuse as they define it” should be blocked by Twitter.

All of Warzel’s examples are “abuse” (IMHO) but even so, I don’t support Twitter blocking that content from being posted. I emphasize posted because being posted on Twitter doesn’t obligate any user to read the content.

I don’t support Twitter censorship of any account, for any reason. Four Horsemen Of Internet Censorship + One.

If Twitter doesn’t block content, then how do to deal with “abuse?”

Why not monetize the blocking of assholes and abuse?

Imagine a Twitter client/app that:

  1. Maintains a list of people blocked not only by a user but allowed a user to subscribe to block lists of any other user.
  2. Employed stop lists, regexes, neural networks to filter tweets from people who have not been blocked.
  3. Neural networks trained on collections of “dick pics” and other offensive content to filter visual content as well.

Every user can have a customized definition of “abuse” for their own feed. Without impinging on the definitions of “abuse” of other users.

Twitter clients to support such filtering options are already in place. TweetDeck Versus Hootsuite – The Essential Guide discusses two popular clients. There are hundreds of others, both web and smart phone based.

Circling the question: “Why isn’t Twitter using my personal definition of “abuse” to protect me for free?” generates a lot of discussion, but no viable solutions.

Monetizing filtering of assholes and abuse, resources available in vast quantities, protects both free speech and freedom from unwanted speech.

The only useful question on Twitter abuse is the price point to set for avoiding X amount of abuse?

Yes?

August 10, 2016

Simple hack unlocks 100 million Volkswagen vehicles – Simple Absolute Defense

Filed under: Cybersecurity,Security — Patrick Durusau @ 9:30 pm

Simple hack unlocks 100 million Volkswagen vehicles by Patrick Howell O’Neill.

From the post:

Some 100 million Volkswagens are vulnerable to hackers who discovered key vulnerabilities that allow them to unlock the doors of the most popular cars on earth, according to a new research paper first reported by Wired.

University of Birmingham computer scientist Flavio Garcia was already widely known for working with colleagues to find major security flaws in Volkswagens last year that enabled hackers to quickly takeover a keyless car.

The new attack could result in the theft of anything kept in a car.

When you put the two attacks together, you have a recipe for getting into and driving off with a stolen car in less than 60 seconds—Nic Cage-caliber grand theft auto.

Actually, you don’t need to be as good as Nic Cage at all. A thief can pull this off with cheap equipment like a TI Chronos smart watch.

In the interest of “responsible” disclosure, you will have to reconstruct some of the research for yourself.

There is a simple and absolute defense to this hack:

640px-Denver_boot-460

You can order one of these starting at $239.00.

Compared to the aggravation of having your Volkswagen stolen?

Thieves will pick an easier target.

(Be innovative in your security thinking.)

Failure of Thinking and Visualization

Filed under: Analytics,Graphics,Intelligence,Visualization — Patrick Durusau @ 9:03 pm

Richard Bejtlich posted this image (thumbnail, select for full size) with the note:

When I see senior military schools create slides like this, I believe PPT is killing campaign planning. @EdwardTufte

enemy-is-ppt

I am loathe to defend PPT but the problem here lies with the author and not PPT.

Or quite possibly with concept of “center of gravity analysis.”

Whatever your opinion about the imperialistic use of U.S. military force, 😉 , the U.S. military is composed of professional warriors who study their craft in great detail.

On the topic “center of gravity analysis,” try Addressing the Fog of COG: Perspectives on the Center of Gravity in US Military Doctrine, Celestino Perez, Jr., General Editor. A no-holds barred debate by military professionals on COG.

With or without a background on COG, how do your diagrams compare to this one?

How To Detect and Find Rogue Cell Towers

Filed under: Cybersecurity,Privacy,Security — Patrick Durusau @ 8:26 pm

How To Detect and Find Rogue Cell Towers by Brian Benchoff

Great promise but less than great delivery. Detection rig is described in general terms, but so general that replication would be quite time consuming.

A generally available solution to detect rogue cell towers has yet to appear.

When they do, will this sign be useful?:

No_cellphone.svg-460

What about custom balloons with that logo?

Think of detection and warning of rogue cell towers as a civic duty.

Dark Web OSINT with Python Part Two: … [Prizes For Unmasking Government Sites?]

Filed under: Dark Web,Open Source Intelligence,Python,Tor — Patrick Durusau @ 4:31 pm

Dark Web OSINT with Python Part Two: SSH Keys and Shodan by Justin.

From the post:

Welcome back good Python soldiers. In Part One of this series we created a wrapper around OnionScan, a fantastic tool created by Sarah Jamie Lewis (@sarajamielewis). If you haven’t read Part One then go do so now. Now that you have a bunch of data (or you downloaded it from here) we want to do some analysis and further intelligence gathering with it. Here are a few objectives we are going to cover in the rest of the series.

  1. Attempt to discover clearnet servers that share SSH fingerprints with hidden services, using Shodan. As part of this we will also analyze whether the same SSH key is shared amongst hidden services.
  2. Map out connections between hidden services, clearnet sites and any IP address leaks.
  3. Discover clusters of sites that are similar based on their index pages, this can help find knockoffs or clones of “legitimate” sites. We’ll use a machine learning library called scikit-learn to achieve this.

The scripts that were created for this series are quick little one-offs, so there is some shared code between each script. Feel free to tighten this up into a function or a module you can import. The goal is to give you little chunks of code that will teach you some basics on how to begin analyzing some of the data and more importantly to give you some ideas on how you can use it for your own purposes.

In this post we are going to look at how to connect hidden services by their SSH public key fingerprints, as well as how to expand our intelligence gathering using Shodan. Let’s get started!

Expand your Dark Web OSINT intell skills!

Being mindful that if you can discover your Dark Web site, so can others.

Anyone awarding Black Hat conference registrations for unmasking government sites on the Dark Web?

Cooked Intel, Again (Anyone Surprised?)

Filed under: Government,Intelligence — Patrick Durusau @ 4:08 pm

ISIS Intel Was Cooked, House Panel Finds by Nancy A. Youssef and Shane Harris.

From the post:

A House Republican task force has found that officials from the U.S. military’s Central Command altered intelligence reports to portray the U.S. fight against ISIS and al Qaeda in a more positive light than lower-level analysts believed was warranted by the facts on the ground, three officials familiar with the task force’s findings told The Daily Beast.

A roughly 10-page report on the controversy is expected to be released by the end of next week, two officials said. While it contains no definitive evidence that senior Obama administration officials ordered the reports to be doctored, the five-month investigation did corroborate earlier reports that analysts felt the leaders of CENTCOM’s intelligence directorate pressured them to conclude that the threat from ISIS was not as ominous as the analysts believed, the officials said.

To paraphrase Nietzsche, “…there are no facts, only politically convenient interpretations.”

Publications that strive for accuracy should omit any claims or statements of U.S. intelligence sources unless confirmed independently by non-intelligence sources.

If you are competing for click-bait, use U.S. intelligence sources without verification.

Proof Backdoors Are A Bad Idea! Thanks Microsoft!

Filed under: Cybersecurity,Security — Patrick Durusau @ 3:25 pm

Bungling Microsoft singlehandedly proves that golden backdoor keys are a terrible idea by Chris Williams.

From the post:

Microsoft leaked the golden keys that unlock Windows-powered tablets, phones and other devices sealed by Secure Boot – and is now scrambling to undo the blunder.

These skeleton keys can be used to install non-Redmond operating systems on locked-down computers. In other words, on devices that do not allow you to disable Secure Boot even if you have administrator rights – such as ARM-based Windows RT tablets – it is now possible to sidestep this block and run, say, GNU/Linux or Android.

What’s more, it is believed it will be impossible for Microsoft to fully revoke the leaked keys.

And perhaps most importantly: it is a reminder that demands by politicians and crimefighters for special keys, which can be used by investigators to unlock devices in criminal cases, will inevitably jeopardize the security of everyone.

Microsoft’s misstep was uncovered by two researchers, MY123 and Slipstream, who documented their findings here in a demoscene-themed writeup published on Tuesday. Slip believes Microsoft will find it impossible to undo its leak.

To understand the full technical implications of this Microsoft leak, let Chris take you through Secure Boot policies.

For representatives of the public, the summary is: Backdoor Key = Everyone has access.

Follow up question for representatives of the public: Is that what you want?

Have Lady GaGa CDs (Manning) or USB sticks labeled on one side NSA and the other Snowden to give anyone protesting government offices are secure. (Just me but I would put malware on both.)

Chris reports that as of 10 August 2016 that Microsoft has not commented on this story.

I hope MS puts on a brave face and says the leak was deliberate and done to illustrate the danger of golden backdoor keys.

They will no worse off than they are now and spun properly it could be a telling blow against backdoor keys.

A Taxonomic Map of Philosophy

Filed under: Mapping,Philosophy,Visualization — Patrick Durusau @ 2:57 pm

A Taxonomic Map of Philosophy by Justin W..

From the post:

Some people go to PhilPapers, get the information they need, and then just go. Not Valentin Lageard, a graduate student in philosophy at Université Paris-Sorbonne. The Categories page at the site caught his eye. He says:

The completeness of their taxonomy was striking and I thought : “Could it be possible to map this taxonomy ?”. I decided it was a nice idea and i started to work on it.

The first step was to select the kind of graph and since their taxonomy includes a hierarchy permitting to sub-categories to be children of more than one parent categories, I selected a concentric circles graph.

Because I’m a python user, I choosed Networkx for the graph part and BeautifulSoup for the scraping part. Furthermore, since Philpapers gives the articles number for each category, I decided to add this data to my graph.

After some configurations of the display, I finally reached my goal: a map of the taxonomy of philosophy. And it was quite beautiful.

Agreed.

[See update, below, for the more detailed 5-layer version]


NEW UPDATE: Here is the 5-layer version. You can view it in more detail here (open it in a new tab or window for best results).

Impressive but is it informative?

In order to read the edge, I had to magnify the graph several times its original size, which then meant navigation was problematic.

Despite the beauty of the image, a graph file that enables filtering of nodes and edges would be far more useful for exploring the categories as well as the articles therein.

For example:

philosophy-categories-460

If you are wondering what falls under “whiteness,” apparently studies of “whiteness” in the racial sense but also authors whose surnames are “White.”

As the top of the categories page for whiteness advises:

This category needs an editor. We encourage you to help if you are qualified.

Caution: You may encounter resources at PhilPapers that render you unable to repeat commonly held opinions. Read at your own risk.

Enjoy!

Twitter Censorship On Behalf Of Turkish Government

Filed under: Censorship,Free Speech,Government,Tweets,Twitter — Patrick Durusau @ 11:05 am

twitter-turkey-censor-460

The link Post Coup Censorship takes you to a list of twenty-three (23) journalist/publicist accounts verified as withheld by Twitter in Turkey.

I have tweeted to Efe Kerem Sözeri about this issue and was advised the censorship is based on IP addresses. Sözeri points out that use of a VPN is one easy means of avoiding the censorship.

Hopefully that was productive than a rant about Twitter’s toadyism and self-anointed role to prevent abuse (as opposed to empowering Twitter users to avoid abuse on their own).

« Newer PostsOlder Posts »

Powered by WordPress