Curated Finds

There are people overhyping AI, but the alternative is not that AI is useless, or even the average of the two positions. A lot is going to change dramatically even with today’s AI. Ignoring that means no chance to shape what’s next

Source: bsky.app

Pulling an all-nighter because you got inspired right before bed. Forgetting to drink or eat. Missing a meeting because you’re too hyperfocused on your task. Being exhausted the rest of the day after being in the zone and super productive for 2-3 hours. If you’ve got ADHD like me, these all sound familiar. But if you’re neurotypical, they’re kinda weird. Well, good news: you’re not alone anymore. Bad news: this might make AI harder to scale in your company.

Berkeley Haas School of Business researchers found something interesting:

We discovered that AI tools didn’t reduce work, they consistently intensified it. In an eight-month study of how generative AI changed work habits at a U.S.-based technology company with about 200 employees, we found that employees worked at a faster pace, took on a broader scope of tasks, and extended work into more hours of the day, often without being asked to do so. Importantly, the company did not mandate AI use (though it did offer enterprise subscriptions to commercially available AI tools). On their own initiative workers did more because AI made “doing more” feel possible, accessible, and in many cases intrinsically rewarding.

This really strikes a chord. I’m writing this post while also having Composer 1.5 fix the menu of my CMS and Claude Code convert a Python tool into a web app. On paper this all sounds great (look at all that time saved and extra productivity), but what it actually makes me think of is context switching, burnout, and sick leave.

Our research reveals the risks of letting work informally expand and accelerate: What looks like higher productivity in the short run can mask silent workload creep and growing cognitive strain as employees juggle multiple AI-enabled workflows. Because the extra effort is voluntary and often framed as enjoyable experimentation, it is easy for leaders to overlook how much additional load workers are carrying.

So what should you do? Aruna Ranganathan and Xingqi Maggie Ye recommend adopting an “AI practice”:

a set of intentional norms and routines that structure how AI is used, when it is appropriate to stop, and how work should and should not expand in response to newfound capability. Without such practices, the natural tendency of AI-assisted work is not contraction but intensification, with implications for burnout, decision quality, and long-term sustainability.

Source: hbr.org (via simonwillison.net)

This happens constantly with AI. You say “make this more ambitious” and the model doesn’t know if you mean expand the scope, increase the stakes, be more experimental, or just show more confidence. You ask for “simpler” and it dumbs everything down (you wanted straightforward, not condescending). You ask for “more concise” and it guts the nuance (you wanted lean, not hollow). The words feel like synonyms, but to an AI, they are completely different instructions.

The first tool my therapist ever suggested to me was Dr. Gloria Willcox’s Feelings Wheel. It stuck with me because it showed how much precision matters when naming things. So when I spotted a similar infographic on LinkedIn, it immediately caught my attention. Turns out Hilary Gridley adapted it to work better with LLMs. Test it out here.

I call it the AI Steering Wheel. Like the Feelings Wheel, it starts broad and gets more specific as you move outward. Six dimensions in the center—Originality, Grounding, Risk, Scope, Style, Certainty—each branch into increasingly precise adjectives.

Source: hils.substack.com

I keep hearing stories of people (devs and product managers mostly) having either amazing or terrible experiences with LLMs. Here’s what’s consistently true: if you don’t know how to use them (and ideally how they work) you’ll get poor results. But if you know their strengths and weaknesses, and you can clearly describe what you’re building or the problem you’re solving, they become fantastic assistants.

There’s a reason product managers pick this up fast. They already map problem spaces, run discovery, measure success, prioritize, and plan. Those are the muscles you need to get value from agents. This applies to people managers too, as Ethan Mollick puts it:

When you see how people use Claude Code/Codex/etc it becomes clear that managing agents is really a management problem Can you specify goals? Can you provide context? Can you divide up tasks? Can you give feedback? These are teachable skills.

Source: x.com

Have you ever asked an LLM to do the same task in different languages and gotten wildly different results? I mostly prompt in English, but I’ll switch to French sometimes, and it’s surprisingly hard to nail the exact same details and nuances. This quote from Jason Gorman got me thinking about it.

The hard part of computer programming isn’t expressing what we want the machine to do in code. The hard part is turning human thinking – with all its wooliness and ambiguity and contradictions – into computational thinking that is logically precise and unambiguous, and that can then be expressed formally in the syntax of a programming language.

This resonates with another personal experience. My second language is Dutch, and sometimes I can’t find the right French or English word for what I’m thinking, but Dutch nails it. Turns out that word just doesn’t translate literally to French or English.

Edgar Dijkstra called it nearly 50 years ago: we will never be programming in English, or French, or Spanish. Natural languages have not evolved to be precise enough and unambiguous enough. Semantic ambiguity and language entropy will always defeat this ambition.

Source: codemanship.wordpress.com

There’s less talk about decentralized social media these days (or maybe I’ve just been out of the loop), but it’s nice seeing more people join Bluesky or Mastodon. I haven’t been on X for over a year, and every time I need to go there because someone posted something useful only there, it frustrates me. That’s why this quote by Bryan Newbold about regional governments and institutions posting on Bluesky hit home:

Everybody should be able to get through their day safely without faustian privacy bargains and barrages of targeted ads and adversarial slop

Network effects lock users in, but they also lock people out. Every person who leaves X makes it less valuable for the next person thinking about leaving, until suddenly the whole thing tips. Institutions moving first is what can make this happen. Let’s hope it keeps going (so I never have to open X again).

Source: @bnewbold.net

I just learned about the Normalization of Deviance a few days ago (you’d think a space nerd like me would’ve known about this in the context of the Space Shuttle Challenger disaster), thanks to Johann Rehberger and his take on how it applies to AI.

The original term Normalization of Deviance comes from the American sociologist Diane Vaughan, who describes it as the process in which deviance from correct or proper behavior or rule becomes culturally normalized.

This is something I think about a lot when I look at geopolitics, but I never realized how well it applies to AI and how we SaaS companies fall into the same trap more often than we’d like to admit.

I use the term Normalization of Deviance in AI to describe the gradual and systemic over-reliance on LLM outputs, especially in agentic systems. (…) In the world of AI, we observe companies treating probabilistic, non-deterministic, and sometimes adversarial model outputs as if they were reliable, predictable, and safe.

What worries me is that often we don’t even realize we’re doing it. Either we’re rushing to deliver value, or we’re just learning as we go because this is still an emergent field.

Such a drift does not happen through a single reckless decision. It happens through a series of “temporary” shortcuts that quietly become the new baseline. Because systems continue to work, teams stop questioning the shortcuts, and the deviation becomes invisible and the new norm.

I feel like adding more guardrails or checks gets treated like tech debt and legacy code: nobody wants to do it, it doesn’t have obvious value, and it’s complicated and time-consuming. I’m worried that implementing agentic workflows will only make this worse and amplify the risks. But I’m optimistic that with a bit more discipline and fewer “we’ll fix it later” shortcuts, we can keep the innovation without normalizing the risk.

Source: embracethered.com

I’m passionate about AI and LLMs, and I genuinely believe they could transform our world for the better. But I’m also a sarcastic realist who knows there are serious risks and challenges. I’ve struggled to find a clear way to describe how I imagine doing AI responsibly while still pushing innovation.

With the emergence of artificial intelligence, we stand at a crossroads. This technology holds genuine promise. It could just as easily pour gasoline on existing problems. If we continue to sleepwalk down the path of hyper-scale and centralization, future generations are sure to inherit a world far more dystopian than our own.

Turns out a lot of inspiring people (including some I’ve followed and admired for years, like Amelia Wattenberger and Simon Willison) have already nailed this in The Resonant Computing Manifesto. It lays out five principles for building resonant software (as Willison describes it):

Keeping data private and under personal stewardship, building software that’s dedicated to the user’s interests, ensuring plural and distributed control rather than platform monopolies, making tools adaptable to individual context, and designing for prosocial membership of shared spaces.

My favorite part of AI, perfectly put into words:

This is where AI provides a missing puzzle piece. Software can now respond fluidly to the context and particularity of each human—at scale. One-size-fits-all is no longer a technological or economic necessity. Where once our digital environments inevitably shaped us against our will, we can now build technology that adaptively shapes itself in service of our individual and collective aspirations. We can build resonant environments that bring out the best in every human who inhabits them.

(via Simon Willison)

If you’re a product manager adding AI features to your product, you’ve probably struggled with pricing them. There’s no one-size-fits-all answer, but one thing’s clear: AI Credits aren’t it. Elena Verna nailed why in her piece on hating AI Credits pricing.

• Customer doesn’t know the price up front
• Prices don’t feel fair
• There’s no apples-to-apples comparison
• Customer Support becomes impossible
• Companies will exploit this confusion

From my SaaS perspective, pricing AI Credits is incredibly tricky because LLM inference costs are so volatile. Sure, they’re getting cheaper, but it’s really hard to predict where they’ll go and how to build a pricing model that actually sticks and makes money.

A surgeon isn’t a manager, they do the actual work! But their skills and time are highly leveraged with a support team that handles prep, secondary tasks, admin. The surgeon focuses on the important stuff they are uniquely good at. (…) My current goal with AI coding tools is to spend 100% of my time doing stuff that matters.

There’s a lot of talk about AI replacing humans everywhere, but it’s usually pretty vague. I don’t see myself getting replaced anytime soon. I try to explain to people that I use AI all the time, but mostly for secondary tasks that eat up my time and mental space. This is the best metaphor I’ve come across to describe exactly how I feel about it.

My time’s better spent on product strategy, vision, and problem-solving than logging Jira tickets, filing expense reports, and summarizing meeting notes.

Source: geoffreylitt.com

The economics are compelling. Startups save weeks getting to MVP with Vibe Coding, then spend comparable time and budget on cleanup. But that’s still faster than traditional development. The specialists who can efficiently refactor AI messes command $200-400/hour rates. Some are building productized services: fixed-price cleanup packages, AI code audits, and “vibe-to-production” pipelines.

This quote from the Donado Labs blog made me think about when I used to work at a web agency. We did everything in-house: design, hosting, even our own CMS. PHP powered our stack, but we avoided WordPress at all costs. Clients wanted it because it seemed easy and magical to them (and competitors pitched WordPress as their CMS). We wouldn’t touch it back then. It was tricky to customize and a pain to maintain and upgrade.

The harsh reality nobody wants to admit: most AI-generated code is production-unready, and companies are desperately hiring specialists to fix it before their technical debt spirals out of control.

Flash forward more than a decade, and that shop now only builds WordPress web apps and sites. Why? Because they found they could ship so much faster, and that speed made up for the time spent dealing with WordPress quirks and maintenance.

I feel like Vibe Coding is in the same story right now. There’s a safe-ish way to move fast and not break too much, since you’ve got companies that can clean up the mess later, and it’s still cost-effective.

We’re witnessing a fundamental shift in how software gets built. AI handles the initial implementation, humans handle architecture, testing, and cleanup. It’s not the future we expected, but it’s the one we’re getting. (…) Junior developers who master Vibe Coding cleanup can command senior salaries within two years. Senior engineers who understand both AI capabilities and limitations become invaluable.

I’m not one to use a lot of em dashes, but I read plenty of great blogs by people who do (I guess they’re good at English?). I can only imagine how annoying that must be for them.

Nowadays, I find myself avoiding em dashes because I’m afraid that my writing will be flagged as AI-generated and dismissed as slop. I feel like I have to “dumb down” aspects of writing to convince readers that the words they are skimming were, in fact, written by a human.

What Michael describes here is the real challenge: do we lower the bar when we write with LLMs? For me, since English isn’t my first language, I feel like it improves my writing. But for Michael, I guess it doesn’t.

I’m curious (and more than a bit worried) that the writing that is being produced these days is being shaped by LLMs, even if an LLM has never touched a particular piece of prose.

Bruce Schneier on (not) securing LLMs:

We simply don’t know to defend against these attacks. We have zero agentic AI systems that are secure against these attacks. Any AI that is working in an adversarial environment—and by this I mean that it may encounter untrusted training data or input—is vulnerable to prompt injection. It’s an existential problem that, near as I can tell, most people developing these technologies are just pretending isn’t there.

(via Simon Willison)

Anu Atluru on how doomprompting turns us into passive conversationalists and creators:

Our prompts start thoughtful but grow shorter; the replies grow longer and more seductive. Before long, you’re not thinking deeply, if at all, but rather half-attentively negotiating with a machine that never runs out of suggestions. Have you considered…? Would you like me to…? Shall I go ahead and…? This slot machine’s lever is just a simple question: Continue?

Just found out that Slopsquatting is a thing!

Slopsquatting is a type of cybersquatting. It is the practice of registering a non-existent software package name that a large language model (LLM) may hallucinate in its output, whereby someone unknowingly may copy-paste and install the software package without realizing it is fake. Attempting to install a non-existent package should result in an error, but some have exploited this for their gain in the form of typosquatting.

Source: en.wikipedia.org (via Hacker News)

Regardless of where you stand on vibe-coding and AI-assisted coding, I think it’s here to stay. I like Orta Therox’s way of describing it in their 6 Weeks of Claude Code blog post.

the ability to instantly create a whole scene instead of going line by line, word by word is incredibly powerful.

I believe with Claude Code, we are at the “introduction of photography” period of programming. Painting by hand just doesn’t have the same appeal anymore when a single concept can just appear and you shape it into the thing you want with your code review and editing skills.

I know you’re not supposed to anthropomorphize LLMs, but it’s hard not to when you treat them like your weird, overconfident intern or a junior developer. I’ve always felt like each model has its own personality or vibe, but I never managed to describe it properly. Here’s a pretty accurate attempt by Vincent Schmalbach:

• GPT-3.5: The Chatterbox
• GPT-4: The Nerdy Older Sibling
• Claude Sonnet 3.5: The Lovable Nerd
• Claude 3.7 & 4.0: The Show-offs
• Claude Opus 4: The Stern Adult
• Grok: The Wild Card
• Gemini 2.5 Pro: The Lovable Goofball

Simon Willison on why he’s not worried about LLMs stealing his job:

No matter how good these things get, they will still need someone to find problems for them to solve, define those problems and confirm that they are solved. That’s a job - one that other humans will be happy to outsource to an expert practitioner.

I’m glad I found this post by John. His approach with Claude Code, MCP, and agents is sort of similar (though way more advanced) to how I’ve been using AI in my coding projects (just so you know, I’m not a developer).

Here’s what works best for me: I have a reasoning model generate a task plan based on my requirements. Then, I tweak it (or have the model in Cursor update it) as I go. When bugs pop up, I have the model update the list. This approach keeps the AI from getting lost or confused in a huge context. It also stops it from ignoring bugs or requirements. This has been the most efficient way for me so far.

I keep several claude code windows open, each on its own git-worktree. o3 and sonnet 4 create plans, sonnet 3.7 or sonnet 4 execute the plan, and o3 checks the results against the original ask. Any issues found are fed back into the plan template and the code is regenerated. The factory improves itself.

Source: john-rush.com

There’s a lot of talk about how MCP isn’t secure, but I think most people don’t realize just how easy it is to trick LLMs. Simon Willison gives a solid overview of the main risks, which he calls the “lethal trifecta”.

The lethal trifecta of capabilities is:

• Access to your private data — one of the most common purposes of tools in the first place!
• Exposure to untrusted content — any mechanism by which text (or images) controlled by a malicious attacker could become available to your LLM
• The ability to externally communicate in a way that could be used to steal your data (I often call this “exfiltration” but I’m not confident that term is widely understood.)

The core issue is that LLMs are great at following instructions, but they don’t distinguish between legit ones and malicious ones.

LLMs follow instructions in content. This is what makes them so useful: we can feed them instructions written in human language and they will follow those instructions and do our bidding.

The problem is that they don’t just follow our instructions. They will happily follow any instructions that make it to the model, whether or not they came from their operator or from some other source.

He digs into MCP specifically:

The problem with Model Context Protocol—MCP—is that it encourages users to mix and match tools from different sources that can do different things.

Many of those tools provide access to your private data. Many more of them—often the same tools in fact—provide access to places that might host malicious instructions.

And yeah, there’s no easy fix.

Here’s the really bad news: we still don’t know how to 100% reliably prevent this from happening.

Plenty of vendors will sell you “guardrail” products that claim to be able to detect and prevent these attacks. I am deeply suspicious of these: If you look closely they’ll almost always carry confident claims that they capture “95% of attacks” or similar… but in web application security 95% is very much a failing grade.

Quoting Devansh:

Fine-tuning advanced LLMs isn’t knowledge injection — it’s destructive overwriting. Neurons in trained language models aren’t blank slates; they’re densely interconnected and already encode crucial, nuanced information. When you fine-tune, you risk erasing valuable existing patterns, leading to unexpected and problematic downstream effects. Instead, use modular methods like retrieval-augmented generation, adapters, or prompt-engineering — these techniques inject new information without damaging the underlying model’s carefully built ecosystem.

Source: codinginterviewsmadesimple.substack.com

Debugging can be a confusing and emotionally unpleasant process. Writing code involves building neat mental models and fitting them together in satisfying ways. Everything is nicely labeled and accounted for. When something goes wrong, it doesn’t just break your code - it also breaks this comforting illusion of control and understanding.

Source: seangoedecke.com

I’ve always been pretty careful about what I put on the internet, especially photos, and definitely pictures of my kids. I’ve made a point to keep where I live and hang out under wraps to protect my privacy. If I were famous (or had anything serious to hide) I’d be seriously worried about how good models are getting these days.

Watching OpenAI’s new o3 model guess where a photo was taken is one of those moments where decades of science fiction suddenly come to life. (…)

It’s also deeply dystopian. Technology can identify locations from photographs now. It’s vitally important that people understand how easy this is—if you have any reason at all to be concerned about your safety, you need to know that any photo you share—even a photo as bland as my example above—could be used to identify your location.

As is frequently the case with modern AI, the fact that this technology is openly available to almost anyone has negative and positive implications. As with image generation, it’s important that people can see what this stuff can do first hand. Seeing this in action is a visceral lesson in what’s now possible.

Source: simonwillison.net

I’ve had this convo at work a bunch—LLMs are becoming a commodity, getting easier and cheaper by the day. But I never really thought about the flip side. What if coding is becoming the commodity instead? 🤯

 “The first generation of AI-powered products (often called “AI Wrapper” apps, because they “just” are wrapped around an LLM API) were quickly brought to market by small teams of engineers, picking off the low-hanging problems. But today, I’m seeing teams of domain experts wading into the field, hiring a programmer or two to handle the implementation, while the experts themselves provide the prompts, data labeling, and evaluations. For these companies, the coding is commodified but the domain expertise is the differentiator.”

Source: Drew Breunig - dbreunig.com

Really excited about the possibilities with MCP—but is it actually ready for safe use in production? Not so sure. Elena Cross put together a great summary of the potential security issues.

“MCP is not secure by default. And if you’ve plugged your agents into arbitrary servers without reading the fine print — congrats, you may have just opened a side-channel into your shell, secrets, or infrastructure.”

Source: elenacross7.medium.com

I’ve always liked the idea of owning my own little patch of grass on the internet. From my first homepage full of animated GIFs in the late ’90s to this very blog, I’ve always treasured having a space that’s free of corporate influence and greed. Hardly anyone reads it—but at least it’s mine.

Matt Webb, Interview for People and Blogs:

Blogging is small-p political again, today. It’s come back round. It’s a statement to put your words in a place where they are not subject to someone else’s algorithm telling you what success looks like; when you blog, your words are not a vote for the values of someone else’s platform.

Source: manuelmoreale.com (via Simon Willison)

I’ve always been a tinkerer and a hacker, and I love building things. Unfortunately, I’m not a developer (even though I know the basics of JavaScript and Python), so I’m often stuck in my tracks by my lack of skill to fully build or prototype the ideas I have. It’s either too complex or too time-consuming.

For the last year or two, I’ve used LLMs and generative AI tools to prototype and validate early concepts. My stack is pretty simple: I chat with Claude (using Artifacts) or ChatGPT, edit existing code with Cursor, or go further by building full-fledged web apps with platforms like Bolt.new and Lovable.

Andrej Karpathy sums it up the best:

It’s not too bad for throwaway weekend projects, but still quite amusing. I’m building a project or webapp, but it’s not really coding - I just see stuff, say stuff, run stuff, and copy paste stuff, and it mostly works.

I also like how Geoffrey Huntley  describes the impact on those of us working in SaaS and development:

People with ideas+unique-insight can get concepts to market in rapid time and be less dependent on needing others expertise as the worlds knowledge is now in the palms of everyone’s hands.

Technologists are still required, perhaps it’s the ideas guys/gals who should be concerned as software engineers now have a path to bootstrap a concept in every white collar industry (recruiting, law, finance, finance, accounting, et al) at breakneck speed without having to find co-founders.

(…)

If you’re a high agency person, there’s never been a better time to be alive…

While I see myself as an idea guy who can just do things, I still wouldn’t feel comfortable shipping all of this to production without some oversight or feedback from someone who actually knows what they’re doing.

Source: ghuntley.com (via Simon Willison)

You often hear that AI will replace us all and that Skynet will take over, but Anthropic’s new initiative should provide a clearer view of how LLMs impact the economy and labor market. There’s a lot of uncertainty, anxiety, and misunderstanding around AI’s capabilities, so it’s crucial that regulations are based on actual data. I really appreciate them open-sourcing the dataset, but I won’t lie—knowing that all my conversations might potentially end up in research data is a little unnerving, even if it’s anonymized.

These kinds of longitudinal analyses can give us new insights into AI and the job market. For example, we’ll be able to monitor changes in the depth of AI use within occupations. If it remains the case that AI is used only for certain tasks, and only a few jobs use AI for the vast majority of their tasks, the future might be one where most current jobs evolve rather than disappear. We can also monitor the ratio of automation to augmentation, providing signals of areas where automation is becoming more prevalent.

Our research gives data on how AI is being used, but it doesn’t provide policy prescriptions. Answers to questions about how to prepare for AI’s impact on the labor market can’t come directly from research in isolation; instead, they’ll come from a combination of evidence, values, and experience from broad perspectives.

Source: anthropic.com

As Michael Scott would say, ‘Well, well, well… how the turntables!’ OpenAI seems upset that another AI company is training on its data without permission. The article also provides a gentle introduction to distillation.

It is, as many have already pointed out, incredibly ironic that OpenAI, a company that has been obtaining large amounts of data from all of humankind largely in an “unauthorized manner,” and, in some cases, in violation of the terms of service of those from whom they have been taking from, is now complaining about the very practices by which it has built its company.

I’ve always been impressed by Benjamin Gates’ ability to come up with random facts about anything history-related (ideally just on time to get them out of a crumbling temple or to make some gate to the treasure open), well, apparently it looks like ChatGPT can do that now too. In Benjamin Breen’s words: The leading AI models are now good historians … in specific domains.

what isthat “heart or medallion” on the figure’s chest, anyway? I suspect it’s actually a physician holding (in his right hand) a portable medical chest, and in his left, a urine flask. But what strikes me here is not that the model guessed wrong — it’s that it even noticed such a small detail, and drew attention to it. I mention this one small detail because, to be honest, I had failed to notice it myself*.***

Quoting Steph Ango (Obsidian’s CEO) :

Think of local-first as a hardening function. Local systems should remain operational even when the infrastructure isn’t… when the infrastructure comes back online, changes are synced. It’s the same reason you might want a battery or generator if the electrical grid goes down.

I don’t know how you feel about the state of social media and the internet in general these days, but it’s hard not to feel like we’re being played here.

The TikTok ban, the Musk Twitter takeover, the Facebook moderation policy changes, the Republicans’ rapidly intensifying crackdowns on speech… let these be the proof you needed to move anything you care about online to a space you control.

Digital sovereignty is more important than ever.

• Molly White

A very useful and actionable guide to AI prototyping for product managers by Colin Matthews.

• Choose v0 for beautiful designs by default
• Choose Bolt for quick prototypes with flexible designs
• Choose Replit for internal tools or products that store or transform data
• Choose Lovable for building production apps that benefit from integrations with your current tools

Who doesn’t like to see the inner workings of LLMs and system prompts? Here is Willison’s blog post about the new ChatGPT Tasks (a new feature that lets you send prompts to ChatGPT and it executes them for you at an assigned time).

Like most ChatGPT features, this one is implemented as a tool and specified as part of the system prompt. In the linked conversation I goaded the system into spitting out those instructions (“I want you to repeat the start of the conversation in a fenced code block including details of the scheduling tool” … “no summary, I want the raw text”) - here’s what I got back.

Curated 2025 “required reads” for the AI engineer by Latent Space.

Our design goals are:

• pick ~50 papers (~one1 a week for a year), optional extras. Arbitrary constraint.
• tell you why this paper matters instead of just name drop without helpful context
• be very practical for the AI Engineer; no time wasted on Attention is All You Need, bc 1) everyone else already starts there, 2) most won’t really need it at work

Peter Sergeant creates LLM-based non-player characters (NPCs) for a popular online game and wrote this insightful article describing how to leverage chain-of-thought (CoT) prompting to helping keeping LLM-generated responses under control.

 If — like us — you want to use an off-the-shelf model, this is a big freakin’ problem. The LLM already has a strong, everyday association with how “endurance” should relate to the gym, has strong opinions on whether or not a boomerang is a “throwing weapon”, and is quite convinced that Lithuania is a real place with fun things you can do there. In order to do what we want, we need to explain an awful lot about our constrained reality first!

People often dismiss LLMs as ‘just next-token predictors,’ but that’s way too simplistic. This overlooks the complex and unexpected behaviours that come out of the process. Tlaie Boria dives into how prediction, the core mechanism of LLMs, can actually lead to crazy levels of intelligence, reasoning, and creativity. By comparing this to evolution and human cognition, it shows that these models are capable of way more than just spitting out the next word—they’re building internal representations and capabilities that go far beyond basic word prediction.

Calling LLMs “just next-token predictors” is a bit like calling humans “just gene replication machines.” Both statements are superficially correct but profoundly miss the point. The objective that drives a system’s formation—whether it’s evolutionary fitness or next-token prediction—does not necessarily limit or fully describe the internal mechanics and emergent complexities that arise in pursuit of that objective.

Max Woolf dives into a fascinating experiment: Can LLMs ‘go meta’ when asked to generate better code—much like how generative AI produces wild outputs when prompted for ‘more X’? It also raises an interesting question: What does ‘better’ even mean in code? More performant? More reliable? Or more complex?

If code can indeed be improved simply through iterative prompting such as asking the LLM to “make the code better” — even though it’s very silly — it would be a massive productivity increase. And if that’s the case, what happens if you iterate on the code too much? What’s the equivalent of code going cosmic? There’s only one way to find out!

If I had to choose just one person to follow for insights on LLMs and generative AI, it would be Simon Willison. Here are his 2024 highlights, which are well worth reading if you’re interested in the topic. Things he learned about LLMs in 2024.

A lot has happened in the world of Large Language Models over the course of 2024. Here’s a review of things we figured out about the field in the past twelve months, plus my attempt at identifying key themes and pivotal moments.

Gruber comments on OpenAI’s pursuit of massive funding, likening it to a Ponzi scheme. He reflects on the history of Netscape and Mosaic, providing a glimpse into the past dynamics of unsustainable ventures, and argues that, despite OpenAI’s leading product and user experience (which is hard to argue), it lacks a durable competitive edge.

OpenAI is to this decade’s generative-AI revolution what Netscape was to the 1990s’ internet revolution. The revolution is real, but it’s ultimately going to be a commodity technology layer, not the foundation of a defensible proprietary moat. In 1995, investors mistakenly thought investing in Netscape was a good way to bet on the future of the open internet and the World Wide Web in particular. Investing in OpenAI today is a bit like that

Christine Lemmer-Webber asks, How decentralized is Bluesky really? and offers a critical perspective on the topic. While it’s a technical read, it provides interesting insights into the Fediverse, ActivityPub, and the broader conversation about the decentralized internet. Follow-up article here.

Under these definitions, Bluesky and ATProto are not meaningfully decentralized, and are not federated either. However, this is not to say that Bluesky is not achieving something useful; while Bluesky is not building what is presently a decentralized Twitter, it is building an excellent replacement for Twitter, and Bluesky’s main deliverable goal is something else instead: a Twitter replacement, with the possibility of “credible exit”.

Jeff Triplett’s words really resonate with me. Writing has been a real struggle for me over the last few years. Sure, I could say it’s because I haven’t had the time or energy, but the truth runs deeper: I’m rarely satisfied with my work enough to hit ‘publish.’ I find myself caught in an endless cycle of editing and reworking, which ultimately means my pieces never see the light of day. Lately, though, I’ve started to break out of this cycle by focusing on shorter form content—like the curated finds posts I’ve been publishing recently. Not gonna lie, it’s liberating!

Please publish and share more

Friends, I encourage you to publish more, indirectly meaning you should write more and then share it. (…) You don’t have to change the world with every post. You might publish a quick thought or two that helps encourage someone else to try something new, listen to a new song, or binge-watch a new series. (…) Our posts are done when you say they are. You do not have to fret about sticking to landing and having a perfect conclusion. Your posts, like this post, are done after we stop writing.

In his recent post, Zsolt Ero shares MapHub’s experience with users who struggle with having to manually save their work. MapHub requires users to click a “Save” button to save their progress, which also lets them restore previous versions. But this lack of auto-save is challenging for many, especially as people are used to cloud-based tools like Google Docs or Notion, where everything is saved automatically.

This got me thinking: our own software, used by folks in manufacturing, does have auto-save, yet users still ask for a Save button. It’s like they don’t quite trust auto-save, holding onto that old CTRL-S reflex from the days of Microsoft Word and Excel. Is this unique to our users, or is it just a generational thing? Maybe as Gen Z enters the workforce—never having dealt with saving files manually—they’ll see things differently.

Is there now a generation of users who never worked with files?

I explained to everyone that there’s no need to worry; even if they accidentally edit or delete their maps, they can always recover previous versions or even their deleted maps by clicking on the “Version History” or “Restore Deleted Maps” buttons. But more and more users were telling me they couldn’t find anything. That’s when I realized that many users today simply aren’t used to saving files manually. They’ve grown up using cloud-based editors like Google Docs, where autosave is the default.

Fun fact: My journey into computers and technology started with learning Logo when I was around 5 or 6 years old (remember the turtle drawing according to your instructions?). I’ve always loved when art and technology come together—it leads to such interesting and inspiring results. That’s probably why I’ve always been drawn to Processing as well. So, it’s no surprise that this Show HN thread piqued my curiosity. If you’re into Picasso, Raspberry Pi 5, and Stable Diffusion, give it a look!

Wall-mounted diffusion mirror that turns reflections into paintings.

Making art is hard. My view is that art is about surfacing the inner world, and only in part about skill. It’s unfortunate that art selects so strongly for skill. Can we decorrelate the two? It seems so. Cheap interpolative* creativity used by 8 billion non-artists surely surfaces new views of the world.

the question of how something scales down is, to my mind, one of the most important questions of the moment. (…) It is perhaps, the fundamental question of technological political economy. We live in a new gilded age, with monopoly triumphantly resurgent. Lina Khan isn’t going to keep her job, and I live in a country perhaps best described as three telecom monopolies in a trenchcoat.

• Scott C. Richmond

Goodbye, net neutrality — Ajit Pai’s FCC votes to allow blocking and throttling

By far the biggest news of the last weeks is the FCC killing Net Neutrality.

The Federal Communications Commission voted today to deregulate the broadband industry and eliminate net neutrality rules that prohibit Internet service providers from blocking and throttling Internet traffic. For net neutrality advocates, the next phase in this fight has only just begun. Some heavy weights like Tim Berners-Lee, Steve Wozniak or Whitfield Diffie also published the Pioneers for Net Neutrality “manifesto”, so the fight is definitely not over!

It also appears that the FCC is blocking a law enforcement investigation into fraudulent comments designed to provide bogus support for the agency’s looming net neutrality repeal. The New York Times gives you a peek at the possible future in U.S through Net Neutrality’s Holes in Europe.

The Mirai Botnet Was Part of a College Student Minecraft Scheme

The DDoS attack that brought the internet to its knees last Fall wasn’t a nation sponsored hack, it was three college kids working a (brilliant) Minecraft hustle. Fascinating!

THE MOST DRAMATIC cybersecurity story of 2016 came to a quiet conclusion Friday in an Anchorage courtroom, as three young American computer savants pleaded guilty to masterminding an unprecedented botnet — powered by unsecured internet-of-things devices like security cameras and wireless routers — that unleashed sweeping attacks on key internet services around the globe last fall. What drove them wasn’t anarchist politics or shadowy ties to a nation-state. It was Minecraft.

First Round State of Startups 2017

The 2017 State of Startups is out!

Before we do, though, we want to acknowledge the significance of two ongoing conversations in our industry — both of which are heavily represented in the results we chose to feature. The first is about diversity and inclusion, which we incorporated into last year’s survey to get founders’ perspectives on root causes and possible solutions. And the second is about sexual harassment. We included a number of questions about this issue in 2017, and the results were stark.

Technology / AI / Blockchain

A Cryptocurrency Without a Blockchain Has Been Built to Outperform Bitcoin

While Bitcoin is all over the news, a lot of other cryptocurrencies gain momentum. IOTA is one of them.

Called IOTA, it has jumped in total value from just over $4 billion to more than $10 billion in a little over two weeks. But that isn’t what makes it interesting. What makes it interesting is that it isn’t based on a blockchain at all; it’s something else entirely. Instead of a blockchain, IOTA uses a “tangle,” which is based on a mathematical concept called a directed acyclic graph. (…) Part of Sønstebø’s issue with Bitcoin and other blockchain systems it that they rely on a distributed network of “miners” to verify transactions. So IOTA has dispensed with the miners. Instead, when a user issues a transaction, that individual also validates two randomly selected previous transactions, each of which refer to two other previous transactions, and so on. As new transactions mount, a “tangled web of confirmation” grows.

Statement on Cryptocurrencies and Initial Coin Offerings

With the lack of regulation comes freedom but sometimes also abuse. With the evergrowing interest in cryptocurrencies, the SEC just issued a statement on cryptocurriencies and ICOs.

The cryptocurrency and ICO markets have grown rapidly. These markets are local, national and international and include an ever-broadening range of products and participants. They also present investors and other market participants with many questions, some new and some old (but in a new form), including, to list just a few: Is the product legal? Is it subject to regulation, including rules designed to protect investors? Does the product comply with those rules? Is the offering legal? Are those offering the product licensed to do so? Are the trading markets fair? Can prices on those markets be manipulated? Can I sell when I want to? Are there substantial risks of theft or loss, including from hacking?

Estonia, the Digital Republic

Is e-Estonia (the coördinated governmental effort to transform the country from a state into a digital society) the future of democracy and governments?

Its government is virtual, borderless, blockchained, and secure. Has this tiny post-Soviet nation found the way of the future?

Google to Open Beijing AI Center in Latest Expansion in China — Bloomberg

Google is deepening its push into China as it seeks an edge in one of technology’s most competitive fields: artificial intelligence.

From Porn Sites to Starbucks Wi-Fi, CPUs Are Getting Hijacked to Mine Cryptocoins

It’s not even surprising anymore…

It’s one thing to wake up and discover that you missed the boat on a cryptocurrency boom that’s making a handful of people very wealthy. It’s another thing to find out that your computer is making someone else rich while it gives you poor performance and jacks up your electricity bill. With the spread of cryptojacking, that infuriating scenario is happening to more people.

How traders ‘pump and dump’ cryptocurrencies

Take a look at the technique used to coordinate “pump and dump” schemes, which artificially inflate the price of cryptocurrencies. Nothing new there but with the absence of regulation most of these techniques remain legal.

Development / Design / DIY projects

The State of JavaScript 2017: Introduction

A short survey about current popular JavaScript technologies.

The State of UX in 2018

UX trends for 2018, including artificial intelligence, chatbots, design tools, process and other topics designers are writing and thinking about.

Keras and deep learning on the Raspberry Pi

Perform real-time deep learning on the Raspberry Pi using Keras, Python, and TensorFlow. Perfect Winter weekend project.

Bits and pieces

Check out Cypress.io, a fast, easy and reliable testing for anything that runs in a browser. You might as well try tecfu/tty-table to display ASCII tables in your terminal emulator or browser console. Also get this one a shot: Darkwire.io — an encrypted web socket chat.

Researchers have uncovered an Android malware that is capable of physically damaging your smartphone using cryptocurrency mining. While you weren’t watching, “Suspicious” event routed traffic for big-name sites through Russia. Comcast is under fire for injecting JavaScript code into websites its customers visit. And this is what happens when your bank’s site is not secure.

Brace yourselves, Google will turn on native ad-blocking in Chrome on February 15. French privacy watchdog raps WhatsApp over Facebook data sharing. Also China blocks foreign companies from mapping its roads for self-driving cars as the government is concerned about spying.

Check out this huge aggregation of content around Weaponization of Education Data. See how Apple handles privacy at scale and build a scalable static ecommerce website with Hugo.

How Level 3’s Tiny Error Shut Off the Internet for Parts of the US

A simple misconfiguration caused massive outages for internet service providers and large internet platforms around the US. This is a good reminder that our infrastructures remain very vulnerable.

In a “route leak,” an AS, or multiple ASes, issue incorrect information about the IP addresses on their network, which causes inefficient routing and failures for both the originating ISP and other ISPs trying to route traffic through. Think of it like a series of street signs that help keep traffic flowing in the right directions. If some of them are mislabeled or point the wrong way, assorted chaos can ensue. (…) Monday’s outages reinforce how precarious connectivity really is, and how certain aspects of the internet’s architecture — offering flexibility and ease-of-use — can introduce instability into what has become a vital service.

DOJ: Strong encryption that we don’t have access to is “unreasonable”

I don’t understand why we’re still debating this. Don’t make encryption weaker, it’s pointless. Like someone said in the comments “It isn’t a dimmer switch, its an on-off switch. It either works or it doesn’t.”

He later added that the claim that the “absolutist position” that strong encryption should be by definition, unbreakable, is “unreasonable.” “And I think it’s necessary to weigh law enforcement equities in appropriate cases against the interest in security,” he said. The DOJ’s position runs counter to the consensus of information security experts, who say that it is impossible to build the strongest encryption system possible that would also allow the government access under certain conditions.

How Facebook Figures Out Everyone You’ve Ever Met

Just if you weren’t scared of Facebook yet.

Behind the Facebook profile you’ve built for yourself is another one, a shadow profile, built from the inboxes and smartphones of other Facebook users. Contact information you’ve never given the network gets associated with your account, making it easier for Facebook to more completely map your social connections.

Technology / AI / Blockchain

‘$300m in cryptocurrency’ accidentally lost forever due to bug

Poor guy mistakenly took control of hundreds of wallets containing Ether and destroyed them in a panic while trying to give them back. Parity need to get their act together…

More than $300m of cryptocurrency has been lost after a series of bugs in a popular digital wallet service led one curious developer to accidentally take control of and then lock up the funds (…) Parity revealed that, while fixing a bug that let hackers steal $32m out of few multi-signature wallets, it had inadvertently left a second flaw in its systems that allowed one user to become the sole owner of every single multi-signature wallet. The user, “devops199”, triggered the flaw apparently by accident. When they realised what they had done, they attempted to undo the damage by deleting the code which had transferred ownership of the funds. Rather than returning the money, however, that simply locked all the funds in those multisignature wallets permanently, with no way to access them.

SegWit2x Is Dead, Long Live Bitcoin! Price Hits All-Time High As Hard Fork Canceled

Developers have canceled the Bitcoin SegWit2x hard fork due to it failing to achieve consensus.

Bitcoin has reached a new all-time high of $7,888 as participants of the SegWit2x hard fork announce they have “suspended” it. (…) Mike Belshe says that it was “clear” the project “had not built sufficient consensus for a clean blocksize upgrade at this time.” SegWit2x will therefore not activate Nov. 16 as planned (…) “Our goal has always been a smooth upgrade for Bitcoin. Although we strongly believe in the need for a larger blocksize, there is something we believe is even more important: keeping the community together. Unfortunately, it is clear that we have not built sufficient consensus for a clean blocksize upgrade at this time. Continuing on the current path could divide the community and be a setback to Bitcoin’s growth. This was never the goal of SegWit2x.”

Mapping’s Intelligent Agents: Autonomous Cars and Beyond

How do machine intelligences read and write the world? And what Other intelligences deserve our attention?

Revolutions in machine sensing have transformed fields like medicine and engineering and creative production, several times over. Now, finally, these technologies are reaching their apotheosis, converging in — sound of balloon deflating — the self-driving car!(…) With the stakes so high, we need to keep asking critical questions about how machines conceptualize and operationalize space. How do they render our world measurable, navigable, usable, conservable?

Creating a Modern OCR Pipeline Using Computer Vision and Deep Learning

Fascinating stuff!

We used computer vision and deep learning advances such as bi-directional Long Short Term Memory (LSTMs), Connectionist Temporal Classification (CTC), convolutional neural nets (CNNs), and more. In addition, we will also dive deep into what it took to actually make our OCR pipeline production-ready at Dropbox scale.

Development / Design / DIY projects

How Raspberry Pi became the bestselling British computer of all time

Nice to read how that awesome project came to existence.

The Raspberry Pi started off as a side project, but it’s grown into a global organization that makes the computer industry more welcoming. Meet the Brits who promised the world a $25 PC, and delivered a revolution.

SnoopPi: A Raspberry Pi based Wifi Packet Capture Workhorse.

Want to hack the world? Check this out! ;)

SnoopPi the setup: The basic setup is pretty simple. Hardware:

1. Raspberry Pi 3
2. 7 Inch TFT (I used the waveshare 7 inch, will explain why later)
3. Alfa AWUS036NEH x 2
4. Alfa AWUS052NH x 1
5. Aukey USB 3.0 Hub. CB-H19 ( 4 port + 3 power only ports)
6. Bluetooth keyboard x 1
7. 1 hard case.
8. Optional: OmniCharge Mobile Battery.

Tufte CSS

Very clean!

Tufte CSS provides tools to style web articles using the ideas demonstrated by Edward Tufte’s books and handouts. Tufte’s style is known for its simplicity, extensive use of sidenotes, tight integration of graphics with text, and carefully chosen typography.

GitHub — k88hudson/git-flight-rules: Flight rules for git

If you struggle with git sometimes, this is for you!

What are “flight rules”? A guide for astronauts (now, programmers using git) about what to do when things go wrong. Flight Rules are the hard-earned body of knowledge recorded in manuals that list, step-by-step, what to do if X occurs, and why. Essentially, they are extremely detailed, scenario-specific standard operating procedures. […]

Felix Krause

Scary proof of concept.

iOS Privacy: watch.user — Access both iPhone cameras any time your app is running Once you grant an app access to your camera, it can

• access both the front and the back camera
• record you at any time the app is in the foreground
• take pictures and videos without telling you
• upload the pictures/videos it takes immediately
• run real-time face recognition to detect facial features or expressions
• Have you ever used a social media app while using the bathroom? 🚽
• All without indicating that your phone is recording you and your surrounding, no LEDs, no light or any other kind of indication.

Serious flaw in WPA2 protocol lets attackers intercept passwords and much more

Unless you live on another planet, you’ll have heard about last week’s bad news: WiFi is broken and your network is most likely insecure now.

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting. The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks.If you want to try it for yourself, the PoC is on Github and all the additional info you need are on the official website. Check out the list of companies potentially affected here and who’s already fixed it (or not).

The World Once Laughed at North Korean Cyberpower. No More.

Scary times: while the world is fixated on its nuclear missiles, North Korea has also developed a cyberattack program that is stealing millions and unleashing havoc.

When North Korean hackers tried to steal $1 billion from the New York Federal Reserve last year, only a spelling error stopped them. They were digitally looting an account of the Bangladesh Central Bank, when bankers grew suspicious about a withdrawal request that had misspelled “foundation” as “fandation.” Even so, Kim Jong-un’s minions still got away with $81 million in that heist.

Big data meets Big Brother as China moves to rate its citizens

It’s 1984 in China! It’s both fascinating and very scary.

Imagine a world where many of your daily activities were constantly monitored and evaluated: what you buy at the shops and online; where you are at any given time; who your friends are and how you interact with them; how many hours you spend watching content or playing video games; and what bills and taxes you pay (or not). It’s not hard to picture, because most of that already happens, thanks to all those data-collecting behemoths like Google, Facebook and Instagram or health-tracking apps such as Fitbit. But now imagine a system where all these behaviours are rated as either positive or negative and distilled into a single number, according to rules set by the government. That would create your Citizen Score and it would tell everyone whether or not you were trustworthy.

Technology / AI / Blockchain

Welcoming Our New Robot Overlords

Robots used to assist human workers, now it’s the other way around.

Automation was bringing greater and greater efficiency, even though, at a certain point, the logic of increasing efficiency would catch up with him, and he wouldn’t be around any longer to witness it. One day, the factory might go dark. In the meantime, he was enjoying the advantages of work that involved less work.

Robots Are Coming for These Wall Street Jobs

Wall Street is entering a new era, see how robots and AI will change the way traders work.

Banks and investment funds have been tinkering for years, prompting anxiety for employees. Now, firms are rolling out machine-learning software to suggest bets, set prices and craft hedges. The tools will relieve staff of routine tasks and offer an edge to those who stay. But one day, machines may not need much help.

Spotify’s Discover Weekly: How machine learning finds your new music

See how Spotify creates your Discover Weekly playlist.

There are three main types of recommendation models that Spotify employs: Collaborative Filtering models (i.e. the ones that Last.fm originally used), which work by analyzing your behavior and others’ behavior. Natural Language Processing (NLP) models, which work by analyzing text. Audio models, which work by analyzing the raw audio tracks themselves.

Development / Design / DIY projects

Web development explained to a time traveler from 10 years ago

Great summary of where the web is today.

I’m glad that you’re still interested in computers! Today we have many more of them than we did 10 years ago, and that comes with new challenges. We wear computers on our wrists and faces, keep them in our pockets, and have them in our fridges and kettles. The cars are driving themselves pretty well, and we’ve taught programs to be better than humans at pretty much every game out there — except maybe drinking.

OverTheWire: Wargames

Test your hackers skills with this game.

The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.

Practical Public Key Cryptography

Public key cryptography in a nutshell.

Today you can send an encrypted message to anyone. This is accomplished by the use of a pair of keys: one public key and one private key. The key properties are such that when something is encrypted with the public key, only the private key can decrypt it and vice-versa. (…) But the game changer is that the public key doesn’t have to be kept secret. This allows cryptography to be used for authentication — proving who someone is — as well as for encryption, without requiring you to have previously exchanged secrets.

Bits and pieces

Chase just bought WePay. Google Just Made Gmail the Most Secure Email Provider on the Planet. Alibaba Group announced the launch of an innovative global research program called “Alibaba DAMO Academy.“

Check out Woebot, the AI for mental health. See how this guy sold his SaaS business. Also, apparently you shouldn’t design your emails and stick to plain text. If you find MailChimp too expensive, check this: MailChimp vs. Amazon SES — How I Reduced My Monthly Bill by 92%.

See how this guy Snatched 153,037 ETH After A Bad Tinder Date. Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices. And finally, want to see something crazy? Open this link on your phone with WiFi turned off.

Disqus Security Alert: User Info Breach

I guess it’s time to change your Disqus password.

Yesterday, on October 5th, we were alerted to a security breach that impacted a database from 2012. While we are still investigating the incident, we believe that it is best to share what we know now. We know that a snapshot of our user database from 2012, including information dating back to 2007, was exposed. The snapshot includes email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5MM users. Additionally, passwords (hashed using SHA1 with a salt; not in plain text) for about one-third of users are included.

Notice of 2013 We Heart It Data Breach

If you have a We Heart It account you might want to update your password too.

On October 11, 2017, we were alerted to a possible security breach involving account information for over 8 million accounts that had occurred several years ago. We immediately began an investigation to verify the information and are writing this post to inform the community of our findings to date, and the immediate actions we are taking to further protect your data.

Equifax website borked again, this time to redirect to fake Flash update

Equifax still struggles, it looks like their site redirects to fake Flash update scams.

For several hours on Wednesday, and again early Thursday morning, the site was maliciously manipulated again, this time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors’ computers with adware that was detected by only three of 65 antivirus providers.Apparently, rival TransUnion also sends site visitors to malicious pages.

Accidental Dow Jones News Report Claims Google to Buy Apple for $9 Billion

This is what happens when you’re not careful when testing.

The Dow Jones newswire reported some mind-blowing news this morning: Google is acquiring Apple for the relatively paltry price of $9 billion, thanks to an agreement revealed in Steve Jobs’ will. But the news — and the multiple alerts that the newswire blasted out — were bogus.

Holding the powerful accountable, using data

Great piece about data and investigative journalism, and how it can be used to keep the powerful in check.

It is referred to as one of the main goals of modern journalism, and yet, in many parts of the world, holding the powerful accountable causes a great amount of threats and challenges. How do you go about investigating corruption and finding the data that your government or powerful individuals want to keep hidden? What issues do most data journalists face when working on such investigations and how do they tackle them?

Technology / AI / Blockchain

SAGE: an artificially intelligent band recommender

Gotta love when the underground music scene is where brilliant minds come up with insane AI projects (very technical piece of reading).

We’ve been able to leverage publicly available data about communal listening habits across over 200,000 bands and developed a novel model for finding new music. The model has been able to learn fairly robust mathematical representations of bands that preserves their “context”: bands that share members, have similar tempos, are lyrically and thematically related, tend to cluster together in the embedded space. This enables the user to define taste profiles capturing what they do and don’t like, and that corresponds to a well-defined set of mathematical operations on the embedded representations of bands.

Playbook for Testing Chatbots

If you’ve been experimenting with chatbots I’m sure you’ve been through the painful process of testing your bots. This project might be able to help you structure your tests.

Chatbottest is an open source Playbook of 120 questions (and counting) that you can use for free to test your chatbot and its UX. Similar to what you get with an Heuristic Evaluation on traditional interfaces, with this guide you will be able to find out what users will expect from their interaction.

Development / Design / DIY projects

8-Point Grid: Vertical Rhythm

Discover the 8-point grid, a powerful system for creating consistent and visually appealing user interfaces.

Bits and pieces

Apparently OxygenOS (the custom version of the Android operating system that comes installed on all OnePlus smartphones) is tracking usersactions without anonymizing data. Speaking of phones, don’t get fooled by this malicious Apple ID popup that will steal your password.

See how a cybersecurity researcher has found a way to abuse WhatsApp’s ‘online status’ feature to spy and monitor on people’s sleeping patterns. Also check out the Absurdly Underestimated Dangers of CSV Injection.

Read more about how Your Data is Being Manipulated and see why company culture makes or breaks remote work.

AIM will shut down after 20 years

It must admit I didn’t even know AIM was still around but this is a little piece of history that will soon be disappearing.

AIM was one of the first and most successful instant messengers, widely used in the late ’90s and even throughout the 2000s. I was still using AIM to chat with my friends throughout college at the end of the decade, including to stay in touch with my (not-yet) significant other while she was studying abroad. But with the proliferation of smartphones, everything has changed. Text messaging has taken over for desktop instant messaging apps, and increasingly, we’re seeing other social apps, like Snapchat and Instagram, take over for those in certain ways.

FEMA Deletes Information About Lack of Water and Electricity in Puerto Rico

Just another attempt by Trump administration to hide the truth.

The FEMA website has been an important tool for keeping Americans up to date on disaster recovery efforts in Puerto Rico after Hurricane Maria. But yesterday, the agency deleted statistics about how many people have access to electricity and clean water on the island. The FEMA website now only displays information that casts the recovery efforts in a positive light.

UK gives WhatsApp another spanking over e2e crypto

UK government trying to find any “good” reason to prevent people from using proper encryption.

The UK government has once again bared its anti-technology teeth in public, leaning especially heavily on messaging platform WhatsApp for its use of end-to-end encryption security tech, and calling it out for enabling criminals to communicate in secret. Reuters reported yesterday that UK Home Secretary Amber Rudd had called out end-to-end encryption services “like WhatsApp”, claiming they are being used by paedophiles and other criminals and pressurizing the companies to stop enabling such people from operating outside the law.

Equifax Breach Caused by Lone Employee’s Error, Former C.E.O. Says

Not very convincing…

Richard F. Smith, who stepped down last week, repeatedly apologized to the members of the House Energy and Commerce Committee — and the American people — for the security lapse. But he also sought to play down the severity of the problems that had led to the breach, defended the company’s response to the crisis and deflected questions about how far Equifax would go to compensate consumers who were financially harmed. On multiple occasions, Mr. Smith referred to an “individual” in Equifax’s technology department who had failed to heed security warnings and did not ensure the implementation of software fixes that would have prevented the breach.

Kaspersky Lab Has Been Working With Russian Intelligence

Americans are asking if Kaspersky Lab might have ties to the Kremlin.

Russian cybersecurity company Kaspersky Lab boasts 400 million users worldwide. As many as 200 million may not know it. The huge reach of Kaspersky’s technology is partly the result of licensing agreements that allow customers to quietly embed the software in everything from firewalls to sensitive telecommunications equipment — none of which carry the Kaspersky name.That success is starting to worry U.S. national security officials concerned about the company’s links to the Russian government.

As US launches DDoS attacks, N. Korea gets more bandwidth — from Russia

You gotta give them credit, they never give up!

As the US reportedly conducts a denial-of-service attack against North Korea’s access to the Internet, the regime of Kim Jong Un has gained another connection to help a select few North Koreans stay connected to the wider world — thanks to a Russian telecommunications provider. Despite UN sanctions and US unilateral moves to punish companies that do business with the Democratic People’s Republic of Korea (…) Russian telecommunications provider TransTelekom (…) began routing North Korean Internet traffic at 5:30pm Pyongyang time on Sunday. The connection, Williams reported, offers a second route for traffic from North Korea’s Byol (“Star”) Internet service provider, which also runs North Korea’s cellular phone network. Byol offers foreigners in North Korea 1Mbps Internet access for €600 (US$660) a month (with no data caps).

Technology / AI / Blockchain

Poor Richard’s Guide to Cryptocurrency

Some wise words from Ben Franklin.

Ben Franklin’s financial advice is legendary. “A penny saved is a penny earned” is a mantra two centuries after Franklin’s death and “An investment in knowledge always pays the best interest” is as applicable today as in the time of King George III. (…) A wise investor must secure accounts properly. When using a turn-key wallet like Coinbase or an exchange, always use two-factor authentication. Always make sure to use Google Authenticator instead of a SMS message. A wise investor must not leave funds in the exchange communal wallet. They do not get your business mixed up in theirs after their transactions are complete.

Decentralized Internet on Blockchain

How blockchain can mobilize a community to provide Internet for each other and create a new sharing economy.

The core principle is simple: Members of a community own the means for delivering Internet to each other. They also profit from that delivery. This is what I mean by Socialization. Shared costs, but also shared profits. We, the community, share in the cost and effort of being our own ISP together. We also share in the profit of that communal utility.

RandomAdversary/Awesome-AI-Security: #AISecurity

Great curated list of AI security resources.

Now anyone can explore machine learning, no coding required

Test machine learning from your browser, without coding.

Teachable Machine, a simple experiment that lets you teach a machine using your camera — live in the browser, no coding required. Teachable Machine is built with a new library called deeplearn.js, which makes it easier for any web developer to get into machine learning. It trains a neural net right in your browser — locally on your device — without sending any images to a server. We’ve also open sourced the code to help inspire others to make new experiments.

Development / Design / DIY projects

Mobile UX isn’t just about breakpoints

Great piece about how mobile UX is not just about about breakpoints and reorganizing elements.

Responsive design, therefore, should not be used for its own sake, or because it’s the modern way of creating interfaces. Before jumping into it’s toolset, and starting to rearrange boxes, clear goals should be set based on how, where, and why people will eventually interact with the product you design.

url-to-pdf-api: Web page PDF rendering done right

Always useful.

url-to-pdf-api — Web page PDF rendering done right. Self-hosted service for rendering receipts, invoices, or any content.

Bits and pieces

The massive data breach at Yahoo in 2013 was far more extensive than previously disclosed, affecting all of its 3 billion user accounts, its parent company Verizon said. For the hackers out there, check out pcap2curl — Read a packet capture, extract HTTP requests and turn them into cURL commands for replay. Read more about WebUSB, how a website could steal data off your phone. Also Tfl plans to make £322m by collecting data from passengers’ mobiles via Tube Wi-Fi.

Discover the Pre-History of Slashdot on its 20th Birthday and check out Colony, a platform for open organizations built on the Ethereum blockchain. Stripe just released Stripe Elements to help you build beautiful and smart checkout flows.

Deloitte hit by cyber-attack revealing clients’ secret emails

This week’s high profile data leak’s victim is Deloitte!

One of the world’s “big four” accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients (…) The hacker compromised the firm’s global email server through an “administrator’s account” that, in theory, gave them privileged, unrestricted “access to all areas”. The account required only a single password and did not have “two-step“ verification, sources said. (…) In addition to emails, the Guardian understands the hackers had potential access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. Some emails had attachments with sensitive security and design details.Techbeacon also asks “Deloitte 4+ months late on breach: New poster child for bad security practices?”

The Equifax Hack Has the Hallmarks of State-Sponsored Pros

Investigations into the massive breach aren’t complete but it seems the intruders used techniques that have been linked to nation-state hackers in the past.

The handoff to more sophisticated hackers is among the evidence that led some investigators inside Equifax to suspect a nation-state was behind the hack. Many of the tools used were Chinese, and these people say the Equifax breach has the hallmarks of similar intrusions in recent years at giant health insurer Anthem Inc. and the U.S. Office of Personnel Management; both were ultimately attributed to hackers working for Chinese intelligence.Following the breach Equifax C.E.O. Richard Smith also stepped down.

Uber threatens to leave if Quebec insists on stricter rules

Uber says it will cease operations in Quebec next month if the province doesn’t back down on new, stricter rules regulating the ride-hailing service. ‘Bye-bye, I don’t care,’ Montreal mayor says.

“What the [Transport] Ministry has announced is an attempt to impose old rules on a new technological model,” he told a news conference. Quebec is the only Canadian jurisdiction where Uber operates that requires drivers to do training, he said. Previously, they had to do 20 hours (…) He said 15 extra hours of training that could be done online should not be a big deal, suggesting drivers split the 35 hours into seven sessions of five hours each.

China Blocks WhatsApp, Broadening Online Censorship

After ICOs and Bitcoins, it’s WhatsApp’s turn to get banned in China.

China has largely blocked the WhatsApp messaging app, the latest move by Beijing to step up surveillance ahead of a big Communist Party gathering next month. The disabling in mainland China of the Facebook-owned app is a setback for the social media giant, whose chief executive, Mark Zuckerberg, has been pushing to re-enter the Chinese market, and has been studying the Chinese language intensively. WhatsApp was the last of Facebook products to still be available in mainland China; the company’s main social media service has been blocked in China since 2009, and its Instagram image-sharing app is also unavailable.

U.S. to Collect Social Media Data on All Immigrants Entering Country

The Department of Homeland Security will soon begin collecting social media data from all immigrants entering the US.

The department will begin collecting the information on Oct. 18, the same day the Trump administration’s new travel ban on citizens of seven countries and restrictions on those from two others are set to take effect. Green card holders and naturalized citizens will also have their social media information collected, with the data becoming part of their immigration file (…) The department (…) would collect “social media handles, aliases, associated identifiable information and search results,” which would be included in an applicant’s immigration file. It said the data would come from “publicly available information obtained from the internet, public records, public institutions, interviewees, commercial data providers.”

Technology / AI / Blockchain

Chaos and hackers stalk investors on cryptocurrency exchanges

Trading bitcoins and other virtual currencies can make fortunes for their owners but they are largely unregulated, besieged by hackers and thieves, and fraught with risk for consumers.

Dan Wasyluk discovered the hard way that trading cryptocurrencies such as bitcoin happens in an online Wild West where sheriffs are largely absent. Wasyluk and his colleagues raised bitcoins for a new tech venture and lodged them in escrow at a company running a cryptocurrency exchange called Moolah. Just months later the exchange collapsed; the man behind it is now awaiting trial in Britain on fraud and money-laundering charges. He has pleaded not guilty. Wasyluk’s project lost 750 bitcoins, currently worth about $3 million, and he believes he stands little chance of recovering any money.

Showtime websites secretly mined user CPU for cryptocurrency

After Pirate Pay, it’s Showtime’s website turn to mine cryptocurrencies without users’ consent.

Showtime websites were found to be running a script that allows the sites to mine visitors’ extra CPU power for cryptocurrency, as pointed out by users on Twitter. The afflicted sites included showtime.com and showtimeanytime.com, but the script has since been removed following reports from Gizmodo and other sites. The crypto mining Javascript is called Coinhive, and according to the site, it was made as an alternative to banner ads as a way for website owners to get around pesky ad-blockers. Ironically, some ad-blockers have now included Coinhive on the list of the banned. The script mines the cryptocurrency known as Monero.

South Korea bans raising money through initial coin offerings

South Korea is following China’s example.

The Financial Services Commission said all kinds of initial coin offerings (ICO) will be banned as trading of virtual currencies needs to be tightly controlled and monitored. “Raising funds through ICOs seem to be on the rise globally, and our assessment is that ICOs are increasing in South Korea as well,” the regulator said in a statement after a meeting with the finance ministry, the Bank of Korea and the National Tax Service.

Inside the Meteoric Rise in ICOs

Learn more about what ICOs are, how they work and why they’re growing.

Rather than looking to traditional angel or venture investors to place capital as an equity investment, companies developing new blockchain-based products and services have turned to the cryptocurrency community to crowdsource the purchase and usage of their token in an ICO. ICOs are similar in some ways to a crowdfunding campaign, but instead of offering a copy of a product like on Kickstarter, or shares of equity in a startup like on Crowdfunder, what is being offered are digital “tokens.” This process of selling new cryptocurrency tokens in an ICO results in funding received via cryptocurrency, most commonly in Bitcoin or Ether.

Development / Design / DIY projects

It’s time to give Firefox another chance

I just installed it and must admit it looks good and at this point renders most pages faster than my Chrome. Official announcement here.

Earlier this week, Mozilla, the nonprofit organization behind Firefox, launched the first beta of Firefox 57. That doesn’t sound like a big deal, but version 57 is the most important Firefox release in years. It’s the culmination of years of work on many of the moving pieces that the user never sees but that allow the browser to quickly display your Gmail inbox, YouTube video or cat forum. To mark the fact that this is such a major release, Mozilla has dubbed this release “Firefox Quantum.”

Advice I Wish I Had Been Given Before Upgrading From AngularJS to Angular 2+

If you’re considering upgrading from AngularJS to Angular 2+ you should read this.

We want to share our experience with you; give you tips and tricks. This is a general guide on what to expect, how to prepare, and when to do what as you’re upgrading your app to Angular 2 and up.

Look What You Made Me Do, Chrome

Cheat your way to a Taylor Swift concert.

For her upcoming concert, Taylor Swift partnered with Ticketmaster to ensure that only legitimate fans can buy tickets. I’d like to say that I’m a true fan who will do the honest work to get a ticket… but I am also a woman with a computer and I like a challenge. I ended up having a lot of fun exploring Chrome Developer Tools and I wanted to share what I learned.

Draggable JS — JavaScript drag and drop library

Draggable is a lightweight, responsive, modern drag and drop JavaScript library — the ideal choice for adding slick native-feeling drag and drop behaviour to your web apps.

Bits and pieces

Twitter now allows double the characters per tweet, 140 extra characters for Trump to harass and insult everybody. Google Cloud acquires cloud identity management company Bitium. Read more about how Signal will allow contact discovery without risking privacy.

Apple macOS High Sierra Exploit Lets Hackers Steal Keychain Passwords in Plaintext. While we’re at it, Apple switched from Bing to Google for Siri web search results on iOS and Spotlight on Mac. Nothing new but here’s a good reminder that you should be careful when posting tickets or ID documents on social media.

Uber stripped of London licence due to lack of corporate responsibility

Just another bad week in Uber’s life.

US ride-hailing company to appeal after Transport for London says it is not a ‘fit and proper’ operator (…) TfL said it had rejected the company’s application to renew its licence because “Uber’s approach and conduct demonstrate a lack of corporate responsibility” in relation to reporting serious criminal offences, obtaining medical certificates and driver background checks. The licensing body also said it was concerned by Uber’s use of Greyball, software that can be used to block regulatory bodies from gaining full access to its app and undertaking regulatory or law enforcement duties.

Google signs agreement with HTC, continuing our big bet on hardware

Looks like Google and HTC will work even closer on the flagship Pixel devices.

With this agreement, a team of HTC talent will join Google as part of the hardware organization. These future fellow Googlers are amazing folks we’ve already been working with closely on the Pixel smartphone line, and we’re excited to see what we can do together as one team. The deal also includes a non-exclusive license for HTC intellectual property.

Forget the duopoly, Apple’s anti-tracking moves rattle digital media

The online advertising game is getting harder and harder with adblockers already, Appel’s last move will definitely not help.

Julie Rezek, North American president at ad agency HackerAgency, said Apple’s restrictions on retargeting data could hurt conversions and reduce reach by making it harder for advertisers to find users who fit specific demographics. Two other ad buyers said Apple’s reduction of third-party tracking will make it harder for them to drive sales and that if their ad performance declines, publishers will ultimately suffer since their CPMs will drop due to a reduction in demand.

Snap blocks Al Jazeera in Saudi Arabia to “comply with local laws”

Censorship strikes again.

So, tl;dr, the law enshrines a regime of total state-control of media. Reporters Without Borders ranks Saudi Arabia as 168th in the World Press Freedom Index, noting in a summary of the country that: “Saudi Arabia has no independent media, the authorities tolerate neither political parties, unions, nor human rights groups, and the level of self-censorship is extremely high. The Internet is the only space where freely-reported information and views can circulate, albeit at great risk to its citizen journalists. ”

Facebook’s war on free will

Thought-provoking piece by The Guardian.

We shouldn’t accept Facebook’s self-conception as sincere, either. Facebook is a carefully managed top-down system, not a robust public square. It mimics some of the patterns of conversation, but that’s a surface trait. In reality, Facebook is a tangle of rules and procedures for sorting information, rules devised by the corporation for the ultimate benefit of the corporation. Facebook is always surveilling users, always auditing them, using them as lab rats in its behavioural experiments. While it creates the impression that it offers choice, in truth Facebook paternalistically nudges users in the direction it deems best for them, which also happens to be the direction that gets them thoroughly addicted. It’s a phoniness that is most obvious in the compressed, historic career of Facebook’s mastermind.

Technology / AI / Blockchain

CCleaner Hacked to Distribute Malware; Over 2.3 Million Users Infected

That awkward moment the software supposed to defend you puts you at risk.

Security researchers from Cisco Talos discovered that the download servers used by Avast to let users download the application were compromised by some unknown hackers, who replaced the original version of the software with the malicious one and distributed it to millions of users for around a month.This incident is yet another example of supply chain attack. Earlier this year, update servers of a Ukrainian company called MeDoc were also compromised in the same way to distribute the Petya ransomware, which wreaked havoc worldwide.

It also looks like the malware was designed to target to big technology firms.

According to a predefined list mentioned in the configuration of the C2 server, the attack was designed to find computers inside the networks of the major technology firms and deliver the secondary payload. The target companies included: Google, Microsoft, Cisco, Intel (…) In the database, researchers found a list of nearly 700,000 backdoored machines infected with the malicious version of CCleaner, i.e. the first-stage payload, and a list of at least 20 machines that were infected with the secondary payload to get a deeper foothold on those systems.

Expanding Facebook AI Research to Montreal

After Google it’s Facebook’s turn to open a research lab in Montreal.

At Facebook, we think artificial intelligence can play a big role in helping bring the world closer together. With that in mind, we’ve been investing in AI research and engineering for many years — and today we’re excited to announce an expansion of those efforts with the opening of a new AI research lab in Montreal. As part of Facebook AI Research (FAIR), this new team will join more than 100 scientists across Menlo Park, New York, and Paris in working to advance the field of artificial intelligence. The Montreal lab will house research scientists and engineers working on a wide range of ambitious AI research projects, but it will also have a special focus on reinforcement learning and dialog systems.

China orders Bitcoin exchanges in capital city to close

As expected, China’s crackdown on Bitcoin continues and intensifies.

All Bitcoin exchanges in Beijing and Shanghai have been ordered to submit plans for winding down their operations by 20 September (…) Chinese authorities decided to ban digital currencies as part of a plan for reducing the country’s financial risks. A website set up by the Chinese central bank warned that cryptocurrencies are “increasingly used as a tool in criminal activities such as money laundering, drug trafficking, smuggling, and illegal fundraising”.

H A R V E S T

Such a brilliant project!

HARVEST is a work of critical engineering and computational climate art. It uses wind-energy to mine cryptocurrency, the earnings of which are used as a source of funding for climate-change research. Taking the form of a 2m wind turbine with environmental sensors, weatherproof computer and 4G uplink, HARVEST ‘feeds’ from two primary symptoms of our changing climate: wind gusts and storms. It does this by transforming wind energy into the electricity required to meet the demanding task of mining cryptocurrency (here Zcash)(…) Rather than filling the digital wallet of the artist, all rewards earned by the HARVEST mining machine are paid out as donations to non-profit climate change research organisations such that they can better study this planetary-scale challenge.

Development / Design / DIY projects

Announcing CoffeeScript 2

CoffeeScript 2 is out!

This new release of the CoffeeScript language and compiler aims to bring CoffeeScript into the modern JavaScript era, closing gaps in compatibility with JavaScript while preserving the clean syntax that is CoffeeScript’s hallmark.

Designing Websites for iPhone X

See how the new iPhone X impacts mobile websites design.

Out of the box, Safari displays your existing websites beautifully on the edge-to-edge display of the new iPhone X. Content is automatically inset within the display’s safe area so it is not obscured by the rounded corners, or the device’s sensor housing.

Astro Pi upgrades on the International Space Station

The Astro Pi units on the International Space Station are being upgraded with WiFi, larger SD card storage, and Earth-observation camera filters!

AR.js: Efficient Augmented Reality for the Web — 60fps on mobile!

Very impressive web-based (runs on any browser with WebGL and WebRTC, based on Three.js) Augmented Reality library!

React.js with WordPress as a Backend: WP REST API Example

Learn how to use Wordpress as a headless CMS with our friends from Snipcart!

Bits and pieces

Apparently Equifax Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed. Here is how a Belgian whitehacker hacked hundreds of companies through their helpdesk. Even two-factor authentication isn’t 100% bulletproof, see how vulnerabilities in mobile networks opened bitcoin wallets to hackers. Distrustful U.S. allies forced spy agency to back down in encryption fight.

Read more about DuckDuckGo, The Solopreneur That Is Beating Google at Its Game. Slack Gets Slice of SoftBank’s $100 Billion Tech Bounty. See how Booking.com manipulates you. Until today Bitcoin has died 144 times, this site collects Bitcoin obituaries from around the web.

See out this fascinating new kind of map. Also check out Rune.js, a JavaScript library for programming graphic design systems with SVG. And finally read more about WebRender.

Why the Equifax breach is very possibly the worst leak of personal info ever

This week’s massive data leak award goes to: Equifax with almost 150 million accounts informations out in the wild!

The breach Equifax reported Thursday, however, very possibly is the most severe of all for a simple reason: the breath-taking amount of highly sensitive data it handed over to criminals. By providing full names, Social Security numbers, birth dates, addresses, and, in some cases, driver license numbers, it provided most of the information banks, insurance companies, and other businesses use to confirm consumers are who they claim to be. The theft, by criminals who exploited a security flaw on the Equifax website, opens the troubling prospect the data is now in the hands of hostile governments, criminal gangs, or both and will remain so indefinitely.It’s the failure to patch a two-month-old critical bug in Apache Struts that led to the massive breach. See what the people from Apache had to say about it. As a result, Equifax is no looking at a multibillion-dollar lawsuit and their security and information executives have been fired (well, they “stepped down”).

The Equifax Breach Exposes America’s Identity Crisis. The New York asked “So, Equifax, I have to ask: Now that you have failed at your one job, why should you be allowed to keep doing it?”.

18F: Digital service delivery | Government launches login.gov to simplify access to public services

I hope this will be more secure than Equifax. Nice initiative, though.

Today, the U.S. Digital Service and 18F are excited to announce the launch of login.gov, a single sign-on solution for government websites that will enable citizens to access public services across agencies with the same username and password.

Silicon Valley’s Politics: Liberal, With One Big Exception

A new Stanford study found that the nation’s tech elite are extremely liberal on most issues — except when it comes to regulation.

Over all, the study showed that tech entrepreneurs are very liberal — among some of the most left-leaning Democrats you can find. They are overwhelmingly in favor of economic policies that redistribute wealth, including higher taxes on rich people and lots of social services for the poor, including universal health care. Their outlook is cosmopolitan and globalist — they support free trade and more open immigration, and they score low on measures of “racial resentment.”

Technology / AI / Blockchain

China has banned ICOs

While the rest of the world struggles to regulate ICOs, China had decided to ban them altogether (causing Bitcoin to drop almost 20% in the process).

It is looking like a new era is coming for ICOs, at least those in China for now. In the U.S., the SEC has issued official warnings around the risks of ICOs, also known as token sales, but the Chinese government looks set to beat it to implementing regulation around the rapidly growing fundraising option. A notice from a committee led by China’s central bank today announced an immediate ban on ICO funding (…) the committee has prepared a list of 60 exchanges which will be subject to inspection and a report. In the meantime, there will be an ICO freeze in China.

Update: Chinese authorities have now also ordered domestic bitcoin exchanges to shut down.

China Fossil Fuel Deadline Shifts Focus to Electric Car Race

China will set a deadline for automakers to end sales of fossil-fuel-powered vehicles, becoming the biggest market to do so in a move that will accelerate the push into the electric car market.

The world’s second-biggest economy, which has vowed to cap its carbon emissions by 2030 and curb worsening air pollution, is the latest to join countries such as the U.K. and France seeking to phase out vehicles using gasoline and diesel. The looming ban on combustion-engine automobiles will goad both local and global automakers to focus on introducing more zero-emission electric cars to help clean up smog-choked major cities.

Development / Design / DIY projects

How-to build a Raspberry Pi touch screen car computer

Build your own Tesla like car computer with a Rasberry Pi.

What every software engineer should know about search

Want to build or improve a search experience? Start here.

An Introduction to Managing Secrets Safely with Version Control Systems

Here’s your guide to managing secrets and keys with Version Control Systems.

Although it is important to save your code in source control, it it is equally important for some project assets to be kept out of your repository. Certain data like binary blobs and configuration files are best left out of source control for performance and usability reasons. But more importantly, sensitive data like passwords, secrets, and private keys should never be checked into a repository unprotected for security reasons.

A collection of (mostly) technical things every software developer should know

A collection of (mostly) technical things every software developer should know.

Bits and pieces

A lot of cybersecurity content this week. A critical Bluetooth Flaws Put Over 5 Billion Devices At Risk Of Hacking. See how you can have fun Boeing’s 787 In Flight Entertainment System. If you’re serious about security, check out this article about understanding the prevalence of web traffic interception. And finally, learn more about Mastercard’s Internet Gateway Service and its Hashing Design Flaw.

Breaking Down the HBO Hacks: From Game of Thrones To a Twitter Takeover

It’s been a brutal month of hacks for HBO, here’s a wrap-up of everything that happened. There’s no GoT spoilers, I promise!

The company kicked off August with an apparently massive breach of its servers, in which hackers pilfered everything from full episodes of unreleased shows to sensitive internal documents. Not long after, in separate and distinct incidents, two episodes of Game of Thrones leaked out early. And Thursday, hacker group OurMine hijacked HBO’s main Twitter account, along with those of several HBO shows. It’s been a hell of a couple of weeks.#### The Chicago Way: An Electronic Voting Firm Exposes 1.8M Chicagoans

This week’s data leak:

UpGuard’s Cyber Risk Team can now disclose that a data repository owned and operated by Omaha-based voting machine firm Election Systems & Software (ES&S) was left publicly downloadable on a cloud-based storage site, exposing the sensitive data of 1.8 million Chicago voters. The database, which included voter names, addresses, phone numbers, driver’s license numbers, and partial Social Security numbers, appeared to have been produced around the time of 2016 general election for the Chicago Board of Election Commissioners, an ES&S customer since 2014.

While California is teaching inmates to code, other states ban them from teaching themselves

Why would you ban books that could help inmates earn an honest living when they get out of jail?

While California is teaching inmates to code, other states ban them from teaching themselves. Ohio and Michigan prisons ban books teaching programming skills on grounds they’re a “threat to order and security” (…) Lists of banned books acquired by MuckRock through public records requests show that Ohio and Michigan prisons ban books that aim to teach computer programming skills. Their decisions to ban educational texts related to programming, alongside erotica and literature published by neo-nazi groups, are in stark contrast with practices in other states and countries, where prisons include coding in educational programs.

What is the alt right? A linguistic data analysis of 3 billion Reddit comments shows a disparate group that is quickly uniting

Fascinating (yet depressing) taxonomy of trolls: the 4chan shitposters, the Anti-progressive gamers, the Men’s rights activists, the Anti-globalists and the White supremacists.

The alt-right isn’t one group. They don’t have one coherent identity. Rather, they’re a loose collection of people from disparate backgrounds who would never normally interact: bored teenagers, gamers, men’s rights activists, conspiracy theorists and, yes, white nationalists and neo-Nazis. But thanks to the internet, they’re beginning to form a cohesive group identity. And I have the data to prove it.

A Hunt for Ways to Combat Online Radicalization

There are similarities between how Islamists and white nationalists operate online, researchers said. How can we prevent them from recruiting?

Even though Islamists and white nationalists have different views and motivations, there are broad similarities in how the two operate online — including how they spread their message, recruit and organize offline actions. The similarities suggest a kind of blueprint for a response — efforts that may work for limiting the reach of jihadists may also work for white supremacists, and vice versa. (…) The first step in combating online extremism is kind of obvious: It is to recognize the extremists as a threat. (…) If tech companies are finally taking action to prevent radicalization, is it the right kind of action? Extremism researchers said that blocking certain content may work to temporarily disrupt groups, but may eventually drive them further underground, far from the reach of potential saviors.

We Live in Fear of the Online Mobs

Reading this I had to think of So You’ve Been Publicly Shamed by Jon Ronson.

James Damore, the author of the notorious Google memo, has had his 15 minutes of fame. In six months, few of us will be able to remember his name. But Google will remember — not the company, but the search engine. For the rest of his life, every time he meets someone new or applies for a job, the first thing they will learn about him, and probably the only thing, is that he wrote a document that caused an internet uproar. The internet did not invent the public relations disaster, or the summary firing to make said disaster go away. What the internet changed is the scale of the disasters, and the number of people who are vulnerable to them, and the cold implacable permanence of the wreckage they leave behind.

AT&T’s slow 1.5Mbps Internet in poor neighborhoods sparks complaint to FCC

Yet another proof that net neutrality matters.

AT&T is facing a complaint alleging that it discriminates against poor people by providing fast service in wealthier communities and speeds as low as 1.5Mbps in low-income neighborhoods. The formal complaint filed today with the Federal Communications Commission says that AT&T is violating the Communications Act’s prohibition against unjust and unreasonable discrimination. That ban is part of Title II, which is best known as the authority used by the FCC to impose net neutrality rules. But as we’ve explained before, Title II also contains important consumer protections that go beyond net neutrality, such as a ban on discrimination in rates, practices, and offerings of services.

Technology / AI / Blockchain

Cryptocurrencies Aren’t Currencies. They Aren’t Stocks, Either

Interesting perspective on the explosion of cryptocurrencies.

Their name tells us that cryptocurrencies like bitcoin are meant to be currencies: tokens of exchange used to purchase goods and services. Yet even a quick glance at the most heavily trafficked cryptocurrency news sources certainly wouldn’t give that impression. Instead, their coverage gives you the impression that what people are most interested in is trading cryptocurrencies — trading, the way we trade other securities, especially stocks.

Enigma ICO Heist Robs Nearly $500,000 in Ethereum From Investors

An ultra-secure company that didn’t use no two-factor authentication? You must be kidding…

Enigma prides itself on ultra-secure products. The company’s Catalyst platform protects financial info with a cutting-edge combination of blockchain-inspired privacy technology and cryptography. So it comes as no small surprise that on Monday, scammers took over the company’s website, mailing lists, and Slack accounts by exploiting some extremely basic security mistakes Enigma had made. The blunders also facilitated a scam that ultimately cost Enigma supporters almost $500,000.

We’re rewiring the Internet for freedom.

Fascinating piece about refraction networking and how it could help people escape internet censorship.

For the last two years, a team of engineers and researchers has quietly been working to develop new technology for Internet freedom. Today, we are pleased to share results from the first large-scale field trial of refraction networking, a fundamentally new way to help people around the world learn and communicate online in the face of censorship. We served more than 50,000 users, for more than a week, by deploying refraction networking at partner ISPs.

Estonia could offer ‘estcoins’ to e-residents

Some people still ask themselves if cryptocurrencies are here to stay while Estonia might become for first country to issue their own crypto tokens.

Estonia could offer ‘estcoins’ to e-residents. The proposal to issue crypto tokens would make the Republic of Estonia the first country with an Initial Coin Offering (ICO). (…) Estcoins’ could be managed by the Republic of Estonia, but accessed by anyone in the world through its e-Residency programme and launched through an Initial Coin Offering (ICO).

Chill: Robots Won’t Take All Our Jobs

Are we overreacting? Will robots really take all our jobs? Find out in this thought provoking piece by Wired.

It’s a dramatic story, this epoch-defining tale about automation and permanent unemployment. But it has one major catch: There isn’t actually much evidence that it’s happening. (…) that impact is far more nuanced and limited than the doomsday forecasts suggest. A rigorous study of the impact of robots in manufacturing, agriculture, and utilities across 17 countries, for instance, found that robots did reduce the hours of lower-skilled workers — but they didn’t decrease the total hours worked by humans, and they actually boosted wages. In other words, automation may affect the kind of work humans do, but at the moment, it’s hard to see that it’s leading to a world without work.

A Beginner’s Guide to AI/ML 🤖👶

The ultimate guide to machine learning. Simple, plain-English explanations accompanied by math, code, and real-world examples.

WTF is Ethereum?

Great illustrated guide to understand why Ethereum is not just another cryptocurrency.

Although ‘Bitcoin’ and ‘Ethereum’ are terms that are often paired together, the reality is that they are vastly different. The only thing Ethereum shares with Bitcoin is that it’s a cryptoasset running on top of blockchain. Instead of being just a cryptocurrency, like Bitcoin, Ethereum also has features which effectively makes it a huge decentralized computer.

Development / Design / DIY projects

Analyzing Cryptocurrency Markets Using Python

Guide for a data-driven approach to cryptocurrency (Bitcoin, Ethereum, Litecoin, Ripple etc.) market analysis and visualization using Python. It’s fairly technical.

How Recursion Works — explained with flowcharts and a video

I’ve always struggled a little with recursion, this is a very clear explanation with flowcharts.

Hack Chip: An Uber Portable Hacking Powerhouse

I’ve shared a lot of articles about Arduino and Raspberry Pi projects but this one is a mind-blowing use of the Pocket C.H.I.P.

After setting the system up to his liking, he got the good stuff by first install Aircrack-ng for sniffing out wireless networks and basic cracking. He already had an Ubertooth One on hand (though they cost almost twice as much as the Pocket CHIP itself), so he added that, a Bluetooth dongle, and BlueHydra for attacking Bluetooth devices.

Building a Serverless E-Commerce App with AWS Lambda, Stripe and React

How to quickly and easily set up a simple e-commerce site.

We build a serverless e-commerce app using AWS Lambda, Stripe and React ensuring your website is ready for such traffic peaks.(…)The bullet-proof, low-cost solution is based on a serverless architecture.

Your serverless Raspberry Pi cluster with Docker

Learn how to deploy Docker Swarm to create a Raspberry Pi cluster then turn it into a serverless super-computer with the OpenFaaS framework for Docker.

Bits and pieces

Forms on the web don’t usually play nice with bad connections. Here’s how you might fix that. Check out Preact, a JavaScript library that describes itself as a fast 3kB alternative to React with the same ES6 API.

Have you ever wanted to use Google Spreadsheets as your data backend? Check out pdf-bot: a Node queue API for generating PDFs using headless Chrome (comes with a CLI, S3 storage and webhooks for notifying subscribers about generated PDFs).

Read the Brief History of Open Source from the Netflix Cloud Security Team. See how Bitmain’s going from bitcoin mining to artificial intelligence. This guy built a chatbot in 2 hours and this is what he learned.

When the New York Times crossword got too popular they moved it to Google App Engine. And finally create your very own cryptocurrency with Build-a-Coin.

This week we’ve had the imminent threat of a nuclear war with North Korea, white supremacists walking down the streets with tiki torches and nazi flags and a president Trump that didn’t say or do anything to really help with any of this. Here’s a little summary of what’s been published this week.

Amateur Sleuths Aim to Identify Charlottesville Marchers, but Sometimes Misfire

People started identifying white supremacists online to make sure they’d be shamed, lose their job and ultimately prevent them from protesting in the future. Unfortunately, in some cases the wrong people were identified and that’s a problem.

An Arkansas professor 1,100 miles away from the white nationalist gathering in Virginia woke up to find himself wrongly exposed as a racist. Then the online abuse began.

Tech Companies Have the Tools to Confront White Supremacy

We have the tools but do we have the will? Some companies are leading the way, as we’ll see just under.

As the tech industry walks the narrow path between free speech and hate speech, it allows people with extremist ideologies to promote brands and beliefs on their platforms, as long as the violent rhetoric is swapped out for dog whistles and obfuscating language. All the while, social media platforms allow these groups to amass and recruit followers under the guise of peaceful protest.

Google canceled the domain registration for a neo-Nazi website that GoDaddy also banned

Long story short: almost everybody dropped the Daily Stormer!

After publishing a horrible piece about Heather Heyer, Go Daddy gave 24 hours to the Daily Stormer to find a new domain provider. They moved to Google and they cancelled the domain registration too.

They later found a new (Russian domain) but got their DDoS protection by Cloudfare dropped too. Cloudfare has been know to be free-speech absolutists but this crossed the line, their CEO Matthew Prince gave an explanation here. The last episode in date was Spotify (finally — after those bands were flagged 3 years ago) removing white power bands from the catalog.

This of course raised concerns and the EFF published a thought provoking article about Fighting Neo-Nazis and the Future of Free Expression.

All fair-minded people must stand against the hateful violence and aggression that seems to be growing across our country. But we must also recognize that on the Internet, any tactic used now to silence neo-Nazis will soon be used against others, including people whose opinions we agree with.*And finally, don’t think that protesting Trump will go unnoticed, Dreamhost is currently fighting the Department of Justice: The California-based company is resisting a Department of Justice warrant that demands it hand over all files related to DisruptJ20.org, a website created by one of its customers to plan and announce actions intended to interrupt President Trump’s inauguration.

Trump Abandons Plan for Council on Infrastructure

President Donald Trump will apparently not move forward with a planned Advisory Council on Infrastructure. Would it be the result of more CEOs leaving him?

The infrastructure council, which was still being formed, would have advised Trump on his plan to spend as much as $1 trillion upgrading roads, bridges and other public works. Its cancellation follows Trump’s announcement Wednesday that he was disbanding two other business advisory panels.After Elon Musk and Disney CEO Bob Iger it’s Intel’s, Merck’s and Under Armour’s CEOs turn to leave the American Manufacturing Council over Trump’s response to Charlottesville. This resulted in the disbanding of the Strategic and Policy Forum and American Manufacturing Council.

For a while CEOs avoided to get involved in politics, but this seems to be changing. Very curious to see where all of this will bring us in the coming weeks and months.

Around the web

Amazon lost $5 billion in value after a sort-of accurate Trump tweet

Isn’t it scary how easy it is for a tweet to destroy a company? In the case of Amazon, they’ll survive but think about smaller businesses…

All it took was 137 characters at 6:12 a.m. for Amazon’s valuation to drop more than $5 billion on Wednesday.

Netflix Co-Founder’s Crazy Plan: Pay $10 a Month, Go to the Movies All You Want

I’m really curious to see if this will work. We had this when I was in college but it didn’t last, at least I got to see the first Harry Potter movies at least 5 times!

Lowe, an early Netflix Inc. executive who now runs a startup called MoviePass, plans to drop the price of the company’s movie ticket subscriptions on Tuesday to $9.95. The fee will let customers get in to one showing every day at any theater in the U.S. that accepts debit cards. MoviePass will pay theaters the full price of each ticket used by subscribers, excluding 3D or Imax screens.

Technology / AI / Blockchain

China’s Plan for World Domination in AI Isn’t So Crazy After All

The race to the top (of the AI mountain) continues and China seems to be leading.

The nation is betting heavily on AI. Money is pouring in from China’s investors, big internet companies and its government, driven by a belief that the technology can remake entire sectors of the economy, as well as national security. A similar effort is underway in the U.S., but in this new global arms race, China has three advantages: A vast pool of engineers to write the software, a massive base of 751 million internet users to test it on, and most importantly staunch government support that includes handing over gobs of citizens’ data –- something that makes Western officials squirm.

The Blockchain Problem Space

An engineering breakdown on when to choose blockchain and how to compare it to other databases and distributed systems.

Decentralization is not free and must be a fundamental requirement of your product to justify its use. If it’s simply a cool twist on an existing concept, the non-decentralized version is always going to be better as it does not have to deal with the same constraints.

Here’s What Goldman Is Telling Big Money Clients About Bitcoin

I bet their clients wish they’d tell them to buy Bitcoins or not.

Goldman Sachs Group Inc. is acknowledging that it’s getting harder for institutional investors to ignore the cryptocurrency market with total assets ballooning to $120 billion and bitcoin soaring more than 200 percent this year. “Whether or not you believe in the merit of investing in cryptocurrencies (you know who you are), real dollars are at work here and warrant watching,” analysts including Robert Boroujerdi and Jessica Binder Graham wrote in a Q&A sent to clients.

An Algorithm Trained on Emoji Knows When You’re Being Sarcastic on Twitter

Understanding sarcasm could help AI fight racism, abuse, and harassment. This MIT algorithm uses Emoji to understand context better.

Detecting the sentiment of social-media posts is already useful for tracking attitudes toward brands and products, and for identifying signals that might indicate trends in the financial markets. But more accurately discerning the meaning of tweets and comments could help computers automatically spot and quash abuse and hate speech online (…)“Because we can’t use intonation in our voice or body language to contextualize what we are saying, emoji are the way we do it online,” says Iyad Rahwan, an associate professor the MIT Media lab who developed the algorithm with one of his students, Bjarke Felbo. “The neural network learned the connection between a certain kind of language and an emoji.”

Development / Design / DIY projects

Blockchain Signaling System

Very interesting approach to tackle the ever growing DDoS plague.

The idea of this project is to use blockchain and software-defined networking to provide such collaborative defense reducing the complexity of existing distributed protocols and architectures for gossiping DDoS attacks information. While blockchain simplifies existing approaches with an out-of-the-box distributed infrastructure to broadcast addresses without the need to build specialized registries or other distribution mechanisms/protocols, software-defined networks can optimize the management of flows in response to attacks.

APIs as infrastructure: future-proofing Stripe with versioning

Great piece about how Stripe manages APIs versioning and evolution.

an API represents a contract for communication that can’t be changed without considerable cooperation and effort. Because so many businesses rely on Stripe as infrastructure, we’ve been thinking about these contracts since Stripe started. To date, we’ve maintained compatibility with every version of our API since the company’s inception in 2011. In this article, we’d like to share how we manage API versions at Stripe.

Web fonts: when you need them, when you don’t

Spoiler alert: in many cases system fonts will do great! But not always ;)

I’m not a fan of sweeping statements like you “should” or “shouldn’t” use web fonts, but I think there should be some sort of guidelines to help people decide whether or not to use them.

Your Body Text Is Too Small

Who hasn’t struggled with text sizes on websites?

Body text is the key component in communicating the main bulk of a message or story, and it’s probably the most important element on a website, even if people sometimes read just the headlines. Why would we limit the effectiveness of body text by minimizing its size to a browser-default that’s now over 20 years old, even on large displays?!

Can Augmented Reality solve Mobile Visualization?

If you ever worked with data visualization on mobile you know the eternal struggle with the lack of screen real estate. Looks like Augmented Reality might be able to help out.

Data visualization on mobile devices seemed promising, since the time of the first iPhone: very capable portable computers! Innovative touch interaction! Highly localized content! Hundreds of visualizations for mobile devices exist, both as apps and part of daily news content. But there’s one major problem that mobile visualizations couldn’t shake yet: There’s just never enough space.

Bits and pieces

Check out BinaryAlert: Serverless, Real-time & Retroactive Malware Detection (by airbnb). And here is a brief walk-through tutorial that illustrates how to crack Wi-Fi networks that are secured using weak passwords. Quick follow-up on last week’s story about hacking computers with DNA (by UW). Speaking of security, you might want to update your version control system if it’s Git, SVN or Mercurial.

Make your use of headless Chrome easier with Puppeteer, the Headless Chrome Node API. See How Europe’s push for Open Banking is forcing banking apps to improve their UX. Learn See how you can implement OpenPGP on the front-end side. Check out the Trending Developer Skills, Based on the Analysis of “Ask HN: Who’s Hiring?”.

Scary thought, apparently 72% of Consumers Don’t Know What Net Neutrality Is. She’s An Ex-Google Woman Tech Leader And she’s Sick Of Our Approach To Diversity!

The Uber Dilemma, your weekly dose of game theory. And read The Future Since 1999 (by Doc Searls), most of it is still very much on point! And last, but not least, you HAVE to check out the One Hostname to Rule Them All!

Google fires engineer who “crossed the line” with diversity memo

Unless you live on another planet, you’ll have heard about that Google engineer who wrote a controversial essay arguing that the company has gone overboard in its attempts to promote diversity. Well he got fired and everybody has an opinion about it.

“At Google, we’re regularly told that implicit (unconscious) and explicit biases are holding women back in tech and leadership,” Damore wrote in an internal posting that went viral within the company over the weekend. (…) Biology is partly responsible for differences between men and women, Damore wrote, and “these differences may explain why we don’t see equal representation of women in tech and leadership.” Google condemned the post after it became public on Saturday. Danielle Brown, Google’s vice president of diversity, integrity, and governance, wrote in a response to Google employees that it “advanced incorrect assumptions about gender” and is “not a viewpoint that I or this company endorses, promotes, or encourages.”

The Marcus Hutchins Case Could Set a Dangerous Precedent For White Hat Hackers

Whitehat hackers navigate in gray areas where something they might consider legitimate investigation or essential software development could, in the eyes of the law, be seen as criminal behavior.

Security experts who have read the federal indictment and those familiar with Hutchins’ work expressed skepticism at the suggestion that he intentionally created and distributed a malicious tool. Many security researchers consider the case a stark reminder that those who do not understand the nature or context of their work might question their intentions. “Security researchers live in fear their contributions will be misinterpreted by the FBI [or] prosecutors,” says Robert Graham, an analyst with the cybersecurity firm Erratasec.

Microsoft Chatbot Trolls Shoppers for Online Sex

Finally a useful non-marketing related chatbot that makes sense!

The chatbot, tested recently in Seattle, Atlanta, and Washington, lurks behind fake online ads for sex posted by nonprofits working to combat human trafficking, and responds to text messages sent to the number listed. The software initially pretends to be the person in the ad, and can converse about its purported age, body, fetish services, and pricing. But if a would-be buyer signals an intent to purchase sex, the bot pivots sharply into a stern message.

The Walt Disney Company to Acquire Majority Ownership of BAMTech

Sad day: Walt Disney will be dropping their distribution agreement with Netflix in 2019.

The Walt Disney Company announced today that it has agreed to acquire majority ownership of BAMTech, LLC and will launch its ESPN-branded multi-sport video streaming service in early 2018, followed by a new Disney-branded direct-to-consumer streaming service in 2019. (…) Disney will pay $1.58 billion to acquire an additional 42% stake in BAMTech — a global leader in direct-to-consumer streaming technology and marketing services, data analytics, and commerce management — from MLBAM, the interactive media and Internet company of Major League Baseball.

To Protect Voting, Use Open-Source Software

Very interesting perspective on how to make elections more secure.

Since the debacle of the 2000 election (remember hanging chads?) American election machinery has been improved to reduce the chances of mis-tallying votes, outright fraud and attacks by hackers. These improvements brought with them a new concern: lack of software security. Most voting machines’ software can now be easily hacked. This is in large part because the current voting systems use proprietary software based on Microsoft’s operating system. (…) Open-source systems are tried and tested. A majority of supercomputers use them. The Defense Department, NASA and the United States Air Force all use open-source systems, because they know this provides far more security. Every step in our voting process should use software that follows these examples.

And if you’re interested, see How the Vote Hacking Was Done at DefCon25.

Technology / AI / Blockchain

Malicious code into DNA infects the computer that reads it

Mind blowing: a team of biologists and security researchers have successfully infected a computer with a strand of DNA!

Accordingly, they made the leap plenty of sci-fi writers have made in the past, and that we are currently exploring via tools like CRISPR: DNA is basically life’s file system. The analysis programs are reading a DNA strand’s bases (cytosine, thymine etc, the A, T, G, and C we all know) and turning them into binary data. (…) All you really need to know about the transcription application is that it reads the raw data coming from the transcription process and sorts through it, looking for patterns and converting the base sequences it finds into binary code.

Russia’s ‘Fancy Bear’ Hackers Used Leaked NSA Tool ‘Eternal Blue” to Target Hotel Guests

Eternal Blue strikes again. This time it’s Russian hackers using it to capture high-value hotel guests’ data.

FireEye says those hackers (…)have begun to use EternalBlue, the leaked NSA hacking tool, as one technique to broaden their control of hotel networks after gaining an initial foothold via phishing or other techniques. Disturbingly, once those hackers take control of hotels’ Wi-Fi, they’re using that access to harvest victim computers’ usernames and passwords silently, with a trick that doesn’t even require users to actively type them when signed onto the hotel network.

DeepMind and Blizzard open StarCraft II as an AI research environment

Very curious to see what will get out of this!

Along with our partner Blizzard Entertainment, we are excited to announce the release of the Starcraft II Learning Environment (SC2LE), a suite of tools that we hope will accelerate AI research in the real-time strategy game and make it easier for researchers to focus on the frontiers of our field.

Meet ‘Spoofy’. How a Single entity dominates the price of Bitcoin.

Regulation is necessary before Bitcoin (and other cryptocurrencies) can be used as part of a real financial system.

This story is about a trader, or a group of traders, or possibly even Bitfinex themselves manipulates the price of Bitcoin. The past few months I’ve slowly collected screenshots of a trader I like to call ‘Spoofy’. You’ll see evidence of spoofing, wash trading, a sketchy scheme associated closely with Bitfinex known as ‘Tether’ among other shenanigans. Spoofy makes the price go up when he wants it to go up, and Spoofy makes the price go down when he wants it to go down, and he’s got the coin… both USD, and Bitcoin of course to pull it off, and with impunity on Bitfinex.

Fortunately some people are working on it and I’m happy to see that Coinbase just raised $100M in their mission to create an open financial system for the world.

Also despite S.E.C. Warning, Wave of Initial Coin Offerings keeps growing and Filecoin Suspends ICO After Raising $186 Million in One Hour Clogs the System.

Development / Design / DIY projects

Compression Decompressed

The basics of data compression and how Youtube, Netflix and Spotify stream your stuff.

Bootstrap 4 Beta is out

Apparently the most popular HTML, CSS, and JS framework in the world (not my word, theirs) has a new version out. Looks great!

wtfjs: A list of funny and tricky JavaScript examples

We all know how messed up Javascript can get sometimes. Here is a list of funny and tricky JavaScript examples.

To go or not to go React Native

Everything you need to keep in mind before you decide to go (or not go) with React Native.

UX brutalism

Amazing! A brutalist framework for every step of your UX design process.

Learn regex the easy way

Learn regex the easy way, seriously!

Bits and pieces

Africa entered the space race and the GhanaSat-1―Ghana’s first satellite―began its orbit recently! NASA wrote back to a 9-year-old boy who applied for (the awesome) planetary protection officer job and it’s the cutest thing ever.

Ten Members of Congress rake FCC over the coals in official net neutrality comment. See how Google Analytics Codes Unearthed a Network of South African Fake News Sites.

Facebook PSA: faster loading webpages will soon show first in the newsfeed. Hopefully this helps if Google blacklisted your site for being too lefty or progressive. Also read Backchannel’s investigation: How Palantir, Peter Thiel’s Secretive Data Company, Pushed Its Way Into Policing.

Someone tested the top VPN providers to find the best ones — and which ones you should avoid. Check out how to deconstruct and identify basic and advanced backdoors. This brings us to this alarming news for people using Cb Response. Also Salesforce “red team” members presenting tool at Defcon, got fired for announcing their internal attack tool going public. And finally, The man who put us through password hell regrets everything!

WannaCry-Stopping Hacker MalwareTech Arrested For Helping Write Kronos Banking Trojan

BREAKING! Remember that guy everybody thought was a hero and a white hacker? Well, nope! And this is why we can’t have nice things…

Marcus Hutchins entered the pantheon of hacker heroes for stopping the WannaCry ransomware attack that ripped through the internet and paralyzed hundreds of thousands of computers. Now he’s been arrested and charged with involvement in another mass hacking scheme (…) Yesterday authorities detained 22-year-old Hutchins after the Defcon hacker conference in Las Vegas as he attempted to fly home to the UK (…) the Department of Justice unsealed an indictment against Hutchins, charging that he created the Kronos banking trojan, a widespread piece of malware used to steal banking credentials for fraud. He’s accused of intentionally creating that banking malware for criminal use, as well as being part of a conspiracy to sell it for $3,000 between 2014 and 2015 on cybercrime market sites such as the now-defunct AlphaBay dark web market.

After Meg Whitman’s exit, Uber’s CEO search is down to only male candidates

It’s hard to spend a week without hearing about Amazon or Uber drama…

According to sources, that top leader is not going to be a woman, as the board of the car-hailing company struggles to move forward. To add to the drama: Some directors worry that its former CEO Travis Kalanick — who was ousted — is trying to game the outcome in his favor, after he told several people that he was “Steve Jobs-ing it.” It is a reference to the late leader of Apple, who was fired from the company, only to later return in triumph.

The Inside Story Of SoundCloud’s Collapse

Fascinating (and sad) recollection of what happened to SoundCloud.

SoundCloud was once a platform beloved by listeners and creators, whose leaders hoped to revolutionize the music industry. Hamstrung by management mistakes and fierce competition, they never did. Here’s the story of how it all came crashing down.

But What does it mean if someone can delete hundreds and thousands of hours of sound culture overnight? See Jenna Wortham’s interesting take on the matter.

Reddit raised $200 million in funding and is now valued at $1.8B

Didn’t see that one coming but curious to see what they’ll come up with. A redesign is definitely a good thing haha!

Reddit has raised $200 million in new venture funding and is now valued at $1.8 billion, according to CEO Steve Huffman. The new funding round, the company’s largest ever, should expedite a number of internal product and business efforts, including a redesign of its homepage and its first foray into user-uploaded video (…)T he money comes courtesy of a number of well-known Silicon Valley investors, including firms like Andreessen Horowitz and Sequoia Capital, and individual investors like Y Combinator President Sam Altman (also a board member) and SV Angel’s Ron Conway.

How many people use Twitter every day?

Twitter talks a lot about Daily Active User growth but doesn’t break out any hard numbers as they added zero users last quarter!

On the DAU, front, Twitter’s user growth looks good, which is a key reason it’s focusing on that figure. When Twitter reported earnings Thursday, the company said its daily user base grew 12 percent in Q2 over the same period last year, marking the third straight quarter that DAU growth was in the double digits. (Twitter’s MAU growth, for comparison, was just 5 percent year over year, and the company didn’t add any new users in Q2.)There’s just one problem with this DAU focus: Twitter doesn’t actually share how many daily users it has. Which makes 12 percent growth hard to appreciate. That’s 12 percent growth from what?

Later in the week, Twitter’s stock price also rised after unlikely Google buyout rumours.

Google’s new program to track shoppers sparks a federal privacy complaint

It was just a matter of time before this happened.

A prominent privacy rights watchdog is asking the Federal Trade Commission to investigate a new Google advertising program that ties consumers’ online behavior to their purchases in brick-and-mortar stores. The legal complaint from the Electronic Privacy Information Center, to be filed with the FTC on Monday, alleges that Google is newly gaining access to a trove of highly sensitive information — the credit and debit card purchase records of the majority of U.S. consumers — without revealing how they got the information or giving consumers meaningful ways to opt out. Moreover, the group claims that the search giant is relying on a secretive technical method to protect the data — a method that should be audited by outsiders and is likely vulnerable to hacks or other data breaches.

Joining Apple, Amazon’s China Cloud Service Bows to Censors

After Apple (pulling 60 VPNs from China App Store), it’s Amazon’s turn to bow before China’s censors.

A Chinese company that operates Amazon’s cloud-computing and online services business there said on Tuesday that it told local customers to cease using any software that would allow Chinese to circumvent the country’s extensive system of internet blocks. The company, called Beijing Sinnet Technology and operator of the American company’s Amazon Web Services operations in China, sent one round of emails to customers on Friday and another on Monday.“If users don’t comply with the guidance, the offered services and their websites can be shut down,” said a woman surnamed Wang who answered a Sinnet service hotline. “We the operators also check routinely if any of our users use these softwares or store illegal content.”

Amazon’s new refunds policy will ‘crush’ small businesses, say sellers

Speaking of Amazon, here is your weekly update. Good news for customers but bad news for sellers and small businesses.

Amazon sellers are up in arms over a new returns policy that will make it easier for consumers to send back items at the merchant’s expense. Marketplace sellers who ship products from their home, garage or warehouse — rather than using Amazon’s facilities — were told this week by email that starting Oct. 2, items they sell will be “automatically authorized” for return. That means a buyer will no longer need to contact the seller before sending an item back, and the merchant won’t have the opportunity to communicate with the customer. If a consumer is returning an electronic device because it’s difficult to use, for example, the seller won’t be able to offer help before being forced to pay a refund.

Technology / AI / Blockchain

Hyperloop One Successfully Tests Its Pod For the First Time

What a great time to be alive!

The Los Angeles company leading the race to fulfill Elon Musk’s dream of tubular transit tested its pod for the first time last weekend. That pod is 28 feet long and made of aluminum and carbon fiber. It looks a bit like a bus with a beak. A fast bus with a beak. Once loaded into a 1,600-foot-long concrete tube in the Nevada desert, the pod hit 192 mph in about 5 seconds, using an electric propulsion system producing more than 3,000 horsepower.

Why the heck Bitcoin ‘might’ split in two?

I realize that many people were a little confused about what that Bitcoin split and “civil war” meant. Here is a very clear explanation, in plain English :)

There’s a lot of fuss in the bitcoin community about what will happen on August 1. Will the cryptocurrency split into two new ones? Will it not? What is BIP 91? What is BIP 148? What is SegWit? The incredibly significant date is just around the corner but there are still so many unanswered questions!

The Top 10 Cryptocurrency Resources for Non-Technical People

Again, I know non-technical people sometimes struggle with cryptocurrencies so here are a couple of great resources to get started!

It starts with a high level overview of Bitcoin and the associated blockchain, getting into the basics of how it works technically, and looking at the long-term implications. It then branches into blockchains more generally, Ethereum and eventually other cryptocurrencies and “appcoins.”

AMD shares are soaring: Ethereum miners are renting Boeing 747s to ship graphics cards to mines

Insane modern age gold rush, crypto miners are trying to get as many GPUs as they can.

(AMD) share price jumped after it beat revenue estimates thanks to cryptocurrency miners snapping up the firm’s graphics cards. Shares rose 11% after the chip company announced earnings on July 25, but the firm’s stock is up 152% over the last 12 months, making it the fourth best performer on the S&P 500, CNBC reported. (…) Crypto miners — in particular those mining ethereum, the second largest cryptocurrency by market valuation behind bitcoin (…) are racing to take advantage of ethereum’s exploding price by adding more processing power to their mines. Some of them are even resorting to leasing Boeing 747s to fly the increasingly scarce graphics processors from AMD and Nvidia directly to their ethereum mines so they can be plugged in to the network as quickly as possible.

Artificial Intelligence Is Stuck. Here’s How to Move It Forward.

Artificial intelligence is trendy and cool but we still have a long way to go before computers can truly educate themselves.

To get computers to think like humans, we need a new A.I. paradigm, one that places “top down” and “bottom up” knowledge on equal footing. Bottom-up knowledge is the kind of raw information we get directly from our senses, like patterns of light falling on our retina. Top-down knowledge comprises cognitive models of the world and how it works.

In a Robot Economy, All Humans Will Be Marketers

Interesting perspective on how robots will force a lot of people to switch to marketing jobs.

The fear that robots, or more generally smart software, will put us all out of work is one of dominant economic memes of our time. But that fear is misplaced. We’re unlikely to see mass unemployment; rather, workers will shift into new economic sectors (…) The real risk is that the robots will push too many of us into less socially productive jobs — especially those in marketing. (…) Consider the general logic of labor substitution. Machines and software are often very good at “making stuff” and, increasingly, at delivering well-defined services, such as when Alexa arranges a package for you. But machines are not effective at persuading, at developing advertising campaigns, at branding products or corporations, or at greeting you at the door in a charming manner, as is done so often in restaurants, even if you order on an iPad. Those activities will remain the province of human beings for a long time to come.

Development / Design / DIY projects

Data Structures for Coding Interviews: Computer Science in Plain English

Finally, a dead-simple explanation of CS data structures (linked lists, hash maps, etc.). No CS degree necessary. No proofs, and no confusing academic jargon.

Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface

Modern websites are browsed through a lens of transparent systems built to enhance performance, extract analytics and supply numerous additional services. This almost invisible attack surface has been largely overlooked for years. In this paper, I’ll show how to use malformed requests and esoteric headers to coax these systems into revealing themselves and opening gateways into our victim’s networks. I’ll share how by combining these techniques with a little Bash I was able to thoroughly perforate DoD networks, trivially earn over $30k in vulnerability bounties, and accidentally exploit my own ISP.

Chrome automation made simple. Runs locally or headless on AWS Lambda.

Chrome automation made simple. Runs locally or headless on AWS Lambda. Chromeless can be used to: run 1000s of browser integration tests in parallel; crawl the web and automate screenshots; write bots that require a real browser; do pretty much everything you’ve used PhantomJS, NightmareJS, or Selenium for before.

Docker vs. Kubernetes vs. Apache Mesos: Why What You Think You Know is Probably Wrong — Mesosphere

There are countless articles, discussions, and lots of social chatter comparing Docker, Kubernetes, and Mesos. If you listen to the partially-informed, you’d think that the three open source projects are in a fight-to-the death for container supremacy. You’d also believe that picking one over the other is almost a religious choice; with true believers espousing their faith and burning heretics who would dare to consider an alternative. That’s all bunk.

Build an 8-bit computer from scratch

For the true nerds only but FASCINATING.

I built a programmable 8-bit computer from scratch on breadboards using only simple logic gates. I documented the whole project in a series of YouTube videos and on this web site.

A Wi-Fi Analyzer Inside of a Tic Tac Container

Another very geeky but amazing project.

For an easy way to find out which channels are available, YouTuber “moononournation” came up with a Wi-Fi analyzer that not only runs on the inexpensive ESP8266, but is small enough to fit inside of a Tic Tac container. This makes a great enclosure, as not only is the LCD screen protected behind clear plastic, but the charging socket is revealed by opening the (former) candy door!

Bits and pieces

Busy week in the Bitcoin department. The feds took down one of Bitcoin’s largest exchanges. WannaCry ransomware bitcoins have been moved from online wallets and a New York City Education Department Employee got caught mining bitcoin at work!

Financial regulators have raised concerns over concentration risk: is Amazon’s cloud service too big to fail? Speaking of Amazon, it seems like the Echo could be turned into a spying device and it can’t be fixed by software patch.

Facebook, Microsoft, Twitter, and YouTube (Google/Alphabet, Inc) have formed the Global Internet Forum to Counter Terrorism and Amber Rudd is asking them to quietly drop end-to-end encryption from their products. That is why you might want consider this list of non-technical steps for staying anonymous. The FCC is still full of sh*t and says its cybersecurity measures to prevent DDoS attacks must remain secret.

Here is how to make a racist AI without really trying to and no, Facebook did not panic and shut down an AI program that was getting too smart. A group of engineers hacked a 113-Year-Old Subway System’s Signs in New York City.

See how two brothers turned seven lines of code into a $9.2 billion startup (Stripe). Twitter’s latest move (a weird $99 ‘subscription’) could be the beginning of the end. Also, porn browsing habits and confidential documents could be found in supposedly anonymized data. And finally, take a look at the technologies that might come after Flash’s death.

Swedish Government Scrambles to Contain Damage From Data Breach

There it is, your weekly mind blowing data leak. This one is very impressive in quantity and kind of information leaked.

Sweden’s government is scrambling to contain the political fallout from a huge breach of confidential data, including the possible disclosure of the identities of undercover operatives, under the watch of a government contractor (…) adequate safeguards were not adopted, and as a result, unauthorized personnel at IBM subsidiaries in Eastern Europe had access to vast troves of sensitive information, including details about bridges, roads, ports, the subway system in Stockholm and other infrastructure. In addition, the identities of people working undercover for the Swedish police and the Swedish security service, known as Sapo, may have been revealed, along with names of people working undercover for the special intelligence unit of the Swedish armed forces.

Amazon jacked up Prime Day prices, misleading consumers, says vendor

Amazon is in trouble with this vendor that realized during Prime Day that they bump up the price of products as soon as they start seeing it in high demand. It also seems like he’s not the only one noticing.

A Charlotte-based startup says e-commerce giant Amazon jacked up their suggested retail price during the company’s annual discount event — Prime Day — to deceive consumers into thinking that they were getting a deal, when in reality, they weren’t. Last week, Reuters reported The Federal Trade Commission is looking into similar allegations against Amazon regarding discount-pricing policies misleading consumers (…) “We did two studies that patterned Amazon using bogus prices to create the impression that people were getting a discount when their ‘was’ price never was. Our survey in June examined 1,000 products on the retailer’s website and found more than half (61%), had ‘was’ prices that never were,” John M. Simpson, consumer watchdog privacy project director.

Amazon’s Whole Foods deal under scrutiny

Rough week for Amazon, US regulators will review Amazon’s $13.7bn acquisition of Whole Foods after some groups have raised anti-trust concerns.

The proposed merger has drawn extra attention, coming amid rising concern about the effects of consolidation in a variety of US industries, including airlines, banking and telecommunications. (…) Amazon plans to resubmit paperwork to the Federal Trade Commission this week, re-setting the deadline for a preliminary government review of the deal, Whole Foods disclosed in a filing with the Securities and Exchange Commission on Friday.

VPN crackdown an ‘unthinkable’ trial by firewall for China’s research world

You can’t cut people’s connexion to the world and expect nothing to happen.

Like most academics, biology ­researcher Dr Jose Pastor-Pareja relies heavily on Google’s search engine, using it “every 10 minutes”, he says. But access to this resource is not guaranteed as he works at Tsinghua University in China — where the government has been tightening what are already among the strictest controls over the internet in the world. (…) If researchers cannot use VPNs to access a free and open internet, it might lead to government censorship of academic information and a “brain drain” of skilled individuals overseas, one researcher says. (…) His personal VPN subscription, paid for out of his own pocket, allows him to access Google, monitor his Twitter feed for the latest scientific literature, and connect with the wider scientific community via social media. “Everybody here does the same,” he said. “First-class research at a truly competitive level can’t go on with researchers cut off from the outside world. It’s truly unthinkable.”

Trump’s Policies Are Already Sending Jobs to Canada

Startups look north for refuge as the US pauses a program meant to keep them here. Who’s surprised?

Bidshahri had moved to the United States three years earlier to study neuroscience, and was just months away from graduation, after which she wanted to launch her online education startup in the Bay Area. She planned to take advantage of something called the International Entrepreneur Rule, which would give immigrant founders who raise at least $250,000 in funding temporary legal status in the United States while they build their businesses. For Bidshahri, the rule was perfectly timed. Finalized in the last days of President Obama’s tenure in office, it was set to go into effect this July, just months after she received her diploma. But that email from Boston University about the travel ban got Bidshahri thinking the United States might not be such a welcoming place for her or her company after all. And so, in June, she did what so many other foreign founders have done over the past year: set up shop in Toronto.

The Library of Congress opened its catalogs to the world. Here’s why it matters

Can’t wait to experiment with this stunning data set!

The Library of Congress has made 25 million digital catalog records available for anyone to use at no charge. The free data set includes records from 1968 to 2014.This is the largest release of digital catalog records in history. These records are part of a data ecosystem that crosses decades and parallels the evolution of information technology.

Technology / AI / Blockchain / IoT

The Multi-sig Hack: A Postmortem

Remember the crazy multi-sig hack we discussed last week? This is the post-mortem from the Parity team (spoiler alert: they take it very seriously).

While there is no fool-proof means of practically ensuring software contains no bugs, Parity Technologies is committed to minimising the chances that its software contains exploits. In response to the present exploit we will refine our development processes and CI system. The first and biggest change will be to ensure that any alterations to the codebase that involve live contract code (which can be generally identified through .sol files) be reviewed by Solidity experts. At present the multi-sig wallet is the only Solidity code that is user-deployable and in wide use within Parity.

Bitcoin May Have Just Solved Its Scaling Problem

Follow-up of last week’s update about an end coming to the Bitcoin civil war. The solution being the “Bitcoin Improvement Plan 91,” or BIP 91.

Once BIP 91 is locked-in, the blocks of miners who fail to signal support for segwit will be abandoned by the network. Thus, BIP 91 creates a strong incentive for miners to signal support for segwit. The proposal is timed so that this will all take place before August 1, so that the entire network should be in total consensus before BIP 148 kicks off and splits the blockchain. Implementing segwit would increase size of blocks of bitcoin data by changing the way cryptographic signatures are recorded in the block. Right now, when you want to send somebody some bitcoin, you “sign” the transaction with the private key associated with your wallet address, as well as the public key of the recipient. These signatures account for the bulk of data (about 60 percent) in a given block on the bitcoin blockchain, which currently have a maximum amount of space of 1 megabyte per block. If they effectively split, a new currency could appear: Bitcoin Cash. Read more about it here: coindesk.com/coindesk-explainer-bitcoin-cash-forking-blockchain/

Beijing Wants A.I. to Be Made in China by 2030

While Trumps denies sciences and cuts back on science funding China does the exact opposite.

The country laid out a development plan on Thursday to become the world leader in A.I. by 2030, aiming to surpass its rivals technologically and build a domestic industry worth almost $150 billion. (…) The world’s second-largest economy will be investing heavily to ensure its companies, government and military leap to the front of the pack (…) The plan comes with China preparing a multibillion-dollar national investment initiative to support “moonshot” projects, start-ups and academic research in A.I. (…)The United States, meanwhile, has cut back on science funding. In budget proposals, the Trump administration has suggested slashing resources for a number of agencies that have traditionally backed research in A.I. Other cuts, to areas like high-performance computing, would affect the development of the tools that make A.I. work.

Development / Design / DIY projects

Rest APIs are REST-in-Peace APIs. Long Live GraphQL.

Will GraphQL be able to replace REST? Probably not totally but it’ll keep growing for sure.

Please don’t interpret this wrong. I am not going to accuse GraphQL of “killing” REST or anything like that. REST will actually never die, just like XML never did, but who in their right mind would use XML over JSON today? I simply think GraphQL will do to REST what JSON did to XML. This article is not actually 100% in favor of GraphQL. There is a very important section about the cost of GraphQL’s flexibility. With great flexibility comes great cost.

Flash & The Future of Interactive Content

We know it’s been coming for a while but here it is, finally: the official end-of-life plan!

In collaboration with several of our technology partners — including Apple, Facebook, Google, Microsoft and Mozilla — Adobe is planning to end-of-life Flash. Specifically, we will stop updating and distributing the Flash Player at the end of 2020 and encourage content creators to migrate any existing Flash content to these new open formats.

Solidity tutorials to build the future of applications

This course explores all the basic principles of writing smart contracts. From deploying your first smart contract to inheritance, modifiers and simple smart contracts development.

The JavaScript Way book

Learn javascript, the javascript way. Currently in beta but definitely worth the read.

Apple’s refusal to support Progressive Web Apps is a detriment to future of the web

Progressive Web Applications (PWAs) are one of the most exciting and innovative things happening in web development right now and Apple doesn’t seem interested.

PWA’s enable you to use JavaScript to create a “service worker”, which gives you all sorts of great features that you’d normally associate with native apps, like push notifications, offline support, and app loading screens — but on the web! Awesome. Except for is one major problem — While Google has embraced the technology and added support for it in Chrome for Android, Apple has abstained from adding support to mobile Safari. All they’ve done is say that it is “Under Consideration.” Seemingly no discussion about it whatsoever.

Turn Your Raspberry Pi Into an Ultra-Mobile PC

Another amazing geeky project for your long winter weekends.

Perhaps you’ve seen mini Raspberry Pi computing terminals, but thought that, while interesting, they generally involve more tedious electronics work and setup than you prefer. If this sounds like you, then there is good news in the form of the Raspberry UMPC Project.

Bits and pieces

Best thing you’ll see this week: a Homemade Robot Cracks a SentrySafe Combination Safe in 15 Minutes. The Guardian announced that Microsoft was killing Paint after 32 years and they responded that MS Paint is here to stay.

Little trip down memory lane with “A Million Squandered: The “Million Dollar Homepage” as a Decaying Digital Artifact”. Learn more about trust and Game Theory with this awesome illustration game.

Verizon Throttles Netflix Subscribers In ‘Test’ It Doesn’t Inform Customers About and gives them a taste of what no net neutrality would look like. Kite seems to be using the open-source projects for profit and it doesn’t look good!

Discover the (many) tools selected for Black Hat Arsenal USA 2017. See how AlphaBay and Hansa have been taken down. And finally, check out Troy Hunt’s article about the evolution of passwords: Authentication Guidance for the Modern Era.

Bitcoin swings as civil war looms

As the cryptocurrencies slowly mature, problems arise and we are on the verge of a schism that could hurt Bitcoin.

The popularity of the financial technology has caused transactions to be processed slower, with some users complaining of having to wait three days or more for confirmation of trades when the backlog was at its worst, in May. (…) fees have also risen, hitting a high of $5 per transaction at the start of June. That makes it too costly to justify its use for some purchases, such as buying a pint of lager in a Bitcoin-accepting pub. There are ways around the problem, but the cryptocurrency’s community has been split over which solution to adopt. The risk is that Bitcoin could effectively split in two, with one type becoming incompatible with another, ultimately undermining confidence in the project altogether.

Canada unveils as an AI powerhouse

More and more money being invested in AI in Canada and particularly in Montréal.

And now this month (June, 2017) those moves by the government where soon matched by VC and corporates with the $102M initial round to create Element.ai in Montreal in collaboration with MILA and just this week, Google’s AI research arm, DeepMind announcing the opening of its first non-London research facility in Edmonton in partnership with Richard Sutton and Amii. Government, corporate and VC money is indeed moving quickly to create AI “superclusters” in Toronto, Montreal and Edmonton, but as Bengio himself calls for in a recent article, this is just the beginning, as the innovation from labs must now be transferred into innovation by startups and corporates alike.

Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More

Not a week goes by without a new ransomware or worm. This week’s winner is ANDROIDOS_GHOSTCTRL.OPS / ANDROIDOS_GHOSTCTRL.OPSA (also name Android backdoor GhostCtrl as it can stealthily control many of the infected device’s functionalities).

The information-stealing RETADUP worm that affected Israeli hospitals is actually just part of an attack that turned out to be bigger than we first thought — at least in terms of impact. It was accompanied by an even more dangerous threat: an Android malware that can take over the device.

Technology / AI / Blockchain

A hacker stole $31M of Ether — how it happened, and what it means for Ethereum

This week a hacker pulled off the second biggest heist in the history of digital currencies by exploiting a critical flaw in the Parity multi-signature wallet on the Ethereum network, draining three massive wallets of over $31,000,000 worth of Ether in a matter of minutes. See how it happened (and the heroes who kinda stopped it) and why it matters (especially for the Ethereum developers community).

Given a couple more hours, the hacker could’ve made off with over $105,000,000 from vulnerable wallets. But someone stopped them (…) a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts (…) so they saw only one available option: hack the remaining wallets before the attacker did. By exploiting the same vulnerability, the white-hats hacked all of the remaining at-risk wallets and drained their accounts, effectively preventing the attacker from reaching any of the remaining $77,000,000.

Hacker Steals $7 Million Worth of Ether From CoinDash Platform

Earlier this week an unknown hacker has taken over the official website of the CoinDash platform and modified an Ethereum wallet address during the company’s ICO (Initial Coin Offering), gaining $7 Million Worth of Ether in a few minutes.

The company says it received around $6 million worth of Ethereum in the first three minutes, before the hack. The hacker’s Ethereum wallet shows a balance of 43,438 Ethereum, which is around $7.8 million. CoinDash estimates that around $7 million of these funds came from its users.

How to Protect Your Cryptocurrency: Cold Storage & Paper Wallet Guide

It seems like a good moment to give this article a good read if you own cryptocurrencies.

With Bitcoin, Ethereum, and a host of other cryptocurrencies once again making headlines following an incredibly bullish year, crypto security has never been more important, this guide will teach you how to protect your cryptocurrency with a paper wallet and cold storage.

Daimler Uses Blockchain to Issue Bonds

Very interesting to see huge companies experiment with blockchain.

Daimler AG, the German car manufacturer, floated part of its €100 million ($114.1 million) German bond using blockchain technology at the end of June. (…) The borrower, the bank and the investors all receive access to a decentralized customer portal. Drawing certificates and contracts are confirmed in there. A so-called smart contract (…) automates the management of the order book. A [digital] token is generated on the blockchain once the loan contract is signed. The smart contract then allocates a number of tokens to investors. Compared with a conventional bond issuance, blockchain can significantly speed up the process.

Enterprise Ethereum Alliance

Another significant move in the direction of blockchain technology!

Enterprise Ethereum Alliance (EEA) announced today that 34 organizations have joined the blockchain industry group since late May. This brings total membership to over 150 organizations added since the group’s launch in February of this year. EEA is now the world’s largest open-source blockchain initiative. EEA’s newest members represent a wide variety of business sectors, including technology, banking, government, healthcare, energy, pharmaceuticals, marketing, and insurance, as well as a number of fast-growing Ethereum startups.

Development / Design / DIY projects

How to Code for a Cause using the Open Source for Good Directory

Learn more about the Code for a Cause initiative and their new Open Source for Good Directory.

With the creation of Open Source for Good last September, I used our past experience running these projects to take it up a notch. After just ten months, Open Source for Good already contains 7 new robust open source tools that any number nonprofits can deploy and benefit from. (For comparison, Atlassian — a publicly traded software company — offers 12 products total.)

Open Container Initiative Specifications are 1.0

Important step towards an industry standard for containers. The OCI includes people from CoreOS, Red Hat, Docker, Microsoft, Google, and the Linux Foundation.

After two years of work with major stakeholders in the community, we’re excited to announce that the Open Container Initiative (OCI) image and runtime specifications have now hit version 1.0. This means there is now a stable industry standard for application containers that has been created and approved by leaders in the container industry. This is an important milestone for the OCI community, and we look forward to working with our partners to further facilitate standards and innovation.

Cracking the code behind Apple’s App Store promo card design

Did you ever try to print out your own Apple Promo codes and realized it didn’t work? Follow this article to create your own scannable promo codes.

The app seems to recognize two things: A surrounding box and a code in the middle of this box. Once the app recognizes this pattern, it draws an on-screen box and tries to identify the code inside the box. The box itself isn’t enough: the app only kicks off its code recognition engine as soon as it finds specific characteristics of the specific font.

How the Twitter App Bypasses Paywalls

See how Twitter bypasses paywalls (and how you could too).

Wall Street Journal ended its practice of allowing special access for search engines. This means that a human visitor can no longer bypass the paywall by spoofing Google’s HTTP request headers. However, subscription-based publications face a problem when users click on a link through Twitter or Facebook on a mobile device. Social media apps implement their own in-app browser, which generally do not retain cookies. Websites that require a user login must request the login every time the app is reopened. This makes for a cumbersome user experience. Thus, publications like the Wall Street Journal disable login checks when a page request appears to come from Twitter.

A real world guide to WebRTC

It’s all in the title.

Bits and pieces

Japan’s cute zero-gravity little drone sends first pictures from ISS! Interesting perspective on password managers and why it’s important to use a local vaults instead of a cloud based system.

Discover The Hunting of the SNARK, a treasure hunt consisting of cryptographic challenges that will guide you through a zero-knowledge proof (ZKP) learning experience.

And check out those images created to reliably fool neural network classifiers when viewed from varied scales and perspectives.

Historic day of action for Net Neutrality breaks records

July 12 has been marked by an epic Battle for The Net. More than 125,000 websites, Internet users, and organizations took part in a massive online protest against the FCC’s plan to kill Net Neutrality (the Internet Association has a great explanation if you don’t know what it means).

A flood of web platforms small and large like Twitter, Reddit, Netflix, Spotify, 4chan, Airbnb, Amazon, Mozilla, OK Cupid, Vimeo, Tinder, Expedia, Pornhub, Imgur, Yelp, Spotify, and Soundcloud — along with a vast array of online communities from every corner of the Internet: gaming forums, YouTube creators, subreddits and more — displayed prominent protest messages to their users, encouraging them to take action by contacting the FCC and Congress through tools like BattleForTheNet.com that make it easy for Internet users to make their voices heard. The results so far :

• Tens of millions of people saw the protest messages on participating websites
• Over 5 million emails to Congress
• More than 2 million comments to the FCC
• 124,000 phone calls to Congress

Google is funding a new software project that will automate writing local news

This already exists in automated sport reports but I’m really curious to see how it’ll perform in a more traditional news context.

Radar aims to automate local reporting with large public databases from government agencies or local law enforcement — basically roboticizing the work of reporters. Stories from the data will be penned using Natural Language Generation, which converts information gleaned from the data into words. The robotic reporters won’t be working alone. The grant includes funds allocated to hire five journalists to identify datasets, as well as curate and edit the news articles generated from Radar. The project also aims to create automated ways to add images and video to robot-made stories.*

Microsoft’s Calibri font is at the center of a political scandal

In the craziest turn of events, investigators might be able to prove that Pakistanese Prime Minister and his family allegedly forged documents to hide ownership of overseas properties thanks to a Microsoft font!

The documents from 2006 submitted by Maryam Nawaz (daughter of PM Nawaz Sharif) were in the Calibri font. That font, according to the investigation team’s leaked report, wasn’t publicly available until 2007.

Can The Blockchain Help Renew Confidence In Government?

Last week we talked about using blockchain for electric grids, why not use it to make sure public records can’t be altered and cut down on corruption in the process?

The Republic of Georgia (the country) has put almost 200,000 public land titles on a system that combines a tamper-proof private blockchain with a public blockchain viewable by anybody. The registry is thought to be one of the first times a government has used the decentralized network underlying bitcoin–a blockchain–for a public service purpose.

China Tells Carriers to Block Access to Personal VPNs by February

If you were planning to visit China, you might not be able to use your VPN to keep your trafic anonymous anymore.

Beijing has ordered state-run telecommunications firms, which include China Mobile, China Unicom and China Telecom, to bar people from using VPNs, services that skirt censorship restrictions by routing web traffic abroad, the people said, asking not to be identified talking about private government directives.

Technology

Scientists Upload a Galloping Horse GIF Into Bacteria

Mind blowing news of the week: we can now store (and retrieve) an animated gif inside a bacteria’s DNA. Think about that for a second!

Researchers have created for the first time a living library, embedded within, you guessed it: E. coli. In a paper published today in Nature, Harvard researchers1 describe using a Crispr system to insert bits of DNA encoded with photos and a GIF of a galloping horse into live bacteria. When the scientists retrieved and reconstructed the images by sequencing the bacterial genomes, they got back the same images they put in with about 90 percent accuracy.

How we tracked and analyzed over 200,000 people’s footsteps

Fascinating project by MIT students who found a way to track down people walking around campus thanks to their cellphones.

When phones are searching for WiFi networks, they commonly also send out small packets of information called probe requests. These probe requests send snippets of information such as a unique MAC address (similar to a fingerprint), RSSI signal (logarithmic signal strength), and a list of previous SSIDs encountered. As each phone will send out one MAC address (excluding recent attempts at anonymization), we can easily leverage these to track students walking around campus.

Taking Control of All .io Domains With a Targeted Registration

Some wise ass took over all .io domain names via a targeted domain registration Simple, yet impressive.

Since a TLD can have authoritative nameservers at arbitrary domain names it’s possible that through a misconfiguration, expiration, or some other issue that someone would be able to register a nameserver domain name and use it to serve new DNS records for the entire TLD zone.

Cheat Sheets for AI, Neural Networks, Machine Learning, Deep Learning & Big Data

It’s all in the title :)

Web development / Web design

Starbucks should really make their APIs public.

This developper couldn’t wait for Starbucks APIs to get open to the public so he’s decided to reverse engineer the whole thing. Very interesting (and fairly technical). Try it our yourself: https://github.com/tendigi/starbucks.

From Slack integrations to coffee buttons, there are loads of potential integrations that could be built if they opened their API to third-party developers. They’re clearly moving in that direction, as they have both a twitter account and a (password protected) website for developers. I couldn’t wait, however, so I decided to take matters into my own hands.

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Most of the items in there seem really obvious but you’d be surprised how often they’re not tested before deploying.

Your first service worker

How to make sure your site works even when the cell coverage is bad (or absent) and other interesting perspectives when using a service worker.

A service worker is a simple javascript script that your browser runs in the background. It runs on a different thread to the main JavaScript that powers your web app. It’s async and no blocking, without any DOM access. It includes exciting features like push notifications and requires HTTPS for better security. Another huge benefit of the service worker is to give the developer complete control over the caching experience.

Life Is About to Get a Whole Lot Harder for Websites Without HTTPS

This is not new but it will get more and more important. It’s also good for your SEO so you might want to check it out ;)

We know secure pages are secure because the browser tells us so. We know non-secure pages are not secure because the browser doesn’t tell us that they’re secure. Get it? It’s the principle of being insecure by default and that’s what we’re increasingly moving away from. Remember also that this applies to any website the browser loads so merely being behind the firewall browsing the intranet won’t keep the warnings away. If you’re not serving all those internal business systems over HTTPS then your internal users are going to be told that they’re “Not secure” too (and no, telling them to ignore warnings is not a behaviour you want to encourage). The bottom line is this: if you’re serving anything over an insecure connection you need to be planning how you’re going to go HTTPS by default now.

Human-Centered Machine Learning

Google Design team has developed seven points to help designers navigate the new terrain of designing ML-driven products.

1. Don’t expect Machine learning to figure out what problems to solve
2. Ask yourself if ML will address the problem in a unique way
3. Fake it with personal examples and wizards
4. Weigh the costs of false positives and false negatives
5. Plan for co-learning and adaptation
6. Teach your algorithm using the right labels
7. Extend your UX family, ML is a creative process

Bits and pieces

London’s cabby wars are less about the disruptive power of an app (Uber), or a new business model, than about the disruption of Britain. Read how search algorithms kept that woman away from her sister for 14 years. Couple of interesting social marketing predictions that came true in 2017.

Focus less on the data and more on the big picture. Fascinating report from Spotify: Understanding People Through Music. Impressive example of Google Tensorflow Object Detection API use. You might soon be able to interact with a conversational agent for data science, curious to see where that’s going!

We need to re-think how we teach programming. GitHub has great values but doesn’t seem to really live by them, check out Coraline’s year there.

Fake news: you ain’t seen nothing yet

Brace yourself for more sophisticated fake news. It’s now possible create videos of conversations or speeches that never happened.

Mr Klingemann did not fiddle with editing software to make it. Instead, he took only a few days to create the clip on a desktop computer using a generative adversarial network (GAN), a type of machine-learning algorithm. His computer spat it out automatically after being force fed old music videos of Ms Hardy. It is a recording of something that never happened.

Facebook can track your browsing even after you’ve logged out

The judge said plaintiffs could have taken steps to keep their browsing histories private (by using ad blockers or the “incognito mode”) and apparently failed to show that Facebook illegally “intercepted” or eavesdropped on their communications. I call bullshit!

A judge has dismissed a lawsuit accusing Facebook of tracking users’ web browsing activity even after they logged out of the social networking site. The plaintiffs alleged that Facebook used the “like” buttons found on other websites to track which sites they visited, meaning that the (…) company could build up detailed records of their browsing history. The plaintiffs argued that this violated federal and state privacy and wiretapping laws. US district judge (…) dismissed the case because he said that the plaintiffs failed to show that they had a reasonable expectation of privacy or suffered any realistic economic harm or loss.

Websites offering pirated papers are shaking up science

I don’t know where to stand: I love that knowledge gets shared freely but at the same time the work that has been put in it should be rewarded. Curious to read your opinion on this.

Record companies and film studios have had to learn to live with internet piracy. Despite their best attempts to close sites or co-opt them, pirated copies of their wares are easily available. Increasingly, the same is true of scientific papers. On June 21st a court in New York awarded Elsevier, a big scientific publisher, $15m in damages for copyright infringement by Sci-Hub and the Library of Genesis, two websites that offer tens of millions of scientific papers and books for anyone to download.

The Medicare machine: patient details of ‘any Australian’ for sale on darknet

Not a day passes without a new massive data breach. It’s time for companies and governments to get their act together and start taking security seriously. I know nothing is 100% hackerproof but a lot of those recent breaches could have easily been prevented.

A darknet trader is illegally selling the Medicare patient details of any Australian on request by “exploiting a vulnerability” in a government system, raising concerns that a health agency may be seriously compromised. (…) The reference to “exploiting a vulnerability” suggests that the Medicare records are being accessed in real time, which is likely to cause serious concerns within health government agencies about whether their systems are compromised.

China’s bloggers, filmmakers feel chill of internet crackdown

Censorship doesn’t seem to improve in China…

China’s latest maneuvre in a sweeping crackdown on internet content has sent a chill through a diverse community of filmmakers, bloggers, media and educators who fear their sites could be shut down as Beijing tightens control. Over the last month, Chinese regulators have closed celebrity gossip websites, restricted what video people can post and suspended online streaming, all on grounds of inappropriate content. (…) Topics deemed inappropriate include drug addiction and homosexuality.

Technology

Clean Energy, powered by Blockchains

Fascinating perspective on blockchain and how we could leverage its principles for sustainable energy. 🔥

Imagine a town that has decided to go completely off the energy grid. Like always, not all the houses in the town get an equal proportion of sunlight on their roofs. Take any street. Houses on one side get ample sunlight, and the houses on the other side don’t. Instead of complaining, the town decides to do something about it together. The houses that get ample sunlight install the solar panels and the batteries. The cables from those solar panels go to every house in the town, thus, turning the whole city into what I’d like to call a Local Energy Grid

Why Algorithms Suck and Analog Computers are the Future

See how algorithmic computing doesn’t scale well when it comes to problems requiring immense amounts of processing power and how analog computers might be the solution.

Analog computing, which was the predominant form of high-performance computing well into the 1970s, has largely been forgotten since today’s stored program digital computers took over. But the time is ripe to change this. (…) “Analog” derives from the Greek word “analogon” which means “model”. And that’s exactly what an analog computer is: A model for a certain problem that can then be used to solve that very problem by means of simulating it.

Fourth largest Bitcoin exchange. Bithumb, hacked for billions of Won

Oh, this sucks!

A cyber attack late last week resulted in the loss of billions of won from customers accounts. According to a major local newspaper, the Kyunghyang Shinmun, one victim alone claimed that “bitcoins worth 10 million won” in his account “disappeared instantly.” A survey of those who lost money from the hack reveals “it is estimated that hundreds of millions of won have been withdrawn from accounts of one hundred investors. One member claims to have had 1.2 billion won stolen.”

Amazon and eBay images broken by Photobucket’s ‘ransom demand’

Photobucket changing its policy had people think there was a ransom demand.

Thousands of images promoting goods sold on Amazon and other shopping sites have been removed after a photo-sharing service changed its terms. (…) The problem has been caused by Photobucket introducing a charge for allowing images hosted on its platform to be embedded into third-party sites. The company caught many of its members unaware with the change, prompting some to accuse it of holding them to ransom. (…) Photobucket is now seeking a $399 (£309) annual fee from those who wish to continue using it for “third-party hosting” and is facing a social media backlash as a consequence.

Scaling Ethereum to Billions of Users

Tokens are selling at valuations which imply they’ll have millions of users. But can the blockchain support it? If not, how far away are we?

The biggest bottleneck to solving scalability is the number of people working on the problem. If current efforts are well executed, Ethereum could be ready for a 1–10m user app by the end of 2018.

🔨 Web development / Web design

Accessibility according to actual people with disabilities

If you ever had to work on websites’ accessibility, you know how complicated and a little abstract it can sometimes get. Here is why it matters and what accessibility should be about. ⚠️

“If you have a disability, what’s the hardest thing about browsing the web?” The answers to Safia Abdalla’s tweet are truly eye-opening and shows us what web accessibility should really be about.

Why is decentralized and distributed file storage critical for a better web?

The team behind IPFS and Filecoin explain how distributed data storage and market incentives are combining to create a more secure and efficient web.

How to defend your website with ZIP bombs

This guy has decided to fight fire with fire. It’s a little nasty but genius. I love it!

So it turns out ZIP compression is really good with repetitive data so if you have a really huge text file which consists of repetitive data like all zeroes, it will compress it really good. Like REALLY good. As 42.zip shows us it can compress a 4.5 peta byte (4.500.000 giga bytes) file down to 42 kilo bytes. When you try to actually look at the content (extract or decompress it) then you’ll most likely run out of disk space or RAM.

Bits and pieces

Why the Future of Stuff Is Having More and Owning Less: “If we can deliver these intangibles anytime, anywhere, to anybody, that instant aspect of them means we don’t have to own them anymore.” fascinating perspective. On the IoT front:** medical sensors have been missing in the Rasberry Pi realm** for a while but apparently, the Healthy Pi** fixed it**!

IFTTT just introduced the Data Access Project, you can now use applets to connect to government open data like economy, cyber security, health and travel alerts, public transit, and more. For the computer science geeks, check out this incredible Google Sheets Virtual Machine and this other version using only formulas!

Take a little walk down memory lane with this Minitel history lesson, Minitel: The Online World France Built Before the Web. Read more about Toni Reid, the woman behind Amazon’s Alexa. And finally, an important lesson from Maria, she’s not a woman in tech!

Petya breaks computers and networks, EU fines Google €2.42 billion and there’s now a cell phone that works out of thin air! 👏🏼

---

EU fines Google €2.42 billion for abusing product searches

The European Union doesn’t agree with Google’s way of comparing shopping products and made sure the world knows!

“Google has come up with many innovative products and services that have made a difference to our lives. That’s a good thing. But Google’s strategy for its comparison shopping service wasn’t just about attracting customers by making its product better than those of its rivals. Instead, Google abused its market dominance as a search engine by promoting its own comparison shopping service in its search results, and demoting those of competitors. What Google has done is illegal under EU antitrust rules. It denied other companies the chance to compete on the merits and to innovate. And most importantly, it denied European consumers a genuine choice of services and the full benefits of innovation.”

Read the other side of the story on Google’s blog.

We believe the European Commission’s online shopping decision underestimates the value of those kinds of fast and easy connections. While some comparison shopping sites naturally want Google to show them more prominently, our data shows that people usually prefer links that take them directly to the products they want, not to websites where they have to repeat their searches.

A new ransomware outbreak similar to WCry is shutting down computers worldwide ⚠️

Second major news of the week, Petya has taken over the world and brought chaos to thousands of computers and networks. Like WannaCry, it’s been using exploits leaked from NSA’s tools.

A new ransomware attack similar to last month’s self-replicating WCry outbreak is sweeping the world with at least 80 large companies infected, including drug maker Merck, international shipping company Maersk, law firm DLA Piper, UK advertising firm WPP, and snack food maker Mondelez International. It has attacked at least 12,000 computers, according to one security company.

What appeared to be a ransomware at first actually happens to be a wiper and could potentially hurt way more than WCry.🔥

the researchers said, the payload delivered in Tuesday’s outbreak wasn’t ransomware at all. Instead, its true objective was to permanently wipe as many hard drives as possible on infected networks, in much the way the Shamoon disk wiper left a wake of destruction in Saudi Arabia. Some researchers have said Shamoon is likely the work of developers sponsored by an as-yet unidentified country. Researchers analyzing Tuesday’s malware — alternatively dubbed PetyaWrap, NotPetya, and ExPetr — are speculating the ransom note left behind in Tuesday’s attack was, in fact, a hoax intended to capitalize on media interest sparked by last month’s massive WCry outbreak.

See those two articles for the technical analysis of how Petya works and spreads:Petya.2017 is a wiper not a ransomware and New ransomware, old techniques: Petya adds worm capabilities.

Wikimedia Foundation v. NSA

Wikimedia on fighting government mass surveillance. This is important.

For the last two years, the Wikimedia Foundation has been fighting in the United States federal courts to protect the fundamental rights and freedoms of Wikimedia users from overly-broad government surveillance. We challenged the U.S. National Security Agency’s (NSA) “Upstream” mass surveillance of the internet, which vacuums up international text-based online communications without individualized warrants or suspicion. Now, in the wake of an important court ruling in our favor, we take a closer look at Wikimedia Foundation v. NSA.

Technology

This Cell Phone Can Make Calls Even Without a Battery

Well this is amazing! University of Washington researchers have made a phone that draws what little power it needs from thin air.

Ambient light can be turned into a trickle of electricity with solar panels or photodiodes. Radio-frequency TV and Wi-Fi broadcasts can be converted into energy using an antenna.

Analyzing Ethereum, Bitcoin, and 1200+ other Cryptocurrencies

Everybody talks about it but does anyone really know how cryptocurriences compare? Note that this is also a technical post about TimescaleDB and Postgres.

Cryptocurrencies are fueling a modern day gold rush. Can data help us better understand this evolving market? We take a closer look using TimescaleDB and PostgreSQL.

Vertical AI Startups: Solving Industry-specific Problems by Combining AI and Subject Matter Expertise

Interesting perspective on how companies could/should leverage AI.

Low level task-based AI gets commoditized quickly and more general AI is decades off. In the meanwhile, will new AI startups succeed or will the value accrue to Google, Facebook, and Amazon? While most of the machine learning talent works in big tech companies, massive and timely problems are lurking in every major industry outside tech.

Web development / Web design

10 Tips On Typography in Web Design

Couple of things to improve readability and balance when you design for the web.

Optimizing typography is optimizing readability, accessibility, usability(!), overall graphic balance. In other words: optimizing your typography also optimizes your user interface.

Deconstructing the Google Analytics tracking script

If you use GA everyday but never understood how it works this for you!

So the answer to the question “what does the Google Analytics tracking script actually do?”, is that it creates a global ga function, and asynchronously loads the full Google Analytics tracking script analytics.js, so that one can make requests like ga(‘send’, ‘pageview’).

Redesigning Google News for everyone

Take a look at how Google News has been redesigned.

To make news more accessible and easier to navigate, we redesigned the desktop website with a renewed focus on facts, diverse perspectives, and more control for users.

How https works

Simple and visual explanation of how a https handshake works.

Amazon buys Whole Foods, Uber’s CEO finally resigns and the NSA surprisingly contributes to the Open Source community. 🎉

---

Amazon Buying Whole Foods: An Industry Shudders

It’s happening: Amazon is finally getting into retail’s biggest moneymaker of all — the $800 billion grocery business.

“Amazon is placing its bet on the future of the food industry,” says Errol Schweizer, a former Whole Foods executive who is now an industry adviser, “and they see Whole Foods as the leadership.” Most Amazon watchers are focused on the some 450 stores the e-commerce behemoth scoops up in the deal. These brick-and-mortar locations instantly give it a national ­physical presence, as well as a network of mini distribution centers for fresh produce — by far the most challenging part of the grocery delivery business because of spoilage and the fragility of fruits and vegetables.

Uber Founder Travis Kalanick Resigns as C.E.O.

Would I dare say it was about time? I hope they’ll finally get their act together.

Travis Kalanick stepped down Tuesday as chief executive of Uber (…) after a shareholder revolt made it untenable for him to stay on at the company. (…) Earlier on Tuesday, five of Uber’s major investors demanded that the chief executive resign immediately. The investors included one of Uber’s biggest shareholders, the venture capital firm Benchmark, which has one of its partners, Bill Gurley, on Uber’s board.

The End of Net Neutrality Could Shackle the Internet of Things

I never thought of the impact of (the lack of) Net Neutrality on the IoT. This definitely doesn’t look good.

Dismissing the rules could be a big problem for the future of the Internet of Things, since companies like Comcast–which is already working on its own smart home platform–certainly have the motivation to create fast and slow lanes for particular gadgets and services. If your internet provider can decide which personal assistant or smart home gadgets you can or can’t use, the broadband can dictate the winners and losers in the Internet of Things race. That wouldn’t bode well for competition, innovation, or you. (…) providers might also be free to force you to rent a cable modem or WiFi router the same way you already have to rent a cable box, or even to charge you for each computer, tablet, or IoT gadget you connect to the web.

While we’re on the subject, check out how Verizon is killing Tumblr’s fight for net neutrality.

The myth of the ‘cool tech girl’

Yes, we still need to fight sexism in our industry…

The cool tech girl is a toxic myth, she helps men feel safe in their sexism. She enables the persistent and perpetual gender discrimination in our field. She’s hurting you, and me, and she needs to fuck right off already.

The RNC Files: Inside the Largest US Voter Data Leak

Remember when we talked about having non-secured Amazon Web Services S3 buckets?

UpGuard has discovered an open database containing information on what appear to be approximately 198 million American voters left misconfigured by a GOP analytics firm.

Technology

Russia’s Cyberwar on Ukraine Is a Blueprint For What’s to Come

We can’t expect this happening only to Ukraine, right? Scary times ahead for sure!

A hacker army has systematically undermined practically every sector of Ukraine: media, finance, transportation, military, politics, energy. Wave after wave of intrusions have deleted data, destroyed computers, and in some cases paralyzed organizations’ most basic functions. “You can’t really find a space in Ukraine where there hasn’t been an attack”

Data-Mining 100 Million Instagram Photos Reveals Global Clothing Patterns

Fascinating to see what you can do with 100 Million Instagram photos!

They used a standard face recognition program to filter out all the pictures that did not contain a face, and they also filtered for a visible torso, leaving a set of 15 million photos of people showing the upper half of their body, along with their location and the date. Next, they trained a machine-learning algorithm to recognize various types of clothing and accessories in images.  Finally, they let the machine lose on the 15 million photos in their data set and then used another algorithm to search for clusters of images with similar visual themes and track how these varied across time and from one location to another. The clustering algorithm found some 400 different visual themes, such as people wearing white T-shirts and glasses, or wearing red V-neck tops or black dresses, or not wearing tops at all!

Move Over, Bitcoin. Ether Is the Digital Currency of the Moment.

Another day in the fascinating world of crypto currencies. This again shows how volatile virtual currencies remain.

The price of Bitcoin has hit record highs in recent months, more than doubling in price since the start of the year. Despite these gains, Bitcoin is on the verge of losing its position as the dominant virtual currency. The value of Ether, the digital money that lives on an upstart network known as Ethereum, has risen an eye-popping 4,500 percent since the beginning of the year.

Web development / Web design

NSA OSS Technologies

Besides leaking important hacking tools, NSA sometimes contributes to the Open Source community. Check out their Github repository for more info.

The NSA Technology Transfer Program (TTP) works with agency innovators who wish to use this collaborative model for transferring their technology to the commercial marketplace. OSS invites cooperative development of technology, encouraging broad use and adoption. The public benefits by adopting, enhancing, adapting, or commercializing the software. The government benefits from the open source community’s enhancements to the technology.

RESTful API Design Tips from Experience

A lot of overy insightful tips for designing great RESTful API’s.

Some things you should know before using Amazon’s Elasticsearch Service on AWS

A Cloud Guru — Amazon’s Elasticsearch Service on AWS is a powerful but fragile piece of infrastructure with a ton of things that can cause the AWS service to become unstable

Will Vue.js Become a Giant Like Angular or React?

Vue.js is a close partner of Angular and React in more and more article titles, taking the world by a storm. What makes Vue.js win developers’ hearts?

Teller — The API for your bank account

How many times have you thought to yourself “Damn, I really wish my bank account had an API”? I bet the answer is a lot. Well, today is the last day you will ever think that again because we are pleased to announce that the Teller API beta program is now open to the public.

Bits and pieces

Twitch just scored an exclusive streaming deal with Blizzard for 20+ major e-sports events. More news on the blockchain front: Ethereum price crashed from $319 to 10 cents on GDAX after huge trade and see how price manipulation works in the Bitcoin ecosystem.

Mary Meeker’s Internet Trends 2017 are out, power grids can be shut down by hackers and the blockchain ecosystem keeps growing.

---

2017 Internet Trends report

Mary Meeker’s 2107 Internet Trends are out! If you work in (web) marketing, communication, PR and other related fields you might want to check it out. It’s 355 pages but totally worth it!

The National Bank of Canada Just Joined An Alliance to Develop Ethereum

Interesting to see how banks join the cryptocurrencies wagon. They might be slower to adopt but it might be crucial for their survival on the long term.

On Monday, the Enterprise Ethereum Alliance announced 86 new members that will work together to develop business applications on the Ethereum blockchain, including Toyota, Deloitte, Samsung SDS, and the National Bank of Canada.

David Bonderman Resigns From Uber Board After Sexist Remark

As if Uber didn’t have enough reputation problems already (including sexual harassment claims).

Earlier in the day at an Uber staff meeting to discuss the company’s culture, Arianna Huffington, another board member, talked about how one woman on a board often leads to more women joining a board. “Actually, what it shows is that it’s much more likely to be more talking,” Mr. Bonderman responded.

Technology

Crash Override Malware Took Down Ukraine’s Power Grid Last December

It’s known that computers and networks used by power plants and other crucial infrastructures are often poorly maintained or secured but this is really really (fascinating, but) scary and worrying. Check out the technical analysis over here (pdf).

The researchers describe that malware, which they’ve alternately named “Industroyer” or “Crash Override,” as only the second-ever known case of malicious code purpose-built to disrupt physical systems. The first, Stuxnet, was used by the US and Israel to destroy centrifuges in an Iranian nuclear enrichment facility in 2009. The researchers say this new malware can automate mass power outages, like the one in Ukraine’s capital, and includes swappable, plug-in components that could allow it to be adapted to different electric utilities, easily reused, or even launched simultaneously across multiple targets.

Design in the Era of the Algorithm

Josh Clark explores designers’ new roles and responsibilities when they design for the machines.

The design and presentation of data is just as important as the underlying algorithm. Algorithmic interfaces are a huge part of our future, and getting their design right is critical — and very, very hard to do. My work has begun to turn to the responsible and humane presentation of data-driven interfaces. And I suspect that yours will, too, in very short order. While constructing these machine learning models is indeed heavy-duty data science, using them is not. Tons of these machine learning models are available to all of us here to build upon right now.

Mapping the decentralized world of tomorrow

Neat map of the blockchain ecosystem.

By using the term “decentralization” I refer to a process of redistributing functions, people, powers or things away from a central authority. The problem with centralized systems is that they lack transparency, allow for single points of failure, censorship, abuse of power and inefficiencies.

XSS Attacks: The Next Wave

Cross Site Scripting is not gone and it actually looks like it’s coming in full force in 2017. This resurgence might be the result of more Single Page Apps, more persistence and caching of Javascript and badly managed dependencies.

In 2017 there is a dramatic upward trend — in the first 5.5 months of the year (up to the time of this writing), 508 vulns have been reported, more than in all of 2016. Extrapolating to the entire year yields an estimate of 1,354 vulns to be reported this year, representing unprecedented growth of 166%.

Web development / Web design

Skeuomorphism In Conversational Design — uxdesign.cc

Fascinating read about the role skeuomorphism plays in chat bots.

No matter how you design a conversation, people’s experience will be influenced not just by the conversational experience itself, but by all the expectations they have about it as well. It’s our job to make those expectations help shape the experience in a way that’s beneficial for the user, not the other way around.

Upgrading from Node 6 to Node 8: a real-world performance comparison

Node 6 vs. 8 : who’s the fastest? (spoiler alert right under)

To be honest, with Node 8 I was expecting an improvement of maybe a few percent, and wouldn’t have been surprised if that didn’t translate into the real world. But shaving a quarter off server-rendering time and a third off NPM install time is amazing.

Spellbook-of-modern-webdev: A Big Picture, Thesaurus, and Taxonomy of Modern JavaScript Web Development

Amazing bible of javascript resources.

Bits and pieces

If you are a developer, you’ll be happy to learn that developers who use spaces make more money than those who use tabs. On the internet security front, it looks like the NSA has linked the WannaCry computer worm to North Korea.

For the AI fans out there, get some great open source datasets for your machine learning experiments here. Europe just ended mobile roaming fees in the 28 Member State bloc!

Beware, it seems like Mac users are getting targeted by ransomware and spyware too. Check out how this professor grades programming assignments on GitHub. And Instagram finally decided to add a new label to better differentiate paid-for posts from regular content.

Crypto Tokens will blow your mind, we know when artificial intelligence will replace humans and hackers hijacked satellite-based Internet links. On a brighter note, Taylor Swift is putting her albums back on all streaming services and we all thank her! 🎉

---

Around the web

Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election

Fascinating account of how Russia might have tampered with the U.S. election infrastructure. I feel like we’re back in the Cold War era ! Also check out this Washington Post article of the impact this kind of leak might have on whistleblowers.

Russian military intelligence executed a cyberattack on at least one U.S. voting software supplier and sent spear-phishing emails to more than 100 local election officials just days before last November’s presidential election, according to a highly classified intelligence report obtained by The Intercept.

Be Careful Celebrating Google’s New Ad Blocker

If you still had any doubt as why it matters. Keep in mind that the ads blocked would match the Coalition for Better Ads standards. Who’s in the Coalition you ask? Mainly Facebook and Google, accounting for 99 percent of all digital ad revenue growth in the United States last year, and 77 percent of gross ad spending.

Google, a data mining and extraction company that sells personal information to advertisers, has hit upon a neat idea to consolidate its already-dominant business: block competitors from appearing on its platforms.

Algorithms aren’t racist. Your skin is just too dark.

Check out the fascinating Illuminate Series about artificial intelligence biases and it’s impact on everyday people.

The rise of artificial intelligence necessitates careful attention to inadvertent bias that can perpetuate discriminatory practices and exclusionary experiences for people of all shades.

Bitcoin mining companies face shutdown in southwest China

Bitcoin mining companies have been shut down or relocated in Mabian Yi Autonomous County and it’s really weird and unclear why.

The shutdown is made more puzzling by the fact that the value of Bitcoins has exceeded 10,000 RMB ($1,469.6), and many exchange platforms are battling for mining resources after the Central Bank of China banned the deposit and withdrawal of Bitcoins.

Technology

Banks Eager For Artificial Intelligence, But Slow To Adopt

Why are banks — who are typically the most capable and tech-intensive players in the business world — struggling so much with AI?

To be fair, banks have employed AI — at least in rudimentary forms — for decades. Computer automation has been used by the financial industry for back office and customer-facing operations since the 1960s. AI investments picked up in the 1980s in the form of expert systems. Despite this strong IT heritage, many banks lack the agility to fundamentally transform their business with modern artificial intelligence.

Machine learning evolution (infographic)

Very interesting and clear picture of the evolution of machine learning.

What will it take for AI to become mainstream in business? The convergence of different research approaches — and lots of human intelligence.

Experts Predict When Artificial Intelligence Will Exceed Human Performance

Fascinating to see how industries get conquered by artificial intelligence at different paces.

Today, we have an answer of sorts thanks to the work of Katja Grace at the Future of Humanity Institute at the University of Oxford and a few pals. To find out, these guys asked the experts. They surveyed the world’s leading researchers in artificial intelligence by asking them when they think intelligent machines will better humans in a wide range of tasks. And many of the answers are something of a surprise.

Thoughts on Tokens

If you don’t know what tokens are and why it’s important, I urge you to read this. And you might want to check out Cryptoeconomics 101 too.

In 2014, we wrote that “Bitcoin is more than money, and more than a protocol. It’s a model and platform for true crowdfunding — open, distributed, and liquid all the way.” That new model is here, and it’s based on the idea of an appcoin or token: a scarce digital asset based on underlying technology inspired by Bitcoin. While indisputably frothy, as of this writing the token sector sits at a combined market cap in the tens of billions.

Crypto Tokens: A Breakthrough in Open Network Design

More token content here. See how we can counterbalance the massive proprietary platforms with open networks.

Crypto tokens — a new way to design open networks that arose from the cryptocurrency movement (…). Tokens are a breakthrough in open network design that enable: 1) the creation of open, decentralized networks that combine the best architectural properties of open and proprietary networks, and 2) new ways to incentivize open network participants, including users, developers, investors, and service providers. By enabling the development of new open networks, tokens could help reverse the centralization of the internet, thereby keeping it accessible, vibrant and fair, and resulting in greater innovation.

An overview of every Data Visualization course on the internet

Very comprehensive and in-depth list of Data Visualization courses.

Web development / Web design

How to get the most out of the JavaScript console

The console comes with several other useful methods that can add to a developer’s debugging toolkit.

You can use the console to perform some of the following tasks:

• Output a timer to help with simple benchmarking
• Output a table to display an array or object in an easy-to-read format
• Apply color and other styling options to the output with CSS

Dirt Cheap Recurring Payments with Stripe and AWS Lambda

If you run a small SaaS business, you need a recurring billing solution, and there are a lot of options out there (…) but what if all you want is a dirt cheap way to charge your customers each month? Here’s how you can do it nearly for free by using Stripe Checkout and AWS Lambda.

Build a simple Twitter Bot with Node.js in just 38 lines of code

Tutorials don’t have to be complicated. Together we’ll **build a simple Twitter favorite bot with Node.js in just 38 lines of code.**You might want to check out Part 2 — Do more.

Network Protocols — Programmer’s Compendium

If you want to understand the underlying principles of networks, this is for you.

The network stack does several seemingly-impossible things. It does reliable transmission over our unreliable networks, usually without any detectable hiccups. It adapts smoothly to network congestion. It provides addressing to billions of active nodes. It routes packets around damaged network infrastructure, reassembling them in the correct order on the other side even if they arrived out of order. It accommodates esoteric analog hardware needs, like balancing the charge on the two ends of an Ethernet cable.

Bits and pieces

Check out how the printers secret tracking dots allowed FBI investigators to track down who printed classified documents that leaked last week. Russian hackers used Britney Spear’s Instagram account to conceal malware in such a clever way!

If you have a Raspberry Pi, I hope you changed your default password (and updated Samba) because there’s a malware that might use your Pi to mine cryptocurrencies. Also see how highly advanced hackers (ab)used satellites to stay under the radar.

Wordpress 4.8 “Evans” is out, check it out and update. Despite what you might have read, you can still use deep learning in (some) small data settings, if you train your model carefully. See how the Trump-Russia data machine games Google to fool americans.

There’s a new Mozilla poll and Americans from both political parties overwhelmingly support Net Neutrality. If you are still reading this, you might want to treat Facebook as the private walled garden that it is.

Elon Musk quits White House Advisory Councils, US intelligence agencies still stuck at protecting sensitive data and China’s AI efforts might soon outsmart America.

---

Around the web

Elon Musk Quits White House Advisory Councils In Wake Of Trump’s Decision To Pull Out Of Paris Climate Accord

Trump keeps proving that he doesn’t understand how the world works and puts us all at risk. Glad to see Elon Musk (and Bob Iger) making a statement by leaving his councils.

On Wednesday, amid reports that President Trump planned to withdraw the U.S. from the landmark Paris Climate Accord, Musk said that if the president fulfilled that promise he would have “no choice” but to quit the White House advisory councils on which he serves. One day later, both billionaires have made good on their threats. Trump announced Thursday that he will remove the U.S. from its place as a participant in the Paris deal, and Musk promptly tweeted that he will no longer serve on the president’s councils.

Wikipedia’s Switch to HTTPS Has Successfully Fought Government Censorship

Wikipedia’s latest move makes censorship harder (or at least doesn’t allow half-measures — you either block Wikipedia entirely or you don’t at all).

In short, HTTPS prevents governments and others from seeing the specific page users are visiting. For example, a government could tell that a user is browsing Wikipedia, but couldn’t tell that the user is specifically reading the page about Tiananmen Square. (…) Due to how this protocol works, governments could no longer block individual Wikipedia entries. It was an all or nothing deal.

A Secretive Intelligence Agency, A High-Flying Contractor — And A Big Data Breach

This is what happens when you drop files in an unsecured Amazon S3 bucket. Or the tale of NGA contractors that leaked highly sensitive DoD files like amateurs…

The revelation of exposed and highly sensitive data involving an intelligence agency tasked with everything from battlefield imaging in Afghanistan to satellite surveillance of North Korea’s ballistic missile arsenal comes at a frighteningly tense time for international relations.

Accused of underpaying women, Google says it’s too expensive to get wage data

Google officials testified in court that it would have to spend up to 500 hours of work and $100,000 to comply with investigators’ ongoing demands for wage data. It’s not like Google can’t afford it…

Google argued that it was too financially burdensome and logistically challenging to compile and hand over salary records that the government has requested, sparking a strong rebuke from the US Department of Labor (DoL), which has accused the Silicon Valley firm of underpaying women.

Technology

Is China Outsmarting America in A.I.?

While Trump screams to make America great again, China seems to think that AI is a race and America doesn’t. Makes me think of the the whole Soviet vs. America space conquest.

China’s ambitions mingle the most far-out sci-fi ideas with the needs of an authoritarian state: Philip K. Dick meets George Orwell. There are plans to use it to predict crimes, lend money, track people on the country’s ubiquitous closed-circuit cameras, alleviate traffic jams, create self-guided missiles and censor the internet.

The Evolution Of The Bitcoin/Blockchain Narrative

Fascinating article about how the perception of cryptocurrencies and blockchain has evolved over time.

How Your Data is Stored, or, The Laws of the Imaginary Greeks

Fascinating, entertaining and extremely clear explanation of Distributed Consensus and how data storage works. If you are computer scientist, check out the original Paxos algorithm paper here.

If you don’t work in computers, you probably haven’t spent much time thinking about how data gets stored on computers or in the cloud. (…) if you have a piece of data that many people want to read and edit at once, like a shared text file, a bank’s records, or the world in a multiplayer game, how does everyone agree on what’s in the document, and make sure that nobody overwrites someone else’s work? This is the problem of “distributed consensus,”

The best Data Science courses on the internet

It’s all in the title!

The Making of the Weighted Pivot Scatter Plot

See how and why to use interactive Weighted Pivot Scatter Plot charts.

Web development / Web design

The Hitchhiker’s Guide to d3.js

Great advanced d3.js tutorial (including a lot of API use) and lots of useful links and resources.

This guide is meant to prepare you mentally as well as give you some fruitful directions to pursue. There is a lot to learn besides the d3.js API, both technical knowledge around web standards like HTML, SVG, CSS and JavaScript as well as communication concepts and data visualization principles.

Building a Slack bot for channel topic detection using word embeddings

Don’t we all need this!? But on a more serious note, very interesting use of machine learning.

Slack Maestro, a bot that learns the topics of different channels, monitors conversations, and warns users when they go off topic. The bot relies on an implementation of Word Mover’s Distance, introduced at the leading machine learning conference NIPS in 2015, and word embeddings.

The Calculus of Service Availability

Fascinating article about service availability. Like they say, you’re only as available as the sum of your dependencies!

A service cannot be more available than the intersection of all its critical dependencies. If your service aims to offer 99.99% availability, then all of your critical dependencies must be significantly more than 99.99% available. Internally at Google, we use the following rule of thumb: critical dependencies must offer one additional 9 relative to your service — in the example case, 99.999% availability — because any service will have several critical dependencies, as well as its own idiosyncratic problems. This is called the “rule of the extra 9.”

Bits and pieces

Read how truly intelligent enemies could change the face of gaming. It’s been fixed since but check out Judy Malware: Possibly the largest malware campaign found on Google Play.

Very interesting article about edge caching and how Data Science Helps Power Worldwide Delivery of Netflix Content. Don’t miss this guy that has built a programmable 8-bit computer from scratch on breadboards using only simple logic gates!! A motorcycle gang got busted for hacking and stealing over 150 Jeep Wranglers.

If you have a hard time understanding how blockchain works, check out this article about exchanging apples for oranges. If you’re familiar with Vue.js, you might be interested in reading this interview with it’s creator, Evan You. In a world where the governments and companies spy on you, trust only yourself and build your own VPN! And finally, see How Alleged Russian Hacker Teamed Up With Florida GOP Operative.

We’re running out of bitcoins, artificial intelligence might influence your political choices and so are Russian hackers!

---

Around the web

Data Trove Exposes the Injustices of Criminal Justice

A new tool called Measures for Justice makes court data more accessible. Finally!

Bach set off on a multi-year, labor-intensive effort to build a free, public tool that would make the many injustices in the court system a little bit tougher to ignore. Measures for Justice launches today with deep data dives on more than 300 county court systems(…) It pulls together the data that has traditionally remained hidden in ancient databases and endless Excel spreadsheets. Even with just six states included, the comprehensiveness of the platform surpasses anything similar that currently exists. Measures for Justice compiles granular data for 32 different metrics that indicate how equitable a given county’s justice system might be.

Facebook’s internal rulebook on sex, terrorism and violence

Hard not to cringe at some (most?) of the rules. IMHO some make a lot of sense, others are just confusing and sometimes very questionable. More on guardian.com/news/series/facebook-files.

The Guardian has seen more than 100 internal training manuals, spreadsheets and flowcharts that give unprecedented insight into the blueprints Facebook has used to moderate issues such as violence, hate speech, terrorism, pornography, racism and self-harm.

How Privacy Became a Commodity for the Rich and Powerful

Thought-provoking article about something we all already know: if it’s free, you’re the product!

Such privacy costs often become clear only after they’ve already been paid. Sometimes a private citizen is caught up in a viral moment and learns that a great deal of information about him or her exists online, just waiting to be splashed across the news — like the guy in the red sweater who, after asking a question in a presidential debate, had his Reddit porn comments revealed.

Russia’s US Social Media Hacking: Inside the Information War

It’s scary to think that at any given moment Pentagon Twitter accounts might send out false information. See how Russia’s hacking efforts keep evolving.

The report said the Russians had sent expertly tailored messages carrying malware to more than 10,000 Twitter users in the Defense Department. Depending on the interests of the targets, the messages offered links to stories on recent sporting events or the Oscars, which had taken place the previous weekend. When clicked, the links took users to a Russian-controlled server that downloaded a program allowing Moscow’s hackers to take control of the victim’s phone or computer–and Twitter account.

Cambridge Analytica-style psychographic profiling and voter influence are just in their infancy

Curious to see how artificial intelligence will influence upcoming elections around the world. This is just the beginning.

CA [Cambridge Analytica] claims to have “up to 5,000 data points on over 230 million American voters,” which it uses to create psychological profiles for “micro-targeted” ad campaigns designed to appeal to each person emotionally. It’s been credited with helping bring about both a Donald Trump presidency and the Brexit vote. (…) Regardless of how well CA performed in 2016, the methods that companies like it use will only get more precise.

Google starts tracking offline shopping — what you buy at stores in person

Very interesting from a marketing point of view. Curious how far we’ll be able to go and how they will manage privacy issues around this.

Google already monitors your online shopping — but now it’s also keeping an eye on what you’re buying in real-world stores as part of its latest effort to sell more digital advertising. The analysis will be done by matching the combined ad clicks of people who are logged into Google services with their collective purchases on credit and debit cards. Google says it won’t be able to examine the specific items bought or how much a specific individual spent.

Technology

New kids on the blockchain: A surge in the value of crypto-currencies provokes alarm

It was bound to happen: bitcoin’s capacity has reached it’s limit and we are now facing new challenges.

Not that many bitcoins exist: there are about 16.3m of them, with only 1,800 new ones minted every day. But growing demand has pushed bitcoin’s price to a record recent high of about $1,830, up from $450 a year ago. Problems abide. Earlier this year some of the biggest exchanges, such as Bitfinex, experienced problems with their correspondent banks and were unable to pay out real-world currencies to account-holders. To get their money out, they had to buy bitcoin and exchange them elsewhere. Yet the market is becoming more mature: institutional investors, from family offices to hedge funds, have become more comfortable with crypto-currencies.

Meet These Incredible Women Advancing A.I. Research

Refreshing!

Artificial intelligence research benefits from diversity, inclusion, and cross-disciplinary thinking. Meet 20+ women leading innovation and promoting diversity in the AI industry.

There are bots. Look around.

See how what happened in finance (algorithmic manipulation and disinformation campaigns) can apply to the market of ideas. Fascinating!

Something very similar happened in finance with the advent of high-frequency trading (…): technology was used to distort information flows and access in much the same way it is now being used to distort and game the marketplace of ideas.(…) the intersection of automation and social networking has given us manipulative bots and an epidemic of “fake news”. Just as HFT was a simplified boogeyman for finance, “fake news” is an imprecise term used to describe a variety of disingenuous content: clickbait, propaganda, misinformation, disinformation, hoaxes, and conspiracy theories.

A16Z AI Playbook

Frank Chen’s brilliant playbook on deep learning and artificial intelligence. Also check out his awesome video The Promise of AI.

This microsite is intended to help newcomers (both non-technical and technical) begin exploring what’s possible with AI (…) a resource for anyone asking those questions, complete with examples and sample code to help you get started.

The largest Git repo on the planet

That’s a hell of a repo!

The Windows code base is approximately 3.5M files and, when checked in to a Git repo, results in a repo of about 300GB. Further, the Windows team is about 4,000 engineers and the engineering system produces 1,760 daily “lab builds” across 440 branches in addition to thousands of pull request validation builds. All 3 of the dimensions (file count, repo size and activity), independently, provide daunting scaling challenges and taken together they make it unbelievably challenging to create a great experience.

Web development / Web design

Nick Craver — HTTPS on Stack Overflow: The End of a Long Road

See how a large-scale website switches entirely to https.

Fair warning: This is the story of a long journey. Very long. (…) While Stack Exchange/Overflow is not unique in the problems we faced along the way, the combination of problems is fairly rare. (…) It’s hard to structure such an intricate dependency chain into a chronological post, so I’ll break this up by topic: infrastructure, application code, mistakes, etc.

How to Go From Hobbyist to Professional Developer

A struggle a lot of people in our field are going (or went) through.

An important part of my transition into a professional developer role was viewing the time I spent with my previous company as an apprenticeship. I learned as much as I could. The real-world knowledge gained from working at a company is invaluable. Knowing how to work with clients, coworkers, and within constraints is essential. This is something you can only learn in the field.

Node.js Streams: Everything you need to know

Node.js streams have a reputation for being hard to work with, and even harder to understand. Well I’ve got good news for you — that’s no longer the case.

Streams are collections of data — just like arrays or strings. The difference is that streams might not be available all at once, and they don’t have to fit in memory. This makes streams really powerful when working with large amounts of data, or data that’s coming from an external source one chunk at a time.

Bits and pieces

See how Montreal’s rapidly growing artificial-intelligence sector is transforming the city into a Silicon Valley of AI. ⚠️ Update your VLC and Popcorn-Time because subtitles could allow hackers take control of your computer.

Also, Facebook’s tentacles reach further than you think. If you think the internet is broken, check the Blockstack Browser: A Gateway to a New, Decentralized Internet. The WannaCry ransomware hackers made some major mistakes that prevented them from making millions.

If you do product development: your SaaS might not be charging enough. Someone tested internet security at four Trump properties and it’s not good. Last but not least, see how VC’s talk differently about female entrepreneurs.

Thank the NSA for the WannaCrypt ransomware outbreak, see how Google wants a ‘AI-First’ world and unfortunately the FCC are still douchebags!

---

Around the web

😡 One Step Closer to a Closed Internet

Breaking: it’s the end of internet as we know it…

Today, the FCC voted on Chairman Ajit Pai’s proposal to repeal and replace net neutrality protections enacted in 2015. The verdict: to move forward with Pai’s proposal

💡 Everything you need to know about the WannaCry / WannaCrypt ransomware

Good summary of the whole WannaCry incident (or how the NSA exploits leaked a couple of weeks ago brought several major networks down worldwide). If you want, get into the deep technical details here. You might also be interested in this: Massive cryptocurrency botnet used leaked NSA exploits weeks before WCry and how it all got kinda fixed by accident.

Since the release of the ETERNALBLUE exploit by ‘The Shadow Brokers’ last month security researchers have been watching for a mass attack on global networks. This came on Friday 12th May when it was bundled with ransomware called WanaCrypt0r and let loose. Initial reports of attacks were highlighted by Telefonica in Spain but the malware quickly spread to networks in the UK where the National Health Service (NHS) was impacted, followed by many other networks across the world.

🚀 Google, Not the Government, Is Building the Future

Nothing really new here but there definitely is a gap between governments and private corporations when it comes to cutting-edge technologies. This raises the question of who will own the future.

Technology giants, not the government, are building the artificially intelligent future. And unless the government vastly increases how much it spends on research into such technologies, it is the corporations that will decide how to deploy them.

Technology

🎧 “MP3 is dead” missed the real, much better story — Marco.org

The Fraunhofer Institute for Integrated Circuits — the German agency that invented the mp3 format and licenses it — has officially terminated its licensing program. Some say it’s the end of MP3, Marco Arment doesn’t agree.

Very few people got it right. The others missed what happened last month: If the longest-running patent mentioned in the aforementioned references is taken as a measure, then the MP3 technology became patent-free in the United States on 16 April 2017 when U.S. Patent 6,009,399, held by and administered by Technicolor, expired.

📱 Collecting huge amounts of data with WhatsApp

WhatsApp opened a door for misuse of their service when they started WhatsApp web, see how it works.

Creating a database of phone numbers, profile pictures and status information of almost all users of WhatsApp turns out to be very easy . The user doesn’t even have to be added to your contacts. This should raise at least some privacy concerns and hopefully a lot more.

📦 Spotting a million dollars in your AWS account

If you’ve ever worked with AWS you know it can be a pain (and a struggle) to control (or even track down) your costs. Here is how to do it. You might also be interested in Segment’s article on how to save big money on your AWS bill.

You can easily split your spend by AWS service per month and call it a day. Ten thousand dollars of EC2, one thousand to S3, five hundred dollars to network traffic, etc. But what’s still missing is a synthesis of which products and engineering teams are dominating your costs.

👩🏼‍🏫 How we taught dozens of refugees to code, then helped them get developer jobs

Brilliant, inspiring and heartwarming initiative!

The opportunity we saw was the following: why not teach refugees web development while they are waiting in a camp? That way they would possess in-demand skills once they receive their asylum, and they can turn around and use those skills to find work.

Web development / Web design

⛵️ How Etsy Ships Apps

Fascinating to see how it’s done at Etsy!

A group of engineers (which we call a push train) and a designated driver all shepherd their changes to a staging environment, and then to production. At each checkpoint along that journey, the members of the push train are responsible for testing their changes, sharing that they’re ready to ship, and making sure nothing broke. Everyone in that train must work together for the safe completion of their deployment. And this happens very frequently: up to 50 times a day.

⛓ Web Developer Security Checklist

We’re (almost) all guilty of considering security as a side-project and it’s very very scary!

If you have drunk the MVP cool-aid and believe that you can create a product in one month that is both valuable and secure — think twice before you launch your “proto-product”. After you review the checklist below, acknowledge that you are skipping many of these critical security issues. At the very minimum, be honest with your potential users and let them know that you don’t have a complete product yet and are offering a prototype without full security.

🛒 How to design a habit-forming shopping experience

How to trigger that buying behavior!

Designing for e-commerce is an unforgiving task. Consumers (…) are inherently price-conscious. From mobile phone accessories to televisions, the cheapest listing wins. (…) how do you create loyal customers? How do you build a shopping experience that would help curb bargain-chasing, convenience-focused behavior?

🔨 After building my first React Native app, I’m now convinced it’s the future.

Hands-on example of building a React Native app.

A common reservation among developers is that they don’t want to invest the time to learn a new technology if there’s a strong chance it will become obsolete in the near future. Even from my relatively minimal experience with React Native, I’ve found it to be an enormously powerful tool. I am confident it will be used in the years to come.

📈 Design Better Data Tables

Data is useless without the ability to visualize and act on it. The success of future industries will couple advanced data collection with a better user experience, and the data table comprises much of this user experience. Good data tables allow users to scan, analyze, compare, filter, sort, and manipulate information to derive insights and commit actions.

Bits and pieces

Take a look at Apple’s New Campus. If you have time (and a huge coffee), go read Physiognomy’s New Clothes about the risks of training on biased data and the scientific racism that appears with it.

Interesting interview with Ross Anderson (security engineering prof. at Cambridge University) on the digital revolution, cybersecurity, hacking, crime, network effects and game theory. See how new digital tools mean that hackers don’t even need to have any skills to wage cyberattacks anymore.

Continue with how the new Persirai botnet uses exploit to infect 120,000+ connected cameras. And finish with the necessary preparation for the cyberattack that will knock out U.S. power grids. Oh yes, also, plenty of pleasure to come if the U.S. actually expands the airline laptop ban to Europe.

Let’s diversify the AI community before it gets biased, data visualization is not dead and data is obviously the new oil.

---

Around the web

🤓 Melinda Gates and Fei-Fei Li Want to Liberate AI from “Guys With Hoodies”

Melinda Gates and Fei-Fei Li discuss the promises of artificial intelligence, and how to diversify the field.

If we don’t get women and people of color at the table — real technologists doing the real work — we will bias systems. Trying to reverse that a decade or two from now will be so much more difficult, if not close to impossible.

⛽ Fuel of the future: Data is giving rise to a new economy

The parallels between oil and data are fascinating. See how our world revolves around data and the challenges that come with it.

Data are to this century what oil was to the last one: a driver of growth and change. Flows of data have created new infrastructure, new businesses, new monopolies, new politics and — crucially — new economics. Digital information is unlike any previous resource; it is extracted, refined, valued, bought and sold in different ways. It changes the rules for markets and it demands new approaches from regulators.

💥 This is how Google will collapse

Interesting perspective on how Google will need to reinvent itself to survive. I don’t agree with everything but it’s definitely worth reading.

Reporting from the very near, post-Google future. Google made almost all its money from ads. It was a booming business — until it wasn’t. Here’s how things looked right before the most spectacular crash the technology industry had ever seen.

Technology

⛓ Blockchain: The Missing Link Between Genomics and Privacy?

Koepsell elaborates on the ethical problems around genomics and how the blockchain could help secure the privacy of people getting their DNA tested.

Complicating the privacy issue is the fact that there’s no clear legal owner of genomic data; that data was found to be unpatentable and, because it lacks authorship or a creator (legally), cannot be copyrighted. The reason bitcoin is so useful and valuable is that the blockchain creates a distributed ledger: an immutable, distributed record which is also nearly impossible to hack. The owner of a bitcoin account has absolute control over their asset.

😬 Someone scraped 40,000 Tinder selfies to make a facial dataset for AI experiments

Tinder’s API seems pretty easy to exploit but privacy issues aside, this is very interesting data!

A user of Kaggle, a platform for machine learning and data science competitions which was recently acquired by Google, has uploaded a facial data set he says was created by exploiting Tinder’s API to scrape 40,000 profile photos from Bay Area users of the dating app — 20,000 apiece from profiles of each gender.

🤖 This Computer Language Is Feeding Hacker Values into Young Minds

I learned programming with Logo, then Basic and Turbo Pascal but I wish we had Scratch back then!

At 10, Scratch is a popular tool to teach kids programming. But its real glory is how it imparts lessons in sharing, logic, and hackerism.

Web development / Web design

📈 Data Visualization “Versus” UI and Data Science

Interesting take on the how data visualization relates to its “adjacent fields” that are UX/UI and data science.

Effective data visualization design borrows from principles of good UI design. This is true for static as well as interactive data vis. Static infographics and chart makers borrow from UI and visual design techniques, for sure: layout, typography, color, content design, contrast, etc.

📊 How (and why) to use D3 with React

If you’re planning to build a React app with more than a few simple data visualizations, you’ll probably want to pick an approach that:

• is well-documented, proven, and under active development
• has a relatively expressive interface– meaning it lets you write custom data graphics with just enough verbosity to express what you want
• plays well with React (…) doesn’t need to directly mutate the DOM
• gives you plenty of freedom to customize it

🖼 Storyboarding in UX Design

We synthesise our research into user stories and process flows. We communicate our thinking and solutions to our teams with (…) personas and wireframes. But somewhere in all of this lies the real people for whom we’re designing. In order to make our product better, we must understand what’s going on in their worlds and how our product can make their lives better. And that’s where storyboards come in.

🏗 Don’t mess up your grid like Medium

If you like (or struggle with) grids, this is for you!

When we first created covers for our Medium articles, we noticed that on different pages, they are cropped with a lot of different aspect ratios.

👩🏼‍🏫 We asked 20,000 people who they are and how they’re learning to code

More than 20,000 people responded to our 2017 New Coder Survey, granting researchers an unprecedented glimpse into how adults are learning to code.

• 62% of them live outside the US
• their average age is 28 years old
• 19% are women
• They’ve been coding for an average of 21 months
• 25% have already landed their first developer job

Bits and pieces

234 Android Applications Are Currently Using Ultrasonic Beacons to Track Users and that sucks. You probably shouldn’t trust your insurance’s GPS beacon. Also take a look at Google’s “Fuchsia”, their mysterious third operating system but this time it’s based on Linux! You have a great startup idea? Check first if someone hasn’t done it and failed.

Experiment with the Instacart Online Grocery Shopping Dataset 2017 (anonymized dataset of over 3 million grocery orders from more than 200,000 Instacart users). Google has successfully defended itself from a $9 billion lawsuit from Oracle.

And finally, make sure you read why the Next 6 Days Are Critical to the Internet’s Future (yes, yes, a net neutrality article again).

Governments keep ruining our freedom and rights, hackers are getting even smarter and we still have a lot to learn about artificial intelligence.

---

Around the web

🔒 Turkey blocks Wikipedia under law designed to protect national security

Nothing new there but definitely not good for democracy and human rights.

Turkey has blocked Wikipedia, the country’s telecommunications watchdog has said, citing a law that allows it to ban access to websites deemed obscene or a threat to national security. Later on Saturday, Turkish authorities said they had sacked more than 3,900 civil servants, and military and police personnel as the purge of alleged anti-government officials continued (…) [This move] is likely to further worry rights groups and Turkey’s western allies, who say Ankara has curtailed freedom of speech and other basic rights in the crackdown that followed last year’s failed coup.

🔑 FBI director Comey backs new Feinstein push for decrypt bill

How much privacy are you ready to loose for national security? Not sure they’re entirely honest and backdoors or encryption restrictions might still be the most appealing choices for them.

“We’ve had very good open and productive conversations with the private (…) because everybody realizes we care about the same things. We all love privacy, we all care about public safety and none of us want backdoors — we don’t want access to devices built in in some way. What we want to work with the manufacturers on is to figure out how can we accommodate both interests in a sensible way,”

🕶 NSA Backs Down on Major Surveillance Program That Captured Americans’ Communications Without a Warrant

Some good news for our privacy.

Under pressure from the secret court that oversees its practices, the NSA said its “upstream” program would no longer grab communications directly from the U.S. internet backbone “about” specific foreign targets — only communication to and from those targets (…) essentially abandoning a bulk surveillance program that captured vast amounts of communications (…) and turning instead to a still extensive but more targeted approach.

📰 Why the Odds Are Stacked Against the Jimmy Wales Journalism Project

Not everybody shares Jimmy Wales optimism about Wikitribune.

“There’s certainly a model for non-profit news that can be successful if it’s done on a relatively small scale and produces a product that is unique enough,” Benton said. “But I have a hard time seeing this scale up into becoming a massive news organization.”

📈 The global state of digital advertising in 5 charts

Short summary of the last Interaction 2017 report (get the full report here).

Digital advertising is expected to account for 77 cents of each new ad dollar in 2017(…) Unsurprisingly, Google and Facebook are leading the pack. More than two-thirds of global ad spend growth from 2012 to 2016 came from those two companies.

👩🏼‍🚀 WIRED Next List 2017: 20 Tech Visionaries Who Are Creating the Future of Business

*The women and men in these pages are the technical, creative, idealistic visionaries who are bringing the future to your doorstep. You might not recognize their names — they’re too busy working to court the spotlight — but you’ll soon hear about them a lot. They represent the best of what’s next.

😶 I’m an ex-Facebook exec: don’t believe what they tell you about ads

No matter how inaccurate the report might be, Facebook needs to do something about how they use ads targeting in unethical ways.

Facebook claimed the report was misleading, assuring the public that the company does not “offer tools to target people based on their emotional state”. If the intention of Facebook’s public relations spin is to give the impression that such targeting is not even possible on their platform, I’m here to tell you I believe they’re lying through their teeth.

🙅 Facebook rejects female engineers’ code more often

Facebook claims it’s related to rank and not gender but it stills shows how diversity remains an issue at Facebook (and other tech companies).

That implies that, at the very least, one of the two situations is true: female employees have a harder time contributing to Facebook’s code base due to scrutiny from male colleagues, or that those employees are not obtaining higher ranking engineering roles that would allow for more code commits due to any number of factors.

💳 There Is a Fake IDGod, and He Lives in China

Both worrying and fascinating. Gotta love the McLovin / Superbad reference!

A group of Chinese men — they may be gangsters or involved in organized crime, no one really knows for sure — formed IDChief, a huge fake ID operation that sold to teens in the U.S.

📱Thieves drain 2fa-protected bank accounts by abusing SS7 routing protocol

Brilliant yet very scary way of bypassing two-factor authentication.

In January, thieves exploited SS7 weaknesses to bypass two-factor authentication banks used to prevent unauthorized withdrawals from online accounts (…) the attackers used SS7 to redirect the text messages the banks used to send one-time passwords. Instead of being delivered to the phones of designated account holders, the text messages were diverted to numbers controlled by the attackers.

💸 Meet the Hackers Holding Netflix to Ransom

The Dark Overlord attempted to extort plenty of companies before targeting Netflix. See how their operations evolved in a over a year.

Last week, a hacker or group of hackers dumped apparent full episodes of Orange Is the New Black after Netflix allegedly declined to pay a ransom, and has threatened to release a number of other shows too, including Celebrity Apprentice, New Girl, and The Catch

Technology

🗿 The Myth of a Superhuman AI

Debunking the myth of a superhuman artificial intelligence: Hyper-intelligent algorithms are not going to take over the world for these five reasons.

1. Intelligence is not a single dimension, so “smarter than humans” is a meaningless concept.
2. Humans do not have general purpose minds, and neither will AIs.
3. Emulation of human thinking in other media will be constrained by cost.
4. Dimensions of intelligence are not infinite.
5. Intelligences are only one factor in progress.

🇰🇵 All That Glitters Is Not Gold: A Closer Look at North Korea’s Ullim Tablet

We seem concerned with privacy issues when creating backdoors, they don’t really mind.

Ullim also includes a watermarking system that was first discovered in the Red Star Operating System, the North Korean-developed version of Linux. It records the time and computer registry into a file each time it is opened. So, if a file is shared from person to person, someone in possession of the final copy can examine the watermarking data to determine how it spread from person to person. On a mass scale, this data can be used to plot entire social networks of people.

🤖 IoT Security Anti-Patterns

With the very large-scale IoT botnet DDoS attacks we’ve seen these last years, securing connected devices at the lowest layer possible has become mandatory.

Internet-of-Things technologies inherit many attack vectors that appear in other internet connected devices, however the low-powered hardware-centric nature of embedded systems presents them with unique security threats. Engineers building Internet-of-Things devices must take additional precautions to ensure they do not implement security anti-patterns when addressing new problems.

🐯 How to autoencode your Pokémon

Learn more about autoencoders with…Pokémons!

An autoencoder is a special type of neural network that takes in something, and learn to represent it with reduced dimensions. Think of it like learning to draw a circle to represent a sphere. (…) You can do this because you’ve subconsciously learnt to autoencode a 3 dimensional sphere as a 2 dimensional circle.

🤓 How to build a recommendation engine using Apache’s Prediction IO Machine Learning Server

If you’re out of inspiration for your DIY Sunday:

This post will guide you through installing Apache Prediction IO machine learning server. We’ll use one of its templates called Recommendation to build a working recommendation engine. The finished product will be able to recommend customized products depending upon a given user’s purchasing behavior.

📱Facebook’s fastText library is now optimized for mobile

This morning Facebook’s AI Research (FAIR) lab released an update to fastText, its super-speedy open-source text classification library. When it was initially released, fastText shipped with pre-trained word vectors for 90 languages, but today it’s getting a boost to 294 languages. The release also brings enhancements to reduce model size and ultimately memory demand.

Web development / Web design

🎂 SQL is 43 years old — here’s 8 reasons we still use it today

Happy birthday SQL!

SQL is the second-most common programming language, used by 50% of all developers (Web, Desktop, Sysadmin/DevOps, Data Scientist/Engineer) and beaten only by JavaScript — a language half the age of SQL.

👮🏻The alarming state of secure coding neglect

If you’re working in web development you know you’re probably a little guilty too, right? ;)

Only a quarter to a half of organizations do what their own programmers say is needed for the security of their code: automated code scans, peer security code reviews, and further code reviews by security experts. That’s one of the key findings in a survey of 430 professionals — mostly everyday programmers (…)

🗯 A step-by-step guide to making pure-CSS tooltips

This article is a step-by-step tutorial that will help you understand how to make pure-CSS tooltips. Simple and clean.

🚛 Why and How to Use Docker for Development — Travis on Docker

Some very good reasons to use Docker for development. Here are a couple:

• The development environment is the exact same as the production.
• Use multiple language versions without having to resort to all the hacks.
• Deployment is easy.

📊 How to prevent your analytics data from being blocked by ad blockers

How to get around ad blockers went it comes to tracking your visitors.

If you’ve tried using analytics solutions like Google Analytics, you may have faced an issue where your analytics collection was blocked by ad blockers. According to PageFair, up to 30% of Internet users use ad blockers in 2017, and this number is constantly growing.

📉 A Better Way to Code — Mike Bostock

If we can’t eliminate coding, can we at least make it easier for humans, with our sausage fingers and finite-sized brains?

To explore this question I am building an integrated discovery environment called d3.express. It’s for exploratory data analysis, for understanding systems and algorithms, for teaching and sharing techniques in code, and for sharing interactive visual explanations.

📚 JavaScript Arrays and Objects Are Just Like Books and Newspapers

If you’ve always been confused about the difference between arrays and objects, today is your lucky day!

Choosing between an object and an array gets much easier when you can quickly determine the purpose of each structure. Arrays closely fit the way that books store information. And objects fit the way that newspapers store information.

Journalism struggles with new formats and fake news, Google takes a swing at ad blockers and we need to keep talking about diversity and inclusion in the tech industry!

---

Around the web

🔍 Wikipedia’s Jimmy Wales creates news service Wikitribune

A new interesting attempt at tackling fake news (and how it impacts journalism).

His goal is for Wikitribune to offer “factual and neutral” articles that help combat the problem of “fake news”. The service is intended to be both ad-free and free-to-read, so will rely on supporters making regular donations. (…) can the spirit of public participation that drove an online encyclopaedia also drive online news? We don’t know, because the fascinating thing about Wikitribune (…) is that it isn’t just reinventing the commercial model for journalism: it’s reinventing the editorial one too.

🗞 The Guardian pulls out of Facebook’s Instant Articles

Facebook’s Instant Articles were supposed to transform journalism but it looks like they failed. Head over to the Verge’s Instant recall for an in-depth analysis.

Publishers aren’t happy with the deal platforms are cutting them. Now, the Guardian has dropped both Facebook’s fast-loading Instant Article format and will no longer publish content on Apple News.

👊🏼 How Google Blocked A Guerrilla Fighter In The Ad War

See AdNauseum’s struggle against Google and how their possible move to add ad-filtering to Chrome could bring them even closer to monopoly in the ad market.

The team suspected a simpler motive behind Google’s decision: AdNauseum directly conflicts with the way that the company makes most of its money. Google and its parent company, Alphabet (…) has taken a largely hands-off approach to the potentially existential threat of ad blockers (…) it now plans to include “ad-filtering” software pre-installed in Chrome — an “if you can’t beat ’em, join ’em” approach to making the web less annoying.

🎶 Spotify acquires blockchain startup Mediachain to solve music’s attribution problem

I won’t get into the debate around streaming music but this is yet another great use of blockchain technology.

Prior to its acquisition, the startup had developed several technologies that could aid in these efforts, including a decentralized, peer-to-peer database to connect applications with media and the information about it, as well as an attribution engine for creators, and a cryptocurrency that rewards creators for their work.

💸 How Online Shopping Makes Suckers of Us All

Have you ever bought a plane ticket without using your browser’s Incognitomode? Then you know exactly what this article is about! Or how your online shopping habits and the data trail you leave behind is used to trick you into paying more.

Many moons ago, there used to be one price for something,” Dolan notes. Now the simplest of questions — what’s the true price of pumpkin-pie spice? — is subject to a Heisenberg level of uncertainty. Which raises a bigger question: could the internet, whose transparency was supposed to empower consumers, be doing the opposite.

👩🏽‍🔬 Why is Russia so good at encouraging women into tech?

This is the proof that we are not doomed and could see more women in the tech workspace. Also, the Kode with Klossy applications are open, apply before May 1st!

Based on interviews with 11,500 girls and young women across Europe, it finds their interest in these subjects drops dramatically at 15, with gender stereotypes, few female role models, peer pressure and a lack of encouragement from parents and teachers largely to blame. Not so in Russia.

💪🏼 The fight for net neutrality isn’t over

Maybe it’s not too late to fight back!

It’s a continuing fight, and there’s opportunity to influence policy at every step. Comment on the FCC public docket. Call representatives. Just participating in the fight at all is one of the biggest steps any one person can do. Public opposition is part of what killed the controversial Stop Online Piracy Act (SOPA) in 2012 with grassroots organizations as well as companies like Google and Facebook opposing such a broad expansion of online copyright infringement policies.

🏨 Your hotel room photos could help catch sex traffickers

See how your hotel room photos can help catch sex traffickers by using TraffickCam’s pattern recognition software.

TraffickCam’s image analysis tools transform the photos into a number of data points, using features such as patterns on the carpet, paintings on the wall and landmarks out of the window. The various data points in the photos play an important role in matching the location.

📚 Massive Open Online Courses used to be 100% free. But they didn’t stay that way.

Well that sucks… Not that it’s surprising, really.

Without true innovation in pricing, it will be difficult for MOOCs to reach the people who could benefit from them the most.

Technology

💥 This Hacker Is My New Hero

Hack the world! And brick any unprotected connected device to bring down the permanent-denial-of-service (PDoS) botnets.

BrickerBot, as the name implies, will brick internet of things (IoT) devices that fail a simple security test. This is surely illegal, but I love it.

🏆 10 Breakthrough Technologies 2017

My favourites?  Reversing Paralysis, Practical Quantum Computers and Hot Solar Cells!

These technologies all have staying power. They will affect the economy and our politics, improve medicine, or influence our culture. Some are unfolding now; others will take a decade or more to develop.

⛓ Introducing Token

The worlwide and open protocols compliant version of WeChat.

Token is a combination of a few things. It is: A private and secure messaging app A user controlled Ethereum wallet A browser for Ethereum apps

🖼 PhotoScan: Taking Glare-Free Pictures of Pictures

Take a look at how PhotoScan gets rid of glare on photo prints.

To create this feature, we developed a unique blend of computer vision and image processing techniques that can carefully align and combine several slightly different pictures of a print to separate the glare from the image underneath.

⚙️ Hardware Fundamentals: what exactly is a microcontroller?

If Raspberry Pi, Arduino and the IoT ring a bell, this article is probably for you.

At the fundamental level, a microcontroller is a just tiny computer. (…)* *Many people associate microcontrollers with Arduino. But it’s important to point out that Arduino is not a microcontroller. Arduino is a complete platform which spans across software and hardware

Web development / Web design

🤝 Codeland — the most inclusive developer conference yet

More conferences like this, please!

Even though the event was aimed at everyone, women easily outnumbered men — something I’ve never experienced before at a tech conference. Codeland’s tickets were relatively inexpensive, so it drew a much wider socio-economic cross-section of developers and people learning to code than a typical tech conference.

📓 Stanford’s intro to CompSci course adopts JavaScript, bins Java

Finally!

In early April, Stanford University began piloting a new version of its introductory computer science course, CS 106A. The variant, CS 106J, is taught in JavaScript rather than Java.

🏭 How leverage Local Storage to build lightning-fast apps

The eternal struggle.

Users love fast, responsive apps. (…) They just want to see updates immediately. Right now. And we as a developers should strive to provide that. So how can we? The solution: storing those changes locally, then synchronizing them with your servers from time to time. But this gets way more complex when things like connection latency is taken into account.

🎨 Painting with Code : Airbnb Design

Code as the core of your design system.

We’re excited to share a tool we built to help bridge the gap between designers and engineers working on design systems at scale. React-sketchapp is an open-source library that allows you to write React components that render to Sketch documents.

👨🏼‍🎨 CSS in JavaScript: The future of component-based styling

Interesting take on the matter. Curious to see if everyone agrees.

By adopting inline styles, we can get all of the programmatic affordances of JavaScript. This gives us the benefits of something like a CSS pre-processor (variables, mixins, and functions). It also solves a lot of the problems that CSS has, such as global namespacing and styling conflicts.

🖥 An Illustrated Guide for Setting Up Your Website Using Github & Cloudflare

You should read this if…

You want to setup custom redirects or other server configuration for free. You want to get your site on HTTPS but don’t know where to start. You’re overwhelmed with the amount of choices out there (like Netlify, Surge, BitBalloon, Now)

🔓 Tales of SugarCRM Security Horrors

SugarCRM seems as secure as my first PHP3 web app (and that is not a good thing). See why you should care about keeping your applications safe.

Phishing seems more inevitable than ever, AI and Deep Learning get more and more accessible and USAFacts gives the power back to the people.

---

Around the web

💯 Steve Ballmer Serves Up a Fascinating Data Trove

A little look at the story behind the very interesting USAFacts.

In an age of fake news and questions about how politicians and others manipulate data to fit their biases, Mr. Ballmer’s project may serve as a powerful antidote. (…) a person could look up just about anything: How much revenue do airports take in and spend? What percentage of overall tax revenue is paid by corporations? At the very least, it could settle a lot of bets made during public policy debates at the dinner table.

🔐 PGP public key and self-service postal kiosk expose online drug dealers

If you plan on selling heroin and cocaine on AlphaBay maybe you should generate a unique PGP key instead of using yours?

Initial analysis of DARKAPOLLO and AREA51’s public PGP key indicated that both keys were registered to the same email address: Adashc3l@gmail.com. A social-media search for the phrases Adashc3d31 and Adashc3d resulted in the discovery of a Twitter, Instagram, and Facebook account belonging to someone identified as “Ahmed Farooq” or “Ch. Ahmed Farooq”

🎣 Sneaky Exploit Allows Phishing Attacks From Sites That Look Secure

It gets harder and harder to protect yourself against phishing. Learn more about homograph attacks:

his particular vulnerability takes advantage of the fact that many domain names don’t use the Latin alphabet (…) When English-based browsers run into those URLs, they use an encoder called Punycode to render each character from a standardized library of character codes maintained by Unicode, the standards body for text online. This exploit takes advantage of that conversion process; phishers can appear to spell out a familiar domain name using a different URL and web server. (…) you can check the validity of sites by copying and pasting the URLs into a text editor. A spoofed URL only appears familiar, and actually uses an address beginning “www.xn–” that you can see outside the browser bar.

🍽 How Google eats a business whole

Google’s Featured Snippets can (and will) really damage small businesses that depend on search traffic. This is the sad tale of CelebrityNetWorth.com vs. Google.

🕸 Why Facebook Keeps Beating Every Rival: It’s the Network, of Course

One of the points that most people usually overlook:

Mr. Zuckerberg realized early on that the most important thing in his business was not necessarily creating the best new features. It doesn’t matter who invents digital mustaches. What matters is owning the biggest and most engaged network. And because he has the network, he always wins.

👮🏻 The Latest Dump of Alleged NSA Tools Is ‘The Worst Thing Since Snowden’

When the people who are supposed to protect you push you in the arms of the enemy. Apparently Microsoft has released a patch, so if you are using Windows you might want to update.

On Friday, the group known as The Shadow Brokers dropped the hacking equivalent of a bomb, or perhaps several bombs, giving hackers all over the world the tools to easily break into millions of Windows computers.

🇨🇦 Canada is North America’s up-and-coming startup center

Always nice to read about the great projects and compagnies born here.

Canada also boasts incredible support for entrepreneurs, both homegrown and international. Many household names, such as Slack, Hootsuite and Shopify — which may be mistakenly considered as U.S. products — hail from north of the border. This proves Canada is capable of delivering on startup success.

Technology

🤖 How to Make Scavenger Hunts More Fun with Artificial Intelligence

When scavenger hunts meet Alexa, AWS Rekognition and Polly. Fascinating DIY project!

I’ve written an app for Amazon’s Alexa platform that modernizes scavenger hunts. It leverages the latest available technology — including artificial intelligence tools like image and voice recognition.

💥 Our Machines Now Have Knowledge We’ll Never Understand

Lengthy but fascinating piece about letting Go.

We are increasingly relying on machines that derive conclusions from models that they themselves have created, models that are often beyond human comprehension, models that “think” about the world differently than we do. But this comes with a price. This infusion of alien intelligence is bringing into question the assumptions embedded in our long Western tradition. We thought knowledge was about finding the order hidden in the chaos. We thought it was about simplifying the world. It looks like we were wrong. Knowing the world may require giving up on understanding it.

📚 Dive into Deep Learning with 10 free online courses

It’s all in the title.

☕️ Caffe2 Brings Cross Platform Machine Learning Tools

Curious to try to train and deploy models for the Raspberry Pi!

Training and deploying AI models is often associated with massive data centers or super computers, with good reason. The ability to continually process, create, and improve models from all kinds of information: images, video, text, and voice, at massive scale, is no small computing feat. Deploying these models on mobile devices so they’re fast and lightweight can be equally daunting. Overcoming these challenges requires a robust, flexible, and portable deep learning framework.

Web development / Web design

🐟 How We Built r/Place

Remember Reddit’s crazy April Fools’? A (technical) look behind the scenes!

⌨️ Let’s Build a Web App with Vue, Chart.js and an API

Easy little project to get started with Vue.js and Chart.js.

In this quick how to, we cover how to interact with the npm 💘 API to get download statistics of a package and generate a chart from this data with Chart.js

💻 Exploring Netlify CMS: React & Git-based Content Management

Your weekly dose of JAMstack.

📝 Putting comments in code: the good, the bad, and the ugly.

“Good code is self-documenting.” or is it?

⏱ Improving Startup Time

If you use Atom, you’ll notice how quick it got compared to older versions. This is how they did it.

Instagram beats Snapchat, Mastodon tries to take out Twitter, United Airlines roughs passengers up and we all cross fingers that North Korea cancels this weekend’s nuclear tests. Can’t we just have world peace, net neutrality and free pizza for all humankind? kthxbye.

---

Around the web

💣 Mastodon — What Disruption Looks Like Right Before It Happens

I don’t know if that one will last but at least it’s open source and you can run your own instance of it. It should be interesting to follow in the coming months.

📷 200M People Using Instagram Stories daily

This is it, Instagram Stories (finally) tops 200M daily users and becomes officially bigger than Snapchat!

🔍 Google’s fact check feature comes to Google Search

Great way to provide new tools to prevent “fake news”. It’s interesting that Google won’t fact check themselves but leave that to Snopes and the like.

“Even though differing conclusions may be presented, we think it’s still helpful for people to understand the degree of consensus around a particular claim and have clear information on which sources agree,“ (…) Organizations that want to add their fact checks to Google Search must follow Google’s relatively stringent guidelines (…) At the end of the day, though, it’s an algorithm that decides whether the source of a fact check is trusted — and chances are, somebody is going to find a way around this sooner or later.

💸 Unprecedented Heist Hijacked a Brazilian Bank’s website

When phishing goes so deep that you can’t even see it happening. Learn how a Brazilian bank got hacked by alteration of DNS entries to redirect visitors to scamming web pages.

🌏 How India saved its internet from greedy corporations

Wouldn’t it be great if everybody could fight this hard to preserve Net Neutrality!?

In early 2015, the Telecom Authority of India (TRAI) was hijacked by the telecom companies that it was supposed to be regulating. It released a consultation paper on Net Neutrality for public feedback.

🤝 Reversing the Lies of the Sharing Economy

Fascinating piece that points out what’s wrong with our common understanding of what the Sharing Economy is.

There’s nothing resembling a “sharing economy” in an Uber interaction. You pay a corporation to send a driver to you, and it pays that driver a variable weekly wage. (…) we should call out Uber for what it is: a company in control of a platform that originally facilitated peer-to-peer renting, not sharing, and that eventually transformed into the de facto boss of an army of self-employed employees.

👹 Why Uber Won’t Fire Its CEO

Good recap of the history of super-voting shares (which allows founders to stay in control even when their equity is reduced).

Essentially, in one class, a share carries one vote; in the other class, shares come with ten votes each or more. These super-voting shares allow founders and some early investors to maintain control over decisions the company makes, even if their ownership in the company is significantly reduced.

🎨 When Pixels Collide — Reddit’s April Fool’s experiment

The most creative and insane thing you’ll this week.

The rules were simple. Each user could choose one pixel from 16 colors to place anywhere on the canvas. They could place as many pixels of as many colors as they wanted, but they had to wait a few minutes between placing each one. Over the following 72 hours, what emerged was nothing short of miraculous. A collaborative artwork that shocked even its inventors.

😞 The More You Use Facebook, the Worse You Feel

You’ve read it, time to get outside and meet “real” people.

Overall, our results showed that (…) the use of Facebook was negatively associated with overall well-being. These results were particularly strong for mental health; most measures of Facebook use in one year predicted a decrease in mental health in a later year. We found consistently that both liking others’ content and clicking links significantly predicted a subsequent reduction in self-reported physical health, mental health, and life satisfaction.

Technology

⛓ Inmates built computers hidden in ceiling, connected them to prison network

Gotta admire the creativity here! Although I think they should have gottenRaspberry Pi’s or C.H.I.P.’s instead.

Inmates at a medium-security Ohio prison secretly assembled two functioning computers, hid them in the ceiling, and connected them to the Marion Correctional Institution’s network. The hard drives were loaded with pornography, a Windows proxy server, VPN, VOIP and anti-virus software, the Tor browser, password hacking and e-mail spamming tools, and the open source packet analyzer Wireshark.

🤖 Robotopia: Introducing kids to coding with tiny virtual robots!

A fun and creative way to introduce kids to coding basics.

👩🏼‍⚕️ How artificial intelligence is revolutionizing healthcare

I wouldn’t put my open heart surgery in AI’s “hands” but it sure can help with recognizing patterns in cancer detection (and more).

There’s currently a shortage of over seven million physicians, nurses and other health workers worldwide, and the gap is widening. (…) Fortunately, artificial intelligence can help the healthcare sector to overcome present and future challenges. Here’s how AI algorithms and software are improving the quality and availability of healthcare services.

🔧 LEGO Macintosh classic with Wi-Fi and e‑paper display

Best DIY project of the year: a Wi-Fi enabled 1990 Macintosh Classic built with LEGO, powered by a Raspberry Pi Zero running docker and a 2.7” e-paper display.

🤓 Montreal’s fledgling AI community foresees billion dollar industry

It’s always nice to see groundbreaking innovation start here in Montreal.

The Quebec government will spend $100 million to encourage research and development in artificial intelligence over the next five years. Montreal’s AI industry leaders say the city has the magic formula to become a world hub.

📱 Federated Learning: Collaborative Machine Learning without Centralized Training Data

Reminds me a little of SETI@home’s screensaver back in the day.

Standard machine learning approaches require centralizing the training data on one machine or in a datacenter. And Google has built one of the most secure and robust cloud infrastructures for processing this data to make our services better. Now for models trained from user interaction with mobile devices, we’re introducing an additional approach: Federated Learning.

Web development / Web design

🖼 deck.gl — Uber’s WebGL-powered framework

Uber’s CEO might be a jerk, their engineers are pretty awesome! Check their webGL framework out, the performance is impressive.

deck.gl is a WebGL-powered framework for visual exploratory data analysis of large datasets.

🗺 The top GitHub projects per country

In depth overview of the most popular GitHub projects per country and the queries necessary to extract the data yourself.

🗄 So what’s this GraphQL thing I keep hearing about?

Lengthy but very clear introduction to GraphQL and how it works.

In a nutshell, GraphQL is a syntax that describes how to ask for data, and is generally used to load data from a server to a client. GraphQL has three main characteristics: It lets the client specify exactly what data it needs. It makes it easier to aggregate data from multiple sources. It uses a type system to describe data.

👎🏼 How United Airlines onboards New Users

Even if they don’t beat you up when you board the plane, you’ll definitely punch yourself in the mouth when onboarding their mobile app!

Web development and new technologies keep evolving at such a furious pace that it’s getting hard to keep up with every new tool, methodology or service that appears. So, this week, get your React and Deep Learning hats on because it’s trending and it’s your chance to learn more about them!

---

Around the web

🎥 YouTube will no longer allow creators to make money until they reach 10,000 views

Curious to see how creators will react to yet another attempt to police the service.

YouTube has announced a change to its partner program today. From now on, creators won’t be able to turn on monetization until they hit 10,000 lifetime views on their channel. YouTube believes that this threshold will give them a chance to gather enough information on a channel to know if it’s legit. And it won’t be so high as to discourage new independent creators from signing up for the service.

🏆 2016 A.M. Turing Award

Well deserved “Nobel Prize of Computing”, Sir!

ACM named Sir Tim Berners-Lee (…) the recipient of the 2016 ACM A.M. Turing Award. Berners-Lee was cited for inventing the World Wide Web, the first web browser, and the fundamental protocols and algorithms allowing the Web to scale.

🤖 My open source Instagram bot got me 2,500 real followers for $5 in server costs

There are numerous bots that will get you likes and followers but this one might be the only one that is statistics and metrics driven. It’s fascinating to see the train of thought behind it.

👎🏼 Trump has signed repeal of FCC’s Internet privacy rule. Here’s what happens next…

Remember that moment we all said this would never happen?

President Trump signed legislation Monday night that repeals the Federal Communications Commission’s privacy protections for Internet users, rolling back a landmark policy from the Obama era and enabling Internet providers to compete with Google and Facebook in the online ad market.

Technology

🤓 Deep Learning with Emojis (not Math)

The article gets a little technical but it’s definitely worth reading for the architecture and problem definition aspects.

By observing how our shoppers have picked millions of customer orders through our app, we have built models that predict the sequences our fastest shoppers will follow. Then, when a shopper is given a new order to pick, we use this predicted fastest sequence to sort the items for them.

🎸 I needed a guitar teacher. So I turned my Alexa into one.

Surprising but very interesting use of Alexa.  Gotta love those DIY problem solving projects!

📚 515 Free Online Programming & Computer Science Courses

Very useful list of courses sorted by difficulty level (with ratings for each one).

Web development

💥 React is taking over front-end development. Why?

A good look at the reasons behind React’s popularity (with an example and code).

📈 Creating stunning charts with Vue.js and Chart.js

Short and sweet. Straight forward demo to get up and running with both libraries.

🔥 Simple React Development in 2017

Get started with React with this step-by-step guide. If I can do it, so do you!

Believe it or not, it is actually very simple and painless to start a new React project, thanks to amazing work by the community over the past year.

It seems impossible to spend a day without bad news about net neutrality and online privacy. This week’s highlight is the US House of Representatives passing a resolution rolling back FCC privacy regulations, thus allowing ISPs to sell your browsing history without your consent.

---

Around the web

💸 For sale: Your private browsing history

Big Brother is about to make more money on your back (and it should scare the sh*t out of you)! If you have time, check out Greenwald’s more in depth article.

The US House of Representatives voted Tuesday to eliminate ISP privacy rules, following the Senate vote to take the same action last week. The legislation to kill the rules now heads to President Donald Trump for his signature or veto.

☠️ Inside the Hunt for Russia’s Most Notorious Hacker

A great account of Evgeniy Bogachev’s (aka. Slavik) impressive enterprise, from robbing banks to helping Russian secret services gather intelligence.

A mysterious cybercriminal deployed an invincible botnet to steal a fortune from US banks. Then the FBI discovered what else he was after.

👩🏼‍💻 ‘Who shared it?’ How Americans decide what news to trust on social media

In the era of fake news, this study by The AP and American Press Institute shows that when (American) people find news on social media,

“how much they trust the content is determined less by who creates the news than by who shares it.”

💻 This morning, I became a founding member of Medium.

Here’s a happy paying member of Medium.com. Curious to see how their model will evolve over time.

Technology

🔩 Google Optimize A/B testing tool for websites launches out of beta globally

Time to get your hands on Google’s new A/B testing tool!

It enables full end-to-end A/B test, underpinned by a what-you-see-is-what-you-get (WYSIWYG) visual editor that lets users drag-and-drop components and test them out with live users.

🌎 Silicon Valley is no longer #1 for talent says huge global startup report

Montréal is no longer in the top 20, Stockholm has gone up to 14th, Chinese cities keep going up, no African city in the top 20 although still they still rock with with Lagos and Cape Town.

Get the full report here: https://startupgenome.com/report2017/

🤖 Index of Best AI/Machine Learning Resources

It’s one of 2017’s big trends, so don’t miss the train. Great list of ressources to learn more about AI and Machine Learning.

📓 The 10 GitHub repos new developers mention the most

Lots of useful ressources in those repositories (free programming books, essential javascript links, public APIs list).

🌀 Curl, 19 years ago

Happy birthday curl!

19 years ago that was mostly my thing and I sent it out hoping that someone would like it and find good use. Today virtually every modern internet-connected device in the world run my code. Every car, every TV, every mobile phone.

Web development

🔍 The Details That Matter

How visual feedback, microcopy and whitespace can impact your design and overall user experience.

📚 Best Practices for Modals / Overlays / Dialog Windows

How to make modals and overlays suck less.

👴🏼 Modern JavaScript for Ancient Web Developers

If you too are from the previous generation of developers, check this out!

Hi. I’m an ancient web developer who is learning modern JavaScript. I’ve just gotten started and I’m having a ball, but I’ve also got whiplash. There are a few things I wish I’d understood and accepted (…) before I got started.

💻 Marko vs React: An In-depth Look

In-depth look at the differences and similarities between Marko and React by the maintainers of Marko.

Welcome to this first issue of the Aspiring Nerd. This blog is born from the urge to share all the inspiring and thought provoking articles I stumble upon every day. I hope you’ll like it!

---

Around the web

🌎 The future of the open internet — and our way of life — is in your hands

A lengthy must-read if you care about Net Neutrality (and you should).

“History shows a typical progression of information technologies, from somebody’s hobby to somebody’s industry; from jury-rigged contraption to slick production marvel; from a freely accessible channel to one strictly controlled by a single corporation or cartel — from open to closed system.” — Tim Wu

⚖️ Senate votes to let ISPs sell your Web browsing history to advertisers | Ars Technica

The good news keep coming…

The US Senate today voted to eliminate broadband privacy rules that would have required ISPs to get consumers’ explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies.

☠️ Hackers Stole My Website…And I Pulled Off A $30,000 Sting Operation To Get It Back

Yet another reminder that you should have a strong password (and change it regularly) and activate the two factor authentication option whenever possible.

Technology

🤖 Can Chatbots Help Us Do Time Sheets? — Chatbots Magazine

Interesting perspective on how chatbots could help us.

“The way we currently do time reports is broken (…) employees face all kinds of obstacles on the way to timesheet completion — the software is usually clunky, the interaction is hostile, the time is always inconvenient.”

🚜 Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware — Motherboard

This is what happens when you try to trap your customers.

To avoid the draconian locks that John Deere puts on the tractors they buy, farmers throughout America’s heartland have started hacking their equipment with firmware that’s cracked in Eastern Europe and traded on invite-only, paid online forums.

Web Development

🤓 What I learned from Stack Overflow’s massive survey of 64,000 developers

It’s all in the title! Surprising fact: 1 in 100 developers are blind, and 1 in 200 developers are deaf.

👩🏼‍🏫 GitHub — kamranahmedse/developer-roadmap: Roadmap to becoming a web developer in 2017

The treacherous path to become a web developer.

🔑 SHA-1 collision detection on GitHub.com · GitHub

GitHub’s take on SHAttered (the first collision of the SHA-1 hash function), how it works and why it matters.

📚 Build a JAMstack-Powered Website in 4 Steps — Hacker Noon

If you’re new to JAMstack and want to understand how it works this is a great hands-on example.