Interesting Snippets from 2012-08-10

• How Not to Become Mat Honan: A Short Primer on Online Security | Threat Level | Wired.com

  By now, you’ve probably read or heard about Wired staff writer Mat Honan’s journey through digital hell, in which hackers social-engineered Apple into giving them the keys to his digital life, allowing them to scrub his laptop, iPhone and iPad, hijack his and Gizmodo’s Twitter accounts and delete eight-years-worth of email from his Gmail account.

• After Knight Capital, New Code for Trades - NYTimes.com

  First, it is impossible to fully test any computer system. To think otherwise is to misunderstand what constitutes such a system. It is not a single body of code created entirely by one company. Rather, it is a collection of “modules” plugged into one another. Software modules are purchased from multiple vendors; the programs are proprietary; a purchaser (like Knight Capital) cannot see this code. Each piece of hardware also has its own embedded, inaccessible programming. The resulting system is a tangle of black boxes wired together that communicate through dimly explained “interfaces.” A programmer on one side of an interface can only hope that the programmer on the other side has gotten it right.

  Next, there is no such thing as a body of code without bugs. You can test assiduously: first the programmers test, then the quality-assurance engineers; finally you run the old and new systems in parallel to monitor results. But no matter. There is always one more bug. Society may want to put its trust in computers, but it should know the facts: a bug, fix it. Another bug, fix it. The “fix” itself may introduce a new bug. And so on.

• DIY Medical Technology | Group Overview « Little Devices

  The Little Devices group at MIT develops empowerment technologies for health. We believe that innovation and design happens at the frontline of healthcare where providers and patients can invent everyday technologies to improve outcomes. By comparing the adaptive technology index of a given burden of disease, we can select promising devices that can have an impact on a particular disease. The resulting research portfolio is then matched with specific strategies for participatory design.

• Bad Software Runs the World - Slashdot

  "The underlying problem here is that most software is not very good. Writing good software is hard. There are thousands of opportunities to make mistakes. More importantly, it's difficult if not impossible to anticipate all the situations that a software program will be faced with, especially when — as was the case for both UBS and Knight — it is interacting with other software programs that are not under your control. It's difficult to test software properly if you don't know all the use cases that it's going to have to support. There are solutions to these problems, but they are neither easy nor cheap. You need to start with very good, very motivated developers. You need to have development processes that are oriented toward quality, not some arbitrary measure of output."

• Software Runs the World: How Scared Should We Be That So Much of It Is So Bad? - Business - The Atlantic

  There are solutions to these problems, but they are neither easy nor cheap. You need to start with very good, very motivated developers. You need to have development processes that are oriented toward quality, not some arbitrary measure of output. You need to have a culture where people can review each other's work often and honestly. You need to have comprehensive testing processes -- with a large dose of automation -- to make sure that the thousands of pieces of code that make up a complex application are all working properly, all the time, on all the hardware you need to support. You need to have management that understands that it's better to ship a good product late than to ship a bad product on time. Few software companies do this well, and even fewer of the large companies that write much of their software.

• Supermarkets Try Customizing Prices for Shoppers - NYTimes.com

  Airlines, hotels and rental cars have offered variable prices for years. Those prices, however, are almost always based on capacity and timing, or are given to groups — seniors get one discount, frequent users another.

  Now grocers like Safeway and Kroger are going one step further, each offering differing methods to determine individualized prices. Hoping to improve razor-thin profit margins, they are creating specific offers and prices, based on shoppers’ behaviors, that could encourage them to spend more: a bigger box of Tide and bologna if the retailer’s data suggests a shopper has a large family, for example (and expensive bologna if the data indicates the shopper is not greatly price-conscious).

• PyPy Status Blog: Multicore Programming in PyPy and CPython

  The issue with using threads (in any language with or without a GIL) is that threads are fundamentally non-deterministic. In other words, the programs' behaviors are not reproductible at all, and worse, we cannot even reason about it --- it becomes quickly messy. We would have to consider all possible combinations of code paths and timings, and we cannot hope to write tests that cover all combinations. This fact is often documented as one of the main blockers towards writing successful multithreaded applications.

  We need to solve this issue with a higher-level solution. Such solutions exist theoretically, and Automatic Mutual Exclusion (AME) is one of them. The idea of AME is that we divide the execution of each thread into a number of "atomic blocks". Each block is well-delimited and typically large. Each block runs atomically, as if it acquired a GIL for its whole duration. The trick is that internally we use Transactional Memory, which is a technique that lets the system run the atomic blocks from each thread in parallel, while giving the programmer the illusion that the blocks have been run in some global serialized order.

• Canadian hacker dupes Walmart to win Def Con prize - thestar.com

  From his glass booth in front of chuckling onlookers, MacDougall managed to get 75 pieces of information in the 20-minute phone call, winning the contest and receiving a coveted black badge for his efforts. In the three years of the contest, no one has ever succeeded in getting each assigned data point before.

  MacDougall found out all about the store’s security, its cafeteria, who cleans it after-hours and who disposes of its garbage. He learned when employees are paid, who provides IT support, what computers, operating systems and anti-virus programs are used.

• Applying markup to complexity - O'Reilly Radar

  When XML exploded onto the scene, it ignited visions of magical communications, simplified document storage, and a whole new wave of application capabilities. Reality has proved calmer, with competition from JSON and other formats tackling a wide variety of problems, while the biggest of the big data problems have such volume that adding markup seems likely to create new problems.

[/snippets] permanent link