Orlando Jones and Crispin Glover Discuss Race, Fashion, and Breaking Down Barriers in American Gods [Published articles]

Orlando Jones as Mr. Nancy in American Gods

Orlando Jones and Crispin Glover turned out to be an inspired pairing for the American Gods press event. Jones is a lively extrovert, laughing and joking with his interviewers, until he turns on a dime to give serious explanations about the true nature of Mr. Nancy. Crispin Glover, on the other hand, is quiet and reserved—until he turns on a dime to decry the increasing influence of corporate thinking on American life. The two men are also huge fans of each other, with Jones comparing Glover’s thoughtfulness to his friend, Laurence Fishburne, and Glover praising Jones for being a great spokesperson for their show.

Orlando Jones spoke about balancing Mr. Nancy’s humor, and the seriousness of his message. (Mr. Nancy only appeared in one scene in the screeners I received, and I absolutely do not want to spoil it for you, because it’s extraordinary. So I will tread very lightly here.) Jones related that while everyone wanted him to be funny, that wasn’t the center of the discussion of his character because “ultimately what he has to say is not light” and deals with America’s racial history in a striking and incendiary way. At the same time, however, Jones wanted to make sure that for all the character’s anger there was still an openness. “To deliver that, or to try to create that conversation around a voice that was yelling just seemed the wrong way to go. That doesn’t invite anyone to the conversation. I wanted him to be entertaining, but more than anything I wanted anybody to be able to come to the conversation and not feel that they were being yelled at.”

He also emphasized Mr. Nancy’s trickster nature:

It meant making him kind of agnostic in the sense that he’s a trickster. He might be saying something to help you out, he might be saying it to get something he wants…which one it is only he knows, and that changes based on what he wants. I think you’ll find Mr. Nancy changing a lot by virtue of the space that he’s in…because he’s a spider, and that’s how they build webs.

Jones and Glover agreed that costuming was important to both of the characters, with Glover saying, “That’s a really important part of understanding your character—you feel like what you are when you get into the clothing, ideally.” And Jones used Mr. Nancy’s wardrobe as a way to express his character’s history:

He is such an iconic African character and he came out of Ghanaian history, because he, through his stories, survived the Middle Passage, I really wanted him to be a king. And purple is a royal color. It’s one of those colors that we associate with nobility, and that was really my only request…and my only contribution was (1) African print. Something that speaks to the true heritage of it, and (2) bold. This is not Armani. This is not European.

Jones also emphasized Mr. Nancy’s heritage when it came to his language:

My initial thought was to incorporate different African languages into his speech, but then I thought, mostly we’re going to be speaking English. I didn’t want to be just tossing out a word every now and then like, ‘Here’s some Swahili for ya, heyy!’ so I tried to incorporate it into the way he really speaks, so the tones of his voice, and the sound of his speech, sometime will sound a bit Caribbean, or a bit African depending on what he’s saying to you. He doesn’t say “Fire” he goes “Fiyy-ah!” If we get an opportunity to do more dialects then I’ll take it.

During the conversation, Crispin Glover revealed that he had not yet seen his work as Mr. World. Orlando Jones had, and let us all know that Glover is “off the chain fantastic!” This lead to Glover explaining why he doesn’t like explaining things:

The piece works in metaphor, and metaphor is very good to interpret. If I start saying a whole bunch of stuff it…lessens it. I know what was written. I know what it’s supposed to be…there could have been a way to go that indicated very specific things, but I wanted to pull it back a little. I wanted to leave it a little bit more mysterious. I purposefully have not read the book. Because I know that if I do—I’ve done properties before that were literary properties, and I found that if I start reading the book I’d start getting ideas of how it should be done, externally to what I’m playing for the character. How I think it should be interpreted. And I don’t want to do that—I just want to see what’s presented to me, because also I trust the writing of Michael and Bryan. They do such a great job with the dramaturgy of Neil’s original work. It’s a mystery to me, as well, so I also feel funny saying too much.

Jones then added, “I am so excited for your live-tweet.”

Jones and Glover discussed their contrasting relationships to social media, with Glover reiterating his love of mystery, and Jones revealing that his life on social media, and his status as a fangirl for Mr. Nancy, led to connections with Neil Gaiman: “About a year and a half ago there was a conversation online about who should play Mr. Nancy. And in that conversation my name came up and that got sent to Neil, and then Neil and I became Twitter fans—just from fans telling him that I should play Mr. Nancy. So online there’s been a conversation about me being Mr. Nancy this entire time. It’s a nerd thing come true for me.” This was reiterated in a later joint interview with Bryan Fuller and Michael Green, who spoke of seeing this image of Orlando Jones as Mr. Nancy on Tumblr before they even spoke to their casting director.

Glover attempted to dig into the thematic concerns behind Mr. World (without giving away any mystery) by talking about another part of his life:

I’ve been touring with my films for about 14 years, and particularly my first film has very anti-corporate sentiments. I don’t want to talk about it so much, but in some ways there’s nothing comparable between my own filmmaking and this, but on another level, there is something…it’s important to me personally, the anti-corporate sentiment. There’s something really out of balance right now. And has been for quite a while—the corporate controls that are not good for people at large. I feel the writing [for Mr. World] has to do with that as well.

Jones agreed with the importance of the writing”

Michael and Bryan are beautiful writers, and truly believe that talking about immigration and human rights are important conversations to be in now. To speak to these types of issues at this particular time…to be silent right now feels like being a coward. I’m excited about the show. I find myself in the lucky position to be able to say I’m excited about this work…because it doesn’t have any barriers.

You’ll get to see Orlando Jones and Crispin Glover fight over the fate of the world in American Gods, beginning April 30th on Starz.

Minimal examples of data structures and algorithms in Python [Published articles]

Trump's FCC Votes To Allow Broadband Rate Hikes Will Deprive More Public Schools From Getting Internet Access [Published articles]

The FCC voted on Thursday to approve a controversial plan to deregulate the $45 billion market for business-to-business broadband, also known as Business Data Services (BDS), by eliminating price caps that make internet access more affordable for thousands of small businesses, schools, libraries and hospitals. The Outline adds: The price caps were designed to keep phone and, later, broadband, access cheap for community institutions like schools, hospitals, libraries, and small businesses. Now, there will be no limit. A spokesperson for the trade association Incompas, which advocates for competition among communications providers, told The Outline that the increase is expected to be at least 25 percent across the board. Low-income schools already don't have enough money; according to a report last year in The Atlantic, schools in high-poverty districts, where the property taxes are lower, spend 15.6 percent less per student than schools in low-poverty districts. If internet costs go up by 25 percent, it may make more sense to cut that budget item, or, for schools that still don't have internet, never add it at all. Add it to the list of things that well-funded schools in already-rich neighborhoods get that schools in low-income neighborhoods don't. New textbooks. Gyms. Advanced Placement classes that let students earn college credits. Computers. Internet access.

Share on Google+

Read more of this story at Slashdot.

Explore New Parts of America With These Discounted Library of Congress Prints [Published articles]

Even if you haven’t been to any of these places, The Library of Congress designed these prints to be more fantasy than reality anyway. From landmarks like the Grand Canyon and Yellowstone to archival activity designs, these beautiful canvas prints are ready to hang, and 50% off from Fab.com.

Read more...

New photo of Earth between Saturn's rings can shift your perspective on our reality [Published articles]

That point of light between Saturn's rings is Earth, captured by NASA's Cassini spacecraft on April 12. More about the image here at NASA JPL. It reminds me of the last photo taken by the Voyager I spacecraft before engineers shut off its camera in 1990. Carl Sagan had persuaded NASA to turn Voyager I’s cameras back toward the sun and take the first ever "portrait of our solar system" from outside of it. Earth is just a speck in that photo too, a "pale blue dot" as Sagan called it. His beautiful words remind me how a single image can alter one's perspective in an instant:

Look again at that dot. That's here. That's home. That's us. On it everyone you love, everyone you know, everyone you ever heard of, every human being who ever was, lived out their lives. The aggregate of our joy and suffering, thousands of confident religions, ideologies, and economic doctrines, every hunter and forager, every hero and coward, every creator and destroyer of civilization, every king and peasant, every young couple in love, every mother and father, hopeful child, inventor and explorer, every teacher of morals, every corrupt politician, every "superstar," every "supreme leader," every saint and sinner in the history of our species lived there...

Light Sail Propulsion Could Reach Sirius Sooner Than Alpha Centauri [Published articles]

RockDoctor writes: A recent proposition to launch probes to other star systems driven by lasers which remain in the Solar system has garnered considerable attention. But recently published work suggests that there are unexpected complexities to the system. One would think that the closest star systems would be the easiest to reach. But unless you are content with a fly-by examination of the star system, with much reduced science returns, you will need to decelerate the probe at the far end, without any infrastructure to assist with the braking. By combining both light-pressure braking and gravitational slingshots, a team of German, French and Chilean astronomers discover that the brightness of the destination star can significantly increase deceleration, and thus travel time (because higher flight velocities can be used). Slingshotting around a companion star to lengthen deceleration times can help shed flight velocity to allow capture into a stable orbit. The 4.37 light year distant binary stars Alpha Centauri A and B could be reached in 75 years from Earth. Covering the 0.24 light year distance to Proxima Centauri depends on arriving at the correct relative orientations of Alpha Centauri A and B in their mutual 80 year orbit for the sling shot to work. Without a companion star, Proxima Centauri can only absorb a final leg velocity of about 1280km/s, so that leg of the trip would take an additional 46 years. Using the same performance characteristics for the light sail, the corresponding duration for an approach to the Sirius system, almost twice as far away (8.58 lightyears), is a mere 68.9 years, making it (and it's white dwarf companion) possibly a more attractive target. Of course, none of this addresses the question of how to get any data from there to here. Or, indeed, how to manage a project that will last longer than a working lifetime. There are also issues of aiming -- the motion of the Alpha Centauri system isn't well-enough known at the moment to achieve the precise maneuvering needed without course corrections (and so, data transmission from there to here) en route.

Share on Google+

Read more of this story at Slashdot.

Digging into the surprisingly mysterious life of Bob Ross [Published articles]

The YouTube channel Today I Found Out takes a look at the life of famed PBS artist Bob Ross—a beloved public figure whose biography is surprisingly opaque.

John Deere just told the copyright office that only corporations can own property, humans can only license it [Published articles]

John Deere has turned itself into the poster-child for the DMCA, fighting farmers who say they want to fix their own tractors and access their data by saying that doing so violates the 1998 law's prohibition on bypassing copyright locks. (more…)

If you’re happy and you know it.... [Published articles]

Stack Overflow Reveals Which Programming Languages Are Most Used At Night [Published articles]

Stack Overflow data scientist David Robinson recently calculated when people visit the popular programming question-and-answer site, but then also calculated whether those results differed by programming language. Quoting his results: "C# programmers start and stop their day earlier, and tend to use the language less in the evenings. This might be because C# is often used at finance and enterprise software companies, which often start earlier and have rigid schedules.""C programmers start the day a bit later, keep using the language in the evening, and stay up the longest. This suggests C may be particularly popular among hobbyist programmers who code during their free time (or perhaps among summer school students doing homework).""Python and Javascript are somewhere in between: Python and Javascript developers start and end the day a little later than C# users, and are a little less likely than C programmers to work in the evening." The site also released an interactive app which lets users see how the results for other languages compared to C#, JavaScript, Python, and C, though of those four, "C# would count as the 'most nine-to-five,' and C as the least." And they've also calculated the technologies used most between 9 to 5 (which "include many Microsoft technologies, such as SQL Server, Excel, VBA, and Internet Explorer, as well as technologies like SVN and Oracle that are frequently used at enterprise software companies.") Meanwhile, the technologies most often used outside the 9-5 workday "include web frameworks like Firebase, Meteor, and Express, as well as graphics libraries like OpenGL and Unity. The functional language Haskell is the tag most visited outside of the workday; only half of its visits happen between 9 and 5."

Share on Google+

Read more of this story at Slashdot.

Systemd-Free Devuan Announces Its First Stable Release Candidate 'Jessie' 1.0.0 [Published articles]

Long-time reader jaromil writes: Devuan 1.0.0-RC is announced, following its beta 2 release last year. The Debian fork that spawned over systemd controversy is reaching stability and plans long-term support. Devuan deploys an innovative continuous integration setup: with fallback on Debian packages, it overlays its own modifications and then uses the merged source repository to ship images for 11 ARM targets, a desktop and minimal live, vagrant and qemu virtual machines and the classic installer isos. The release announcement contains several links to projects that have already adopted this distribution as a base OS. "Dear Init Freedom Lovers," begins the announcement, "Once again the Veteran Unix Admins salute you!" It points out that Devuan "can be adopted as a flawless upgrade path from both Debian Wheezy and Jessie. This is a main goal for the Devuan Jessie stable release and has proven to be a very stable operation every time it has been performed. "

Share on Google+

Read more of this story at Slashdot.

This Adorable Jyn Erso Cosplayer Spent Star Wars Celebration Handing Out the Death Star Plans to Every Princess Leia [Published articles]

When you go to a massive convention like Star Wars Celebration, it’s best to have a game plan. Where are you going to go first? What panels are you going to prioritize, and which merchandise do you want to make sure you don’t miss? Well, this little Jyn cosplayer had a different mission: deliver the Death Star plans…

Read more...

Court Rules Fan Subtitles On TV and Movies Are Illegal [Published articles]

A court has just ruled that making fan subtitles or translations is not protected by the law. From a report: A Dutch group called the Free Subtitles Foundation took anti-piracy group BREIN to court over "fansubbing." BREIN has previously been active in taking fan subtitles and translations offline, and the Foundation was hoping a Dutch court would come down on the side of fair use. The court didn't quite see it that way. It ruled that making subtitles without permission from the property owners amounted to copyright infringement. BREIN wasn't unsympathetic, but said it couldn't allow fansubbers to continue doing what they're doing.

Share on Google+

Read more of this story at Slashdot.

New To The Wheel of Time? This Video Gives You the Basics in 60 Seconds [Published articles]

Knife of Dreams Cover Art by Michael Komarck

Robert Jordan’s fantasy The Wheel of Time is coming to television! But for those for you who haven’t yet read the epic, getting up to speed with an adaptation of a 14-book series can be a daunting prospect. Luckily, IGN has distilled the central idea of WoT into a 60-second video, which makes for a solid platform for people to dive into the books, or the upcoming television show.

Check it out below!

[via IGN!]

 

 

 

 

Tiny Jyn Erso Heads to Star Wars Celebration, Hands Every Leia a Copy of the Death Star Plans [Published articles]

DinoIgnacio, Imgur, Jyn cosplay

This small Jyn Erso is actually named Harley, and her dad Dino Ignacio makes all sort of fantastic cosplay outfits for his family. This year, in honor of the dearly departed Carrie Fisher, Harley came to the Star Wars Celebration prepared with her Jyn outfit and a stack of Death Star plans–and handed them out to every Leia she saw.

Observe. And then cry with us.

A New Hope Leia!

DinoIgnacio, Imgur, Jyn cosplay

A Cloud City Leia!

DinoIgnacio, Imgur, Jyn cosplay

An Endor Leia!

DinoIgnacio, Imgur, Jyn cosplay

A–hey, wait a minute, that’s skipping over a significant part of the plot!

DinoIgnacio, Imgur, Jyn cosplay

There are more of these utterly charming photos from the Star Wars Celebration over at Ignacio’s Imgur account. And you’ll find more impressive cosplay in his gallery!

[Via Nerdist]

Oculus Chief Scientist: AR glasses will someday be as ubiquitous as smartphones [Published articles]

As Oculus Chief Scientist Michael Abrash describes it, augmented reality glasses are certainly going to be ...

Today, augmented reality is the stuff of Pokemon and puppy-face filters, but someday, it will be socially acceptable to wear high-tech AR glasses tying us to the virtual world around the clock. At least, that's according to Michael Abrash, Chief Scientist at Oculus Research, in a talk about Facebook's annual developer conference.

.. Continue Reading Oculus Chief Scientist: AR glasses will someday be as ubiquitous as smartphones

Category: VR

Tags: Related Articles:

BMW's 215 horsepower, 171 kilogram, carbon fiber-crammed HP4 Race revealed [Published articles]

States Are Moving To Cut College Costs By Introducing Open-Source Textbooks [Published articles]

In an effort to curb the rising cost of textbooks, which went up by 88% between 2006 and 2016, according to the U.S. Bureau of Labor Statistics, Maryland and New York have announced initiatives that adopt open-source, copyright-free textbooks. The initiatives will reward colleges who adapt or scale the use of OER (open educational resources) -- "materials like electronic textbooks that typically use licenses that are far less restrictive than traditional, copyrighted textbooks," reports Quartz. From the report: The University System of Maryland recently announced that it would be giving out 21 "mini-grants" to seven community colleges and five public four-year schools. The grants will go to "faculty who are adopting, adapting or scaling the use of OER [open educational resources] in Fall 2017 through high-enrollment courses where quality OER exists," according to the announcement. Although the mini-grants are only $500 to $2,500 each, the effort in Maryland is expected to save 8,000 students up to $1.3 million in the Fall 2017 semester alone. That's a significant amount, but just a drop in the bucket of what students in the state spend on textbooks each year. Another big investment in open educational resources came in the budget passed in New York state last week. The news was somewhat buried by the fact that the budget includes free tuition for New York students whose families make up to $125,000 a year, but the state will also be putting $8 million into open source materials over the next fiscal year.

Share on Google+

Read more of this story at Slashdot.

Robot Maker and YouTuber Simone Giertz's favorite tools [Published articles]

Our guest this week on the Cool Tools Show is Simone Giertz. Simone is a Swedish native who now resides in San Francisco. Millions of people come to watch her build shitty robots on YouTube and she recently launched her own astronaut training program to get herself into space. Simone's videos have been featured on The Ellen Show, The Late Show, Mashable, Business Insider, Wired, Conan O'Brien, and more. Whilst most recently joining master builder Adam Savage's tested team.

Subscribe to the Cool Tools Show on iTunes | RSS | Transcript | Download MP3 | See all the Cool Tools Show posts on a single page

Show notes:

Dremel 4200 ($114) “I started building stuff about 3 years and I’m rediscovering everything that people have known for a long time. … Dremel tool kind of goes in the line of that … it blew my mind because I do a lot of aluminum fabrications. I make parts out of aluminum frames or customized parts that I already have and for that it's freakin' great because it's like having your own arm do it but at a much higher RPM. It's like a little pen. It's just such an accessible tool. You're just sitting there and you're cutting. It has the tiniest little cutter blades and it’s just nice. … It’s a super versatile tool and it takes up no space.”

Original Prusa i3 MK2S kit ($699)

"I am definitely not an authority in 3D printing. I am a total 3D printing novice. I think in some way that gives me a bit of authority to speak on this because I’ve used a fair amount of 3D printers and I’m always like, ‘I have no freaking idea what’s going on.' ... The Prusa has, from the start, worked brilliantly. It’s a really open design. … It looks like a very maker printer because you can definitely tinker with it without having to take some big casing off. … This is the first 3D printer that has worked well enough to me to actually use it on a regular basis.”

Glowforge laser cutter($2995)

“One of many unique features that it has is that you have a view. It's all in the browse. You just go on your printer's domain or you log into your account and there you have the bed view of your printer. You can see the material and that's where you upload and place the designs. You can also scan stuff on it. You can draw something on the material and it scans it and then it can etch it or rasterize it. It’s really an improvement of the work flow."

Shaper Origin ($1699)

"This is a great tool. I'm not sponsored. They did let me take home their beta version and try it out. It's a handheld milling machine. Basically you load an SVG on it — a file. Your design. …Just like a CNC machine but it’s handheld. … Then it auto corrects your path. It shows you where to move out. … You could be making the map of the United States on your wall in your bedroom and just hold it up on the wall. I think it's just such a ... it's super cool and it works. I've just tried their beta version. I haven't tried the final version but I'm really impressed with the capabilities of the beta version. It’s just worked really. really great. … You can do a cut halfway through and then take a break for a couple of weeks and then get back to it and keep on doing it and it knows where it laid out all the parts.”

Hitachi KNT50AB Air Compressor ($229)

"The virtues of an air compressor. Where do I start? Most of all, building robots and tinkering with electronics used to be my hobby and then it became my job. I had to find a new hobby. I've been doing a lot of wood working in my free time. I do it at home. I have a little workbench in the garden. I've always covered in sawdust. Just being able to blow off my tools before I bring them into my bedroom is amazing.”

Simone recently wowed Stephen Colbert with her dangerous, shitty robots: https://youtu.be/O61wJPNJgZQ

StarCraft Is Now Free, Nearly 20 Years After Its Release [Published articles]

An anonymous reader quotes a report from TechCrunch: Nearly two decades after its 1998 release, StarCraft is now free. Legally! Blizzard has just released the original game -- plus the Brood War expansion -- for free for both PC and Mac. You can find it here. Up until a few weeks ago, getting the game with its expansion would've cost $10-15 bucks. The company says they've also used this opportunity to improve the game's anti-cheat system, add "improved compatibility" with Windows 7, 8.1, and 10, and fix a few long lasting bugs. So why now? The company is about to release a remastered version of the game in just a few months, its graphics/audio overhauled for modern systems. Once that version hits, the original will probably look a bit ancient by comparison -- so they might as well use it to win over a few new fans, right?

Share on Google+

Read more of this story at Slashdot.

InterContinental Hotel Chain Breach Expands [Published articles]

In December 2016, KrebsOnSecurity broke the news that fraud experts at various banks were seeing a pattern suggesting a widespread credit card breach across some 5,000 hotels worldwide owned by InterContinental Hotels Group (IHG). In February, IHG acknowledged a breach but said it appeared to involve only a dozen properties. Now, IHG has released data showing that cash registers at more than 1,000 of its properties were compromised with malicious software designed to siphon customer debit and credit card data.

An Intercontinental hotel in New York City.

An Intercontinental hotel in New York City.

Headquartered in Denham, U.K., IHG operates more than 5,000 hotels across nearly 100 countries. The company’s dozen brands include Holiday Inn, Holiday Inn Express, InterContinental, Kimpton Hotels, and Crowne Plaza.

According to a statement released by IHG, the investigation “identified signs of the operation of malware designed to access payment card data from cards used onsite at front desks at certain IHG-branded franchise hotel locations between September 29, 2016 and December 29, 2016.”

IHG didn’t say how many properties total were affected, although it has published a state-by-state lookup tool available here. I counted 28 in my hometown state of Virginia alone, California more than double that; Alabama almost the same number as Virginia. So north of 1,000 locations nationwide seems very likely.

Update, April 19, 11:09 a.m. ET: Danish geek Christian Sonne writes that his research on the state lookup tool shows there are at least 1,175 properties on the list so far. The breakdown so far is: 1,175 properties across the USA and Puerto Rico in the following brands, Holiday Inn Express (781), Holiday Inn (176), Candlewood Suites (120), Staybridge Suites (54), Crowne Plaza (30), Hotel Indigo (11), Holiday Inn Resort (3).

Original story:

IHG has been offering its franchised properties a free examination by an outside computer forensic team hired to look for signs of the same malware infestation known to have hit front desk systems at other properties. But not all property owners have been anxious to take the company up on that offer. As a consequence, there may be more breached hotel locations yet to be added to the state lookup tool.

A letter from IHG to franchise customers, offering to pay for the cyber forensics examination.

A letter from IHG to franchise customers, offering to pay for the cyber forensics examination.

IHG franchises who accepted the security inspections were told they would receive a consolidated report sharing information specific to the property, and that “your acquiring bank and/or processor may contact you regarding this investigation.”

IHG also has been trying to steer franchised properties toward adopting its “secure payment solution” (SPS) that ensures cardholder data remains encrypted at all times and at every “hop” across the electronic transaction. According to IHG, properties that used its solution prior to the initial intrusion on Sept. 29, 2016 were not affected.

“Many more properties implemented SPS after September 29, 2016, and the implementation of SPS ended the ability of the malware to find payment card data,” IHG wrote.

Card-stealing cyber thieves have broken into some of the largest hotel chains over the past few years. Hotel brands that have acknowledged card breaches over the last year after prompting by KrebsOnSecurity include Kimpton HotelsTrump Hotels (twice), Hilton, Mandarin Oriental, and White Lodging (twice). Card breaches also have hit hospitality chains Starwood Hotels and Hyatt

In many of those incidents, thieves planted malicious software on the point-of-sale devices at restaurants and bars inside of the hotel chains. Point-of-sale based malware has driven most of the credit card breaches over the past two years, including intrusions at Target and Home Depot, as well as breaches at a slew of point-of-sale vendors. The malicious code usually is installed via hacked remote administration tools. Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register.

Thieves can then sell that data to crooks who specialize in encoding the stolen data onto any card with a magnetic stripe, and using the cards to purchase high-priced electronics and gift cards from big-box stores like Target and Best Buy.

It’s a good bet that none of the above-mentioned companies were running point-to-point encryption (P2PE) solutions before they started hemorrhaging customer credit cards. P2PE is an added cost for sure, but it can protect customer card data even on point-of-sale systems that are already compromised because the malware can no longer read the data going across the wire.

Readers should remember that they’re not liable for fraudulent charges on their credit or debit cards, but they still have to report the unauthorized transactions. There is no substitute for keeping a close eye on your card statements. Also, consider using credit cards instead of debit cards; having your checking account emptied of cash while your bank sorts out the situation can be a hassle and lead to secondary problems (bounced checks, for instance).

Logitech's sub-$100 deck tempts new mechanical keyboard fans [Published articles]

Mechanical keyboard aficionados may extol the virtues of their chosen device like speed and feel but often downplay how much that luxury will cost you. Many good mechanical keyboards run between $150 and $200, with gaming-centric models jacking up th...

Screenwriters share the deranged comments they get from Hollywood people [Published articles]

At The Wrap, Oscar-nominated writers share some of the dumbest notes left by studio people on their scripts. They range from merely heavy-handed ("There is no wife. Continue.") to idiotic ("Where are the white people?" regarding Moonlight.)

Remarks hinting at someone's gender or race are striking: it's that familiar vicariously-bigoted voice: with Hollywood folk you can never quite tell if it's their voice, the voice of viewers they imagine and fear, or simply a voice they've heard and rehearsed so many times they don't even know anymore, and all they do know is that they have to listen to it.

But it's also true that many of the remarks aren't like that at all. They're just nuts, especially when they come from Kevin Costner.

LinuxKit: A Toolkit for Building Secure, Lean and Portable Linux Subsystems [Published articles]

Research principles from the legendary Xerox PARC [Published articles]

Founded in 1970 as Xerox's R&D division, PARC was a dream factory that brought the world laser printing, Ethernet, the graphical user interface that led to Windows and the Macintosh, ubiquitous computing, and many other technologies that we now take for granted. Why made the place so damn special? Alan Kay, who pioneered networked computing while at Parc, lays out a few of the principles of the research community of which Parc was a hub:

1. Visions not goals

2. Fund people not projects — the scientists find the problems not the funders. So, for many reasons, you have to have the best researchers.

3. Problem Finding — not just Problem Solving

4. Milestones not deadlines

5. It’s “baseball” not “golf” — batting .350 is very good in a high aspiration high risk area. Not getting a hit is not failure but the overhead for getting hits. (As in baseball, an “error” is failing to pull off something that is technically feasible.)

6. It’s about shaping “computer stuff” to human ends per the vision. Much of the time this required the researchers to design and build pretty much everything, including much of the hardware — including a variety of mainframes — and virtually all of the software needed (including OSs and programming languages, etc.). Many of the ARPA researchers were quite fluent in both HW and SW (though usually better at one than the other). This made for a pretty homogeneous computing culture and great synergy in most projects.

7. The above goes against the commonsense idea that “computer people should not try to make their own tools (because of the infinite Turing Tarpit that results)”. The ARPA idea was a second order notion: “if you can make your own tools, HW and SW, then you must!”. The idea was that if you are going to take on big important and new problems then you just have to develop the chops to pull off all needed tools, partly because of what “new” really means, and partly because trying to do workarounds of vendor stuff that is in the wrong paradigm will kill the research thinking.

8. An important part of the research results are researchers. This extends the “baseball” idea to human development. The grad schools, especially, generally admitted people who “seemed interesting” and judgements weren’t made until a few years down the road. Many of the researchers who ultimately solved most of the many problems of personal computing and networking were created by the ARPA community.

"What made Xerox PARC special? Who else today is like them?" (Quora)

David Lynch’s Dune is What You Get When You Build a Science Fictional World With No Interest in Science Fiction [Published articles]

David Lynch, Dune, 1984

There were many attempts to get Dune to the screen on the wave of its popularity. The version that finally came through was David Lynch’s 1984 film, made after both Alejandro Jodorowsky and Ridley Scott tried their hands at the project and ran short on funding and dedication respectively. Lynch was asked to direct and write the screenplay with no knowledge of the book and no particular interest in science fiction.

You can see where this was all destined to go wrong, can’t you?

Look, David Lynch has formally denounced this film and been forthcoming about all the mistakes he made in creating it, including his lack of say in the final cut. (Yes, there are other cuts, but Lynch was not involved in them and they do not make the experience better enough to justify their existence.) The film received largely negative reviews, went on to become an undisputed cult classic, and has received the “deep down it’s genius” treatment that gets offered to every film affording that staying power and status. The fact that David Lynch wrote and directed it helps. The fact that it contains genre film and television darlings like Kyle MacLachlan, Patrick Stewart, Dean Stockwell, Brad Dourif, and Sean Young also helps. There’s very little point in dragging David Lynch for making something that he has long been unhappy with, and even less point in arguing for its hidden genius. Dune is an awful film, and what few merits it has are eclipsed by its bloated excesses in every aspect of story, performance, and effects.

But the fact remains that this film is a perfect example of what happens to an excellent science fiction premise in the hands of someone who has no particular love for the genre.

David Lynch, Dune, 1984

This looks like a future computer, I’m pretty sure.

While Lynch prefers not to discuss Dune in interviews, there was one telling quote in Extrovert Magazine back in 2012 that perhaps gives an indication as to why he took the job:

“I started selling out on Dune. Looking back, it’s no one’s fault but my own. I probably shouldn’t have done that picture, but I saw tons and tons of possibilities for things I loved, and this was the structure to do them in. There was so much room to create a world.”

So David Lynch was excited at the prospect of creating a world, and Dune offered him the ability to do that. The problem is that while the design of the film was incredibly meticulous, the overall creation of that universe is alarmingly homogeneous. The viewer is either in the desert or in any number of grim, muted palette locales that can only be differentiated from one another by noting who occupies the space. The outdoors barely exist; Caladan is black sky filled with lightning and the sound of rain, Giedi Prime is a great big warehouse district with practically no windows and darkness surrounding its mechanized exterior, Arrakis is carved from stone and sparsely accommodated, the people surrounding the Emperor are monochromatically dressed. Everything is in permanent twilight for no discernible reason, and what’s worse, the deliberate juxtapositions of all these locales is largely lost. And when you can see the immense work that went into detailing the costumes, the carvings, the mechanisms, the fact that it all serves more as background noise than focal material is a damned shame.

David Lynch, Dune, 1984

Wow, Caladan so dark.

David Lynch, Dune, 1984

Very dark

David Lynch, Dune, 1984

Hey there, Giedi Prime looking, uh, dark.

David Lynch, Dune, 1984

We got to Arrakis, and look at these interiors! They’re so… dark.

The Atlantic’s celebration of the film on its thirtieth anniversary dubbed it “the anti-Star Wars,” suggesting that Lynch was responding to George Lucas’s crowd-pleasing epic full of easily pronounceable words with something impenetrable and surreal and dangerous. That is… a generous summation at best. Given Lynch’s typical milieu, it is hard to believe that he has ever had the slightest interest in conversing with Lucas’s highly brand-able entertainment. It’s easier to say that Dune is a poor man’s 2001 (made by Stanley Kubrick, a filmmaker Lynch deeply admires) mashed together with a poorer man’s Blade Runner (which Ridley Scott left Dune to direct and found far more manageable). It takes the spectacle and the pacing of both, but does not ascend to the mindfulness of either, and therefore says nothing at all. The first hour is tedious explanation and repetition of the plot, and that last hour is a speedy push toward resolution that never pauses to communicate anything of relevance.

For a movie that clearly blew its sizable budget on effects and set pieces and dressing, complete thoughts fail to come through in the visuals that Lynch was so keen on creating. The Atreides uniforms are starched and a bit British-looking at first glance, which is all well and good until we reach the Harkonnen livery… which are essentially black hazmat suits with green vizors?

David Lynch, Dune, 1984

We’re Atreides and we have Captain Picard running into battle toting a pug! We win by default. Also, pugs have not changed at all in 8,000 years.

David Lynch, Dune, 1984

We’re Harkonnens and Sardaukar and we have… they are hazmat suits.

David Lynch, Dune, 1984

Nope, still hazmat suits.

Any attempt at cohesion on a more granular level, which is where worldbuilding is most essential in science fiction, is shrugged off in favor of another inexplicable style choice that brings a bit of form and zero function. With the exceptions of military collars and crests, there is nothing that communicates how these things and people connect—some have tried to christen it “noir-baroque” which is a cute thought, but it’s hard to believe that any detailed reasons for the aesthetics were considered beyond “this looks cool.”

Dune wants to be phantasmagorical and it wants to be offensive to your senses, and those things can work in cinema, as Lynch’s career communicates incredibly well. But this film does not carry off that off-kilter creepiness as anything more than a parlor trick. It fails to be authentic because these cues are not entrenched in the universe projected on screen. They are there to shock the viewer, to disgust them, but they don’t mean anything. The Guild member floating in its chamber of gas is strange and otherworldly and grotesque, but communicates nothing besides that. It is not integrated into its setting, its surroundings. It exists to be gawked at, to unsettle us, and then it disappears from view and we go back to the part of the narrative that needs to hold our attention.

David Lynch, Dune, 1984

And there’s that creepy guy. At least what he’s saying is somewhat important….

David Lynch, Dune, 1984

Space travel! It’s trippy! We’re unique!

Everyone whispers all the time in Dune. Well, not everyone, as the Harkonnens prove, but anyone that the film dubs properly mysterious, which are most of the characters. It does not make them seem more mysterious, but it does make you wonder how armies can be expected to follow House Atreides when no one in the house can project or enunciate. I guess they spend a lot of time sending memos.

Attempts at distilling the story down to a manageable two-ish hour piece results in a deluge of bad voiceover exposition, and the added irritation of hearing the characters’ thoughts inside their heads to explain suspicions, actions, and motivations. Not only is this goofy device poorly used, it’s also terribly executed—because everyone whispers all the time. It’s impossible to tell whose thoughts we’re listening to for the majority because these segments were clearly added during post production as the film was being cut, precluding the chance of focusing shots on the characters doing the thinking.

David Lynch, Dune, 1984

I really can’t with this.

In the distilling of the plot, every other branch of the story becomes superfluous—and many of the characters do too. This results in the Harkonnens doing nothing in the film besides being despicable to the grandest extremes Lynch can summon. Forget any semblance of intelligence and scheming, the Baron Harkonnen has been reduced to a rabid dog of a man who screams and spins and bounces to and fro like a punctured balloon. The movie also has the distinction of branding the character in an explicitly homophobic light by heightening the Baron’s actions and displaying them all at once: in a single scene we watch the man have his facial sores drained by a doctor (which gay writer Dennis Altman has pointed out appears to be part of the pervasive AIDS imagery that suffused pop culture in the 80s) before abruptly sexually assaulting and brutally murdering a young male servant, bleeding him out while his relatives observe. The choice to connect these moments visually in one savage blow cannot be overlooked or underestimated… particularly when the very next scene shows a flash of Lady Jessica and Duke Leto making love. It is a very literal Point-A-to-Point-B association of homosexuality with perversion, violence, and sickness, contrasted immediately with heterosexuality signifying loving, caring bonds and relationships.

I’m on the fence about how David Lynch presents female characters at the best of times, but in Dune, he treats all women as byproducts of the environment he has created. Gone is the strength of the Bene Gesserit, their plotting ways and millennia of manipulations. No one fears their influence. Instead, they are bald women concerned with breeding, and they live to serve at the beck and call of the men around them. The Reverend Mother Gaius Helen Mohaim goes to test Paul on Caladan because she is told to do so. Jessica agrees to teach the Fremen her method of fighting only for Paul to teach them instead. Alia kills Baron Harkonnen because her brother wishes it. One of the original reviews of Dune highlights the problem quite well, though it is mistakenly framed as a positive; Time’s Richard Corliss stated “The actors seem hypnotized by the spell Lynch has woven around them—especially the lustrous Francesca Annis, as Paul’s mother, who whispers her lines with the urgency of erotic revelation.” The Lady Jessica is effective because she sounds erotic, a proverbial avalanche of male gaze projected by both the reviewer and by how the film frames her character, her power.

David Lynch, Dune, 1984

So much erotic urgency.

The worst offense of all are the “weirding modules” that Paul teaches the Fremen to fight with. Lynch claimed that he conceived the devices because he didn’t want to have to deal with “kung fu fighting on the sand.” This not only speaks to a remarkable lack of care for the philosophies that Herbert pulled into the story—the eastern concepts of prana and bindu, exacting focus and control over ones body—it also robs an all-female order of their own particular methods of fighting and surviving, and turns that into a piece of technology that anyone can use. The idea of the weirding modules on their own are quite clever, particularly their use of sounds and words as a manner of concentrating fatal force, but that does nothing to ameliorate the damage done to the singular position that the Bene Gesserit take up in the story of Dune, and how they are cast out of it with less than a thought.

Better yet, it causes hilarious plot holes that a ten year old could spot. The weirding modules owned by House Atreides are destroyed in the attack that leads to Duke Leto’s death. Somehow Paul finds one he can use to train the Fremen. He then, somehow, finds hundreds more to arm them with, and they’re all wielding them by the final battle. The entire endgame is predicated on use of a weapon that Paul’s forces shouldn’t even have access to anymore. (Commenter hammerlock has pointed out that he’s given the schematics for the modules from Yueh, which seems even sillier; where is he getting all the raw materials to create these things, and if they’re that easy to manufacture, why doesn’t everyone have them?) And that’s just one place where the simplest logic fails to bare up—such as the fact that “wormsign” is now communicated through lightning running across the sand, yet we’re somehow meant to believe that Fremen can ride something that creates horizontal lightning, and also clearly meant to ignore the effect that lightning can have on sand when it strikes, aka How Do You Like Your Desert Full of Glass?

David Lynch, Dune, 1984

This box is an excellent replacement for everything my mother taught me.

Did I mention that the stillsuits don’t cover your head, and that they’re also black? You know, the absolute worst color you could possibly wear into a murderously hot desert, and even funnier when you consider that the Fremen are supposed to be a relatively covert group of people who would stand out spectacularly on the sand in their black leather fetish gear.

Here’s the funny thing, though—Frank Herbert had very little problem with the movie, at least publicly. His introduction to his own short story collection Eye had words on the subject, where he praised it as a “visual feast” that you could “hear my dialogue all through.” But he did have a few issues, mainly the most egregious alteration in the entire film, the true nail in the coffin of its awfulness:

Paul Atreides makes it rain on Arrakis at the end of the movie. Because he’s actually a god.

Not only does he make it rain, but there is another useless voiceover that tells us that Muad’Dib will bring peace where there’s war and love where there’s hate. So not only did David Lynch not really care much for science fiction, he completely passed over the entire point of Dune. Which is that Paul is going to help the Fremen remake Arrakis as they see fit using methods that they have perfected. Paul is made into a god in the minds of men, not that he truly was one. And the belief in this godhood, the worship of him and his cause will actually bring endless war to the cosmos, something that he fights to prevent and is eventually forced to succumb to; his terrible purpose. If David Lynch had truly intended to create the anti-Star Wars, he did so in the most Lucas-ean way possible—by having a reserved young man reveal his chosen status and save the universe with his special powers. It is a spectacular letdown of the highest order.

David Lynch, Dune, 1984

How were they planning to get sequels out of this? They solved all the problems.

So while I understand the cult status of 1984’s Dune, it is impossible to grant it clemency due to passage of time. It can be entertaining to watch, to examine like an odd bit of ephemera, but it does not deserve laurels for failing creatively. There are better ways to manage that feat.

Come back next week for either the Sci-Fi miniseries version, or the Jodorowsky Dune documentary! I haven’t decided which one to tackle first….

Emily Asher-Perrin cannot understand why anyone thought that Patrick Stewart made sense as Gurney Halleck either. You can bug her on Twitter and Tumblr, and read more of her work here and elsewhere.

Shoelace knots fail catastrophically, thanks to 7 gees' worth of stress [Published articles]

Update: Whoops, David got there first!

In a new paper published in the Proceedings of the Royal Society, researchers from UC Berkeley reveal that shoelace knots do not gradualy come loose, as was previously supposed -- rather, they fail catastrophically and suddenly, thanks to strange and surprising stresses that they must endure. (more…)

Seventh Sanctum: the web's ultimate collection of word and idea generators [Published articles]

The Seventh Sanctum is one of my favorite places on the web to find generators: code that produces everything from the names of wacky gadgets to fascinating writing challenges. My favorite: unusual jobs for fantasy role playing characters.

It's maintained by Steven Savage, a former software engineer who now writes on a variety of geeky matters.

Seventh Sanctum started somewhere in 1999 when I joked that attacks in various anime sounded like various strings of words put together by computer. Having fooled around with such generators over the years, I decided it'd be fun to make one. Then another followed. Then another . . . until we end up here.

I'm Steven Savage, an engineer turned Program Manager, speaker and writer on geek culture, and in the case of Seventh Sanctum, mad scientist. Or glad scientist. Whatever works.

Seventh Sanctum was created as a place for me to experiment with randomized tools and provide them to people, though needless to say it got a bit bigger than I expected. Also, it's a lot of fun so after years of work on it, it's still going.

Oh Lord, please don’t let Google Book Search be misunderstood [Published articles]

Has there ever been an online initiative more misunderstood than Google Book Search? If there has, it doesn’t readily come to mind. The purpose of Google Books has been muddled by its adversaries (and, sometimes, allies) ever since Google first started shoving books into scanners. Even now, a year after the Supreme Court finally closed the book on the long-running Authors Guild lawsuit against it, its purpose continues to be misunderstood by both allies and adversaries.

Let’s start with this piece on Medium’s Backchannel, by Scott Rosenberg. The invalid assumption is right there in the headline: “How Google Book Search Got Lost.” There’s a headscratcher for you. Did Google Book Search get “lost”? Maybe it’s not featured on the front page of google.com, but if I go to http://books.google.com, why there it is.

Rosenberg seems to have been led into believing that the whole purpose of Google Book Search had been to serve as a sort of “celestial library” (or maybe “celestial bookstore”) where people could access any book they wanted online—or at least any “orphan work,” which he mischaracterizes as out-of-print books. (They’re actually out-of-print books whose rights holders cannot easily be found.) Rosenberg is disappointed that all it’s amounted to in the end is a text search box. He concludes that, over the course of the long-running legal battle, Google Books “lost its drive and ambition.”

From the Authors Guild side, James Gleick has written a rebuttal in which he also expresses regret that the proposed Google Books settlement didn’t come to pass, and discusses the need for some sort of better solution to permit access to orphan works. However, Gleick also points out much the same thing that I did in one of my earlier posts about Google Books—all that stuff with serving as an ebook store for orphan works and holding the proceeds in escrow was not Google’s idea.

As Gleick himself admits, Google Books was never intended to make any non-public-domain books fully available, until the Authors Guild proposed its settlement that Judge Chin shot down for overreaching. It was meant from the outset as an indexing tool for a search engine, and that’s all.

Gleick adds:

The point of the ill-fated settlement with Google was to give those books a new life—creating a platform in which readers or libraries could pay a small amount for these older copyrighted books and authors could receive a bit of compensation. The Authors Guild hasn’t given up on making that possible. We’re working with some libraries on ways to do it, and we hope to have more to say about that soon.

Making orphan works more readily available is a laudable goal, even if the Google Books settlement was the wrong way to go about it. If the Authors Guild can work out a way to do that which will pass legal muster, well, more power to them.

But then Gleick comes out with this whopper, which seems to be at least as historically revisionist as all the people who think Google Books was always intended to make in-copyright books fully available:

We authors, for our part, didn’t object to Google’s creating of a search index. In itself, search had obvious benefits for everyone, readers and writers alike. We objected to Google’s seizing without permission the full texts of copyrighted books for profit-making purposes not limited to indexing and never, in fact, fully disclosed. These books are enormously valuable to anyone working on algorithmic translation and machine learning.

Really? In all the time I have been following the Google Books story for TeleRead, I have never seen the Authors Guild come right out and say that scanning the works to build a search index is fine but profiting in other ways isn’t. It always came down to something to the effect of “we said in our copyright notices Thou Shalt Not Scan At All, but Google went ahead and scanned anyway—and they’re making money off a search engine for authors’ hard work without first getting permission from us. (Or sharing any of the take.)”

Indeed, in a piece from last year that Gleick links to in his own article, Authors Guild council member Richard Russo depicts the Guild’s problem as exactly that: Google scanning books without permission to create a search index at all. Russo certainly doesn’t say, as Gleick does, that it would be fine and dandy for Google to create a search index without permission if it weren’t for nebulous “never […] fully disclosed” other “profit-making purposes”. (Though one of the comments below the article does point out Google didn’t say anything about whether it would be using the data for other purposes, such as machine learning.)

Coming back to Rosenberg for a moment, Rosenberg notes:

As the Authors Guild’s Gleick points out, Google started Books with a “better ask forgiveness than permission” attitude that’s common today in the world of startups. In a sense, the company behaved like the Uber of intellectual property — a kind of read-sharing service — while expecting to be seen the way it saw itself, as a beneficent pantheon of wizards serving the entire human species. It was naive, and the stubborn opposition it aroused came as a shock.

I’m not a lawyer, of course, but as I understand it, there never was any need for Google to ask permission, if it believed it was making a fair use of the copyrighted material. (And, as subsequent court decisions bore out, it was.) The whole point of “fair use” is that it’s something you have the right to do without asking permission. Rights holders are always free to disagree and take legal action (as, indeed, the Authors Guild did), but American copyright has a strong tradition of permitting expansive fair uses, even by for-profit entities. That’s not presumptive or “naive,” that’s just the way copyright law intersects with the rights of those who would use the material.

(And that’s leaving aside the fact that asking permission of every single publisher for every single book would be a sisyphean task in any case. But then, that’s why we have fair use rights to begin with; under fair use law, Google didn’t need to ask permission to scan any more than a student has to get permission from every publisher to photocopy pages out of any book he needs as research material.)

But fair use is a contentious matter in the digital world, and Google Books isn’t the only example of that. Another recent example pits YouTube content creators against rights holders in the matter of YouTube videos that make fair use of copyrighted material. It seems that making it easy to copy material digitally opens up multiple cans of worms when it comes to deciding just how much copying should be allowed.

When you come right down to it, after all the legal wrangling and bluster is out of the way, Google Books is still chugging right along doing exactly what Google said its goals were all the way back in 2004: making printed books as easy to search as the web. And the effect that has on scholarly research should not be understated. It’s so much easier now to find exactly the information you need, rather than having to riffle through a card catalog and hope that a book will have useful information in it. If Google can make a few bucks off doing that, well then, more power to Google. Many useful innovations have come about due to someone’s desire to make a profit.

What I’d really like to know is why the Authors Guild has apparently never seen fit to do anything about the Internet Archive’s OpenLibrary, which violates copyrights in exactly the way Google Books doesn’t. I wonder if they’ll ever take any notice of that particular full-text scan project?

In any event, Google Books never got “lost” in the way Scott Rosenberg seems to think. It always knew exactly where it was—and it’s still there.


'Sonic Screwdriver' Breaks Time and Space in Order to Be Added to the Oxford English Dictionary [Published articles]

Just ahead of the season premiere of Doctor Who, the good people at the OED had a little tie-in to announce: “sonic screwdriver,” the Doctor’s multipurpose magic tool, is getting its own entry.

Read more...

90% of Python in 90 Minutes (2013) [Published articles]

Microsoft Says Previous Windows Patches Fixed Newly Leaked NSA Exploits [Published articles]

Microsoft said it has already patched vulnerabilities revealed in last week's high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they've kept their software up-to-date. From a report: Friday's leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008. However, Microsoft said several patches -- one of which was made only last month -- address the vulnerabilities. "Our engineers have investigated the disclosed exploits, and most of the exploits are already patched," the company said in a blog post late on Friday. Three of the exploits found in the leak have not been patched but do not work on platforms that Microsoft currently supports, such as Window 7 or later and Exchange 2010 or later.

Share on Google+

Read more of this story at Slashdot.

Nearby Ocean Worlds Could Be Best Bet For Life Beyond Earth, Says NASA [Published articles]

NASA has new evidence that the most likely places to find life beyond Earth are Jupiter's moon Europa or Saturn's moon Enceladus. In terms of potential habitability, Enceladus particularly has almost all of the key ingredients for life as we know it, researchers said. From a report: New observations of these active ocean worlds in our solar system have been captured by two NASA missions and were presented in two separate studies in an announcement at NASA HQ in Washington today. Using a mass spectrometer, the Cassini spacecraft detected an abundance of hydrogen molecules in water plumes rising from the "tiger stripe" fractures in Enceladus' icy surface. Saturn's sixth-largest moon is an ice-encased world with an ocean beneath. The researchers believe that the hydrogen originated from a hydrothermal reaction between the moon's ocean and its rocky core. If that is the case, the crucial chemical methane could be forming in the ocean as well.

Share on Google+

Read more of this story at Slashdot.

More Americans Now Work Full-Time From Home Than Walk and Bike To Office Jobs [Published articles]

An anonymous reader quotes a report from Quartz: In the United States, the past decade has been marked by booming cities, soaring rents, and a crush of young workers flocking to job-rich downtowns. Although these are heady days for pavement-pounding urbanists, a record 2.6% of American employees now go to their jobs without ever leaving their houses. That's more than walk and bike to work combined. These numbers come from a Quartz analysis of data from the U.S. census and the American Community Survey. The data show that telecommuting has grown faster than any other way of getting to work -- up 159% since 2000. By comparison, the number of Americans who bike to work has grown by 86% over the same period, while the number who drive or carpool has grown by only 12%. We've excluded both part-time and self-employed workers from these and all results. Though managers are the largest group of remote workers, as a percentage of a specific occupation computer programmers are the most over-represented. Nearly 8% of programmers now work from home, following a staggering increase of nearly 400% since 2000.

Share on Google+

Read more of this story at Slashdot.

Air Force Converts F-16 Jets Into Wingman Drones [Published articles]

New submitter Zmobie writes: In a new program, the U.S. Air Force has converted and tested F-16 planes as drones that are able to fly with complex mission parameters. The program is designed to use retiring F-16 jets to act as autonomous "loyal wingman" for manned F-35 jets and fly their own strike missions. Business Insider reports: "The U.S. has used F-16 drones before as realistic targets for the F-35 to blow up in training, but on Monday it announced fully autonomous air-to-air and ground strike capabilities as a new capability thanks to joint research between the service and Lockheed Martin's legendary Skunkworks. [...] But having F-16 drones plan and fly their own missions is only part of a much larger picture. The future of the U.S. Air Force may well depend on advanced platforms like F-35s commanding fleets of unmanned drones which can act as additional ears, eyes, and shooters in the sky during battles." Further reading: TechCrunch, Popular Mechanics, Engadget

Share on Google+

Read more of this story at Slashdot.

Taking the Bodleian less seriously (with GIFs) [Published articles]

 Pop quiz, hotshot. You’re appointed the social media manager for a world-renowned institution like Oxford’s Bodleian Library. What do you do? Obviously, you spend the next year making GIFs out of the thousands of precious cultural treasures hoarded there. At least that’s what Adam Koszary did. Read More

Google Home has stopped answering to that annoying Burger King ad [Published articles]

 The internet barely had time to be annoyed for that new 15 second Burger King ad before Google shut the whole thing down. A little over two hours after the fast food giant took the wraps off of a TV spot designed to trigger smart assistants across the country, the functionality no longer works. We’ve reached out to Google for confirmation of the action, which was likely just a quick fix… Read More

Pwned at the factory: attackers think outside the box [Published articles]

There are steps you can take to avoid ending up with a device that's been compromised even before you've started up your new phone, but nothing can guarantee you'll get a clean device

Fake News at Work in Spam Kingpin’s Arrest? [Published articles]

Over the past several days, many Western news media outlets have predictably devoured thinly-sourced reporting from a Russian publication that the arrest last week of a Russian spam kingpin in Spain was related to hacking attacks linked to last year’s U.S. election. While there is scant evidence that the spammer’s arrest had anything to do with the election, the success of that narrative is a sterling example of how the Kremlin’s propaganda machine is adept at manufacturing fake news, undermining public trust in the media, and distracting attention away from the real story.

Russian President Vladimir Putin tours RT facilities. Image: DNI

Russian President Vladimir Putin tours RT facilities. Image: DNI

On Saturday, news broke from RT.com (formerly Russia Today) that authorities in Spain had arrested 36-year-old Peter “Severa” Levashov, one of the most-wanted spammers on the planet and the alleged creator of some of the nastiest cybercrime engines in history — including the Storm worm, and the Waledac and Kelihos spam botnets.

But the RT story didn’t lead with Levashov’s alleged misdeeds or his primacy among junk emailers and virus writers. Rather, the publication said it interviewed Levashov’s wife Maria, who claimed that Spanish authorities said her husband was detained because he was suspected of being involved in hacking attacks aimed at influencing the 2016 U.S. election.

The RT piece is fairly typical of one that covers the arrest of Russian hackers in that the story quickly becomes not about the criminal charges but about how the accused is being unfairly treated or maligned by overzealous or misguided Western law enforcement agencies.

The RT story about Levashov, for example, seems engineered to leave readers with the impression that some bumbling cops rudely disturbed the springtime vacation of a nice Russian family, stole their belongings, and left a dazed and confused young mother alone to fend for herself and her child.

This should not be shocking to any journalist or reader who has paid attention to U.S. intelligence agency reports on Russia’s efforts to influence the outcome of last year’s election. A 25-page dossier released in January by the Office of the Director of National Intelligence describes RT as a U.S.-based but Kremlin-financed media outlet that is little more than an engine of anti-Western propaganda controlled by Russian intelligence agencies.

Somehow, this small detail was lost on countless Western media outlets, who seemed all too willing to parrot the narrative constructed by RT regarding Levashov’s arrest. With a brief nod to RT’s “scoop,” these publications back-benched the real story (the long-sought capture of one of the world’s most wanted spammers) and led with an angle supported by the flimsiest of sourcing.

On Monday, the U.S. Justice Department released a bevy of documents detailing Levashov’s alleged history as a spammer, and many of the sordid details in the allegations laid out in the government’s case echoed those in a story I published early Monday. Investigators said they had dismantled the Kelihos botnet that Severa allegedly built and used to distribute junk email, but they also emphasized that Levashov’s arrest had nothing to do with hacking efforts tied to last year’s election.

“Despite Russian news media reports to the contrary, American officials said Mr. Levashov played no role in attempts by Russian government hackers to meddle in the 2016 presidential election and support the candidacy of Donald J. Trump,” The New York Times reported.

Nevertheless, from the Kremlin’s perspective, the RT story is almost certainly being viewed as an unqualified success: It distracted attention away from the real scoop (a major Russian spammer was apprehended); it made much of the news media appear unreliable and foolish by regurgitating fake news; and it continued to sow doubt in the minds of the Western public about the legitimacy of democratic process.

Levashov’s wife may well have been told her husband was wanted for political hacking. Likewise, Levashov could have played a part in Russian hacking efforts aimed at influencing last year’s election. As noted here and in The New York Times earlier this week, the Kelihos botnet does have a historic association with election meddling: It was used during the Russian election in 2012 to send political messages to email accounts on computers with Russian Internet addresses.

According to The Times, those emails linked to fake news stories saying that Mikhail D. Prokhorov, a businessman who was running for president against Vladimir V. Putin, had come out as gay. It’s also well established that the Kremlin has a history of recruiting successful criminal hackers for political and espionage purposes.

But the less glamorous truth in this case is that the facts as we know them so far do not support the narrative that Levashov was involved in hacking activities related to last year’s election. To insist otherwise absent any facts to support such a conclusion only encourages the spread of more fake news.

Galaxy Cluster Gas Creates Hole in Microwave Background [Published articles]

Why would this cluster of galaxy punch a hole in the cosmic microwave background (CMB)? Why would this cluster of galaxy punch a hole in the cosmic microwave background (CMB)?


Five things we’ve learned about monitoring containers and their orchestrators [Published articles]

This is a guest post by Apurva Davé, who is part of the product team at Sysdig.

Having worked with hundreds of customers on building a monitoring stack for their containerized environments, we’ve learned a thing or two about what works and what doesn’t. The outcomes might surprise you - including the observation that instrumentation is just as important as the application when it comes to monitoring.

In this post, I wanted to cover some details around what it takes to build a scale-out, highly reliable monitoring system to work across tens of thousands of containers. I’ll share a bit about what our infrastructure looks like, the design choices we made, and tradeoffs. The five areas I’ll cover:

  • Instrumenting the system

  • Relating your data to your applications, hosts, and containers.

  • Leveraging orchestrators

  • Deciding what to data to store

  • How to enable troubleshooting in containerized environments

For context, Sysdig is the container monitoring company. We’re based on the open source Linux troubleshooting project by the same name. The open source project allows you to see every single system call down to process, arguments, payload, and connection on a single host. The commercial offering turns all this data into thousands of metrics for every container and host, aggregates it all, and gives you dashboarding, alerting, and an htop-like exploration environment.

Ok, let’s get into the details, starting with the impact containers have had on monitoring systems.

Why do containers change the rules of the monitoring game?

BetterTLS - A Name Constraints test suite for HTTPS clients [Published articles]


Written by Ian Haken

At Netflix we run a microservices architecture that has hundreds of independent applications running throughout our ecosystem. One of our goals, in the interest of implementing security in depth, is to have end-to-end encrypted, authenticated communication between all of our services wherever possible, regardless of whether or not it travels over the public internet. Most of the time, this means using TLS, an industry standard implemented in dozens of languages. However, this means that every application in our environment needs a TLS certificate.

Bootstrapping the identity of our applications is a problem we have solved, but most of our applications are resolved using internal names or are directly referenced by their IP (which lives in a private IP space). Public Certificate Authorities (CAs) are specifically restricted from issuing certificates of this type (see section 7.1.4.2.1 of the CA/B baseline requirements), so it made sense to use an internal CA for this purpose. As we convert applications to use TLS (e.g., by using HTTPS instead of HTTP) it was reasonably straightforward to configure them to use a truststore which includes this internal CA. However, the question remained of what to do about users accessing their services using a browser. Our internal CA isn’t trusted by browsers out-of-the-box, so what should we do?

The most obvious answer is straightforward: “add the CA to browsers’ truststores.” But we were hesitant about this solution. By forcing our users to trust a private CA, they must take on faith that this CA is only used to mint certificates for internal services and is not being used to man-in-the-middle traffic to external services (such as banks, social media sites, etc). Even if our users do take on faith our good behavior, the impact of a compromise to our infrastructure becomes significant; not only could an attacker compromise our internal traffic channels, but all of our employees are suddenly at risk, even when they’re at home.
Fortunately, the often underutilized Name Constraints extension provides us a solution to both of these concerns.

The Name Constraints Extension

One powerful (but often neglected) feature of the TLS specification is the Name Constraints extension. This is an extension that can be put on CA certificates which whitelists and/or blacklists the domains and IPs for which that CA or any sub-CAs are allowed to create certificates for. For example, suppose you trust the Acme Corp Root CA, which delegates to various other sub-CAs that ultimately sign certificates for websites. They may have a certificate hierarchy that looks like this:

Now suppose that Beta Corp and Acme Corp become partners and need to start trusting each other’s services. Similar to Acme Corp, Beta Corp has a root CA that has signed certificates for all of its services. Therefore, services inside Acme Corp need to trust the Beta Corp root CA. Rather than update every service in Acme Corp to include the new root CA in its truststore, a simpler solution is for Acme Corp to cross-certify with Beta Corp so that the Beta Corp root CA has a certificate signed by the the Acme Root CA. For users inside Acme Corp their trust hierarchy now looks like this.

However, this has the undesirable side effect of exposing users inside of Acme Corp to the risk of a security incident inside Beta Corp. If a Beta Corp CA is misused or compromised, it could issue certificates for any domain, including those of Acme Corp.

This is where the Name Constraints extension can play a role. When Acme Corp signs the Beta Corp root CA certificate, it can include an extension in the certificate which declares that it should only be trusted to issue certificates under the “betacorp.com” domain. This way Acme Corp users would not trust mis-issued certificates for the “acmecorp.com” domain from CAs under the Beta Corp root CA.

This example demonstrates how Name Constraints can be useful in the context of CA cross-certification, but it also applies to our original problem of inserting an internal CA into browsers’ trust stores. By minting the root CA with Name Constraints, we can limit what websites could be verified using that trust root, even if the CA or any of its intermediaries were misused.

At least, that’s how Name Constraints should work.

The Trouble with Name Constraints

The Name Constraints extension lives on the certificate of a CA but can’t actually constrain what a bad actor does with that CA’s private key (much less control what a subordinate CA issues), so even with the extension present there is nothing to stop the bad actor from signing a certificate which violates the constraint. Therefore, it is up to the TLS client to verify that all constraints are satisfied whenever the client verifies a certificate chain.

This means that for the Name Constraints extension to be useful, HTTPS clients (and browsers in particular) must enforce the constraints properly.

Before relying on this solution to protect our users, we wanted to make sure browsers were really implementing Name Constraints verification and doing so correctly. The initial results were promising: each of the browsers we tested (Chrome, Firefox, Edge, and Safari) all gave verification exceptions when browsing to a site where a CA signed a certificate in violation of the constraints.

However, as we extended our test suite beyond basic tests we rapidly began to lose confidence. We created a battery of test certificates which moved the subject name between the certificate’s subject common name and Subject Alternate Name extension, which mixed the use of Name Constraint whitelisting and blacklisting, and which used both DNS names and IP names in the constraint. The result was that every browser (except for Firefox, which showed a 100% pass rate) and every HTTPS client (such as Java, Node.JS, and Python) allowed some sort of Name Constraint bypass.

Introducing BetterTLS

shot-1488406780.png
In order to raise awareness around the issues we discovered and encourage TLS implementers to correct them, and to allow them to include some of these tests in their own test suite, we are open sourcing the test suite we created and making it available online. Inspired by badssl.com, we created bettertls.com with the hope that the tests we add to this site can help improve the resiliency of TLS implementations.

Before we made bettertls.com public, we reached out to many of the affected vendors and are happy to say that we received a number of positive responses. We’d particularly like to thank Ryan Sleevi and Adam Langley from Google who were extremely responsive and immediately took actions to remediate some of the discovered issues and incorporate some of these test certificates into their own test suite. We have also received confirmation from Oracle that they will be addressing the results of this test suite in Java in an upcoming security release.

The source for bettertls.com is available on github, and we welcome suggestions, improvements, corrections, and additional tests!

DMCA 'Safe Harbor' Up In the Air For Online Sites That Use Moderators [Published articles]

"The Digital Millennium Copyright Act's so-called 'safe harbor' defense to infringement is under fire from a paparazzi photo agency," reports Ars Technica. "A new court ruling says the defense may not always be available to websites that host content submitted by third parties." The safe harbor provision "allow[s] websites to be free from legal liability for infringing content posted by their users -- so long as the website timely removes that content at the request of the rights holder," explains Ars. From the report: [A] San Francisco-based federal appeals court is ruling that, if a website uses moderators to review content posted by third parties, the safe harbor privilege may not apply. That's according to a Friday decision in a dispute brought by Mavrix Photographs against LiveJournal, which hosts the popular celebrity fan forum "Oh No they Didn't." The site hosted Mavrix-owned photos of Beyonce Knowles, Katy Perry, and other stars without authorization. LiveJournal claimed it was immune from copyright liability because it removed the photos. Mavrix claimed that the site's use of voluntary moderators removed the safe-harbor provision. The 9th U.S. Circuit Court of Appeals sided with Mavrix to a degree, but the court wants to know how much influence the moderators had on what was and was not published. With that, the court sent the case back to a lower court in Los Angeles to figure that out, perhaps in a trial. The highly nuanced decision overturned a lower court ruling that said LiveJournal was protected by safe harbor. The lower court said LiveJournal does not solicit any specific infringing material from its users or edit the content of its users' posts.

Share on Google+

Read more of this story at Slashdot.

Scientists aim to reach the Earth's mantle with an undersea drill [Published articles]

We'd know a lot more about what's under the Earth's crust if Jules Verne's Icelandic volcano weren't but a figment of his imagination. Japan's Agency for Marine-Earth Science and Technology's (JAMSTEC) largest drilling ship called "Chikyu" is very re...

SpaceX releases video of its historic reused rocket landing [Published articles]

SpaceX made history last week when it successfully relaunched a previously-used rocket back into orbit (recovering the $6 million nosecone was just gravy). That rocket body could potentially be used yet again, given how spryly it set down on its dron...

The old Register of Copyrights snuck a $25M fake line-item into the budget [Published articles]

When the old Register of Copyrights Maria Pallante stepped down from the Library of Congress, it was an open secret that she'd been forced out and there was a lot of Big Content conspiracy theories that Google had gotten her canned because she was too friendly to the movie studios and record labels. (more…)

Better Git configuration [Published articles]

Researchers Detect A Mysterious Flash Of X-Rays From A Faraway Galaxy [Published articles]

"It was a spark in the night. A flash of X-rays from a galaxy hovering nearly invisibly on the edge of infinity. Astronomers say they do not know what caused it." Slashdot reader schwit1 quotes the New York Times: The orbiting Chandra X-ray Observatory, was in the midst of a 75-day survey of a patch of sky known as the Chandra Deep Field-South, when it recorded the burst from a formerly quiescent spot in the cosmos. For a few brief hours on Oct 1, 2014, the X-rays were a thousand times brighter than all the light from its home galaxy, a dwarf unremarkable speck almost 11 billion light years from here, in the constellation Fornax. Then whatever had gone bump in the night was over and the X-rays died. The event as observed does not fit any known phenomena, according to Franz Bauer, an astronomer at Pontifical Catholic University of Chile, and lead author of a report to be published in Science. He described some possible explanation in a blog post this week -- for example, a star being torn apart by a black hole, or the afterglow from a gamma ray burst seen sideways -- but the spectrum readings aren't a match, according to the Times. "None of the usual cosmic catastrophe suspects work."

Share on Google+

Read more of this story at Slashdot.

Why do developers who could work anywhere flock to the world’s most expensive cities? [Published articles]

 Politicians and economists lament that certain alpha regions — SF, LA, NYC, Boston, Toronto, London, Paris — attract all the best jobs while becoming repellently expensive, reducing economic mobility and contributing to further bifurcation between haves and have-nots. But why don’t the best jobs move elsewhere? Of course many of them can’t. The average financier in NYC… Read More

Last day with JWST at Goddard [Published articles]

Star Wars + Tumblr Text Posts Have Made Us All Useless With Laughter [Published articles]

Star Wars Test Posts Twitter

One of the greatest memes that Tumblr has provided the world with are short text posts laid over pictures featuring your favorite characters from film, television, and video games. The Star Wars Text Post Twitter gathers them all in one place for you to peruse.

And peruse, and… this might take up the rest of your day. It’s very worth it.

Here are a few of our personal favorites:

Star Wars Test Posts Twitter

Star Wars Test Posts Twitter

Star Wars Test Posts Twitter

Star Wars Test Posts Twitter

Star Wars Test Posts Twitter

Star Wars Test Posts Twitter

Star Wars Test Posts Twitter

And those really are just a very tiny, infinitesimal slice of what’s over there. Some NSFW. So… happy weekend?

USB Canary Sends An SMS When Someone Tinkers With Your USB Ports [Published articles]

An anonymous reader quotes a report from BleepingComputer: A new tool released on GitHub last week can help paranoid sysadmins keep track of whenever someone plugs in or disconnects an USB-based device from high-value workstations. Called USB Canary, this tool is coded in Python and currently, works only on Linux (versions for Windows and Mac are in the works). The tool works by watching USB ports for any activity while the computer is locked, which generally means the owner has left his desk. If an USB device is plugged in or unplugged, USB Canary can perform one of two actions, or both. It can alert the owner by sending an SMS message via the Twilio API, or it can post a message in a Slack channel, which can be monitored by other co-workers. USB Canary can prove to be a very useful tool for large organizations that feature strict PC policies. For example, if you really want to enforce a "No USB drives" at work, this could be the tool for the job. Further, with modifications, it could be used for logging USB activity on air-gapped systems.

Share on Google+

Read more of this story at Slashdot.

These Are The Cars That Are Most Likely To Go Over 200,000 Miles [Published articles]

New Up-Close Image of Jupiter Is So Hypnotic It Hurts [Published articles]

NASA’s Juno spacecraft has consistently been coming through with the best close-up images of Jupiter we’ve ever seen. But a newly released, enhanced-color image of a large dark spot might be the most ethereal of all—its swirling, colorful clouds make it seem like a Jovian Van Gogh.

Read more...

Sex and Gor and open source [Published articles]

 A few weeks ago, Dries Buytaert, founder of the popular open-source CMS Drupal, asked Larry Garfield, a prominent Drupal contributor and long-time member of the Drupal community, “to leave the Drupal project.” Why did he do this? He refuses to say. A huge furor has erupted in response — not least because the reason clearly has much to do with Garfield’s unconventional… Read More

Supermassive Black Hole Rocketing Out of Distant Galaxy At 5 Million MPH [Published articles]

The Bad Astronomer writes: Astronomers have found a supermassive black hole barreling out of its home galaxy at 5 million miles per hour. The 3 billion solar mass behemoth formed from the merger of two slightly smaller black holes after two galaxies collided and themselves merged. The resulting blast of gravitational waves is thought to have been asymmetric, causing a rocket effect which launched the resulting black hole away. It's currently 40,000 light years from the galaxy's core. Source: ESA/Hubble

Share on Google+

Read more of this story at Slashdot.

Why You Should Care About the Supreme Court Case On Toner Cartridges [Published articles]

rmdingler quotes a report from Consumerist: A corporate squabble over printer toner cartridges doesn't sound particularly glamorous, and the phrase "patent exhaustion" is probably already causing your eyes to glaze over. However, these otherwise boring topics are the crux of a Supreme Court case that will answer a question with far-reaching impact for all consumers: Can a company that sold you something use its patent on that product to control how you choose to use after you buy it? The case in question is Impression Products, Inc v Lexmark International, Inc, came before the nation's highest court on Tuesday. Here's the background: Lexmark makes printers. Printers need toner in order to print, and Lexmark also happens to sell toner. Then there's Impression Products, a third-party company makes and refills toner cartridges for use in printers, including Lexmark's. Lexmark, however, doesn't want that; if you use third-party toner cartridges, that's money that Lexmark doesn't make. So it sued, which brings us to the legal chain that ended up at the Supreme Court. In an effort to keep others from getting a piece of that sweet toner revenue, Lexmark turned to its patents: The company began selling printer cartridges with a notice on the package forbidding reuse or transfer to third parties. Then, when a third-party -- like Impression -- came around reselling or recycling the cartridges, Lexmark could accuse them of patent infringement. So far the courts have sided with Lexmark, ruling that Impression was using Lexmark's patented technology in an unauthorized way. The Supreme Court is Impression's last avenue of appeal. The question before the Supreme Court isn't one of "can Lexmark patent this?" Because Lexmark can, and has. The question is, rather: Can patent exhaustion still be a thing, or does the original manufacturer get to keep having the final say in what you and others can do with the product? Kate Cox notes via Consumerist that the Supreme Court ruling is still likely months away. However, she has provided a link to the transcript of this week's oral arguments (PDF) in her report and has dissected it to see which way the justices are leaning on the issue.

Share on Google+

Read more of this story at Slashdot.

A climbable personal library in an old elevator shaft [Published articles]

Studio North was commissioned to refit an old elevator shaft in a converted warehouse loft in Calgary; they built a tall, narrow library with climbable shelves whose hand- and foot-holds retract into the shelving. (more…)

A geographic name server that can tell you how many places in the world share the same name. There are 608 places in the world named San francisco! [Published articles]

Bash QDB - 962705 [Published articles]

*** Gad is now known as REGISTER.
*** REGISTER is now known as IDENTIFY.
*** IDENTIFY is now known as Gad.
<petn-randall> Gad: /msg nickserv help
<Dark-Jedi> Just wait, his nick will change to "HELP" any moment now.
*** Gad is now known as HELP.

Shia LaBeouf's anti-Trump livestream moves to the UK for 'safety' [Published articles]

Since its launch in January, Shia LaBeouf's anti-Trump art piece has been mired in controversy. In its short life, "He Will Not Divide Us" has been shut down by New York's Museum of the Moving Image (its original home), played a part in LaBeouf's arr...

Senate votes to allow ISPs to collect personal data without permission [Published articles]

 The broadband privacy rules created by the FCC last year and vigorously debated last night are in danger after the Senate voted to repeal them this morning. Among other things, the rules required ISPs to obtain consumers’ permission in order to use certain sensitive data like browsing history that they obtain through their service. Read More