Miracle Machine Turns Water To Wine
[Via Discovery News - Top Stories]
This this tabletop appliance promises to turn $2 into a $20 bottle of wine in three days. Continue reading →
[More]
I’m not expecting a complex wine but I m not hopeful it will be worth drinking. We shall see.
Taking the war out of global warming
[Via BBC News | Science/Nature | World Edition]
Are climate “sceptics” ready to accept more of the science?
[More]
They actually use data and statistics to make a scientific point – they think that climate change may be slower than some but this means we can have a conversation.
Hope it continues.
Make taser-proof clothing with carbon-fiber linings
[Via Boing Boing]
On Hackaday, Shenzhen demonstrates some proof-of-concept “taser-proof clothing” created by adding carbon fiber to the clothes’ lining. The carbon fiber textile can be procured in a variety of forms, including upholstery fabric (58″ wide, $19.50/yard) and peel-and-stick 50cm tape rolls. Shenzhen claims this will work even if the taser’s prongs get to the wearer’s body: “Electric current flows through the carbon tape and not through the human body. Always. Even if the taser’s needle pierced the skin.”
[More]
Of course, the next step if this works would apparently be to simply shoot you. But I expect efforts by the authoritarians to make it very hard to get this material if it actually works.
We shall see how this plays our.
What Tim Armstrong could learn from Ben Horowitz (or, yunno, any human being)
[Via PandoDaily]
I’ve been sitting on this post for weeks thanks to the embargo on Ben Horowitz’s new book, which I reviewed earlier in full here.
As I was reading my galley of the book, the astoundingly shameful story about AOL CEO Tim Armstrong complaining that saving the lives of two of his employees‘ “distressed” babies had cost him too much money was making the rounds. These were employees who’d– by the way– taken jobs with full benefits and paid their premiums on health insurance for just such a worst-case-scenario disaster. That’s sort of how insurance works, after all.
I was horrified, but I shouldn’t have been surprised. It was a shocking story, yes, but it mirrored everything I saw in my thankfully limited time at AOL after TechCrunch sold to Armstrong: A CEO who was more likely to blame others for a change in policy than suck it up himself and take the arrows himself.
As the New Yorker put it:
In other words, don’t blame us for cutting back on retirement benefits; it was two babies we had to keep alive who took your money.
But beyond how horrific it was on a human level, it was also just incompetent. It’s just basic CEO’ing 101: You don’t single out employees in an all hands meeting. You don’t riff off-the-cuff in an all hands meeting. You don’t reduce your employees’ children’s lives down to a line item in the P&L– or if you do somewhere in a budget meeting, you don’t do it publicly, in front of them and all of their coworkers. Particularly when you are the CEO of a profitable multi-billion company who makes $12 million a year yourself and spends plenty of cash on employee parties and office ice luges for doing vodka shots. (OK, maybe that last one is more of an unspoken rule…)
[More]
The sociopath. Now the human being – Ben Horowitz:
The context was a bet-the-company move on buying a small company called Tangram. Opsware was on its ninth life or so, and facing the potential for bankruptcy again. It had one major client, and the man who ran that account wanted to kick Opsware out. The only thing he adored was this company Tangram. It was cheap and Horowitz realized if he could bundle Tangram’s software into Opsware, that would be the magic secret sauce to save almost all of his annual revenues, and… yunno, everyone’s jobs.
The company readily sold. During the talks, the two agreed that the CFO John Nelli wouldn’t join the combined company. I’ll leave the rest of the story in Horowitz’s own words:
But during the time between signing and close, John began to get severe headaches. His doctors discovered that he had brain cancer. Because he would not be an Opsware employee and it was a preexisting condition, he would not be eligible for health insurance under our plan. The cost of the treatment without health insurance would likely bankrupt his family. I asked my head of HR what it would cost to keep him on the payroll long enough to qualify for COBRA and what COBRA would cost. It wasn’t cheap– about $200,000. This was a significant amount of money for a company in our situation. On top of that, we barely knew John and technically we didn’t “owe” him anything. This wasn’t our problem. We were fighting for our lives.
He continues:
We were fighting for our lives, but he was about to lose his. I decided to pay for his health costs and find the money elsewhere in the budget. I never expected to hear anything else about that decision, but fifteen months later I received a handwritten letter from John’s wife letting me know that John had died. She wrote that she was absolutely shocked that I would help a total stranger and his family and that I had saved her from total despair. She went on for several paragraphs saying that she didn’t know why I did it, but it enabled her to continue living and she was eternally grateful. I guess I did it because I knew what desperation felt like.
Karma. Humanity. Leadership. There are plenty of different interpretations of this. Maybe some of you even see it as weakness. But it’s a big reason the same people who worked for Horowitz at Opsware still work for him.
There are some CEOs who are not bandits. Sounds like Horowitz is one of them.
from Wikipedia
Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping
[Via Ars Technica]
Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn’t be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.
The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical “goto fail” flaw that for months put users of Apple’s iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug.
[More]
This bug may well have been there since 2005! The cry of Open Source is that, because so many eyeballs can see everything, critical bugs get found.
In contrast to closed source systems, such as Apple’s OS.
The reason these bugs were found was because people were specifically looking for them. Testing or eyeballs did not reveal them. Because Snowden released slides indicating that the NSA was specifically getting client data from various OS, including Windows, iOS and Linux.
This bug actually makes it easier for someone to get the information than Apple’s bug. For the hacker to use Apple’s bug, they had to be on the same network. But this one does not require that be the case.
You can bet that the NSA has been using this bug to get ahold of encrypted data from anyone using the appropriate Open Source tools.
All in systems that everyone supposedly can review.
The failure may allow attackers using a self-signed certificate to pose as the cryptographically authenticated operator of a vulnerable website and to decrypt protected communications. It’s significant that no one managed to notice such glaring errors, particularly since they were contained in code that anyone can review.
This was only found when some of the Open Source companies held audit reviews, probably to check out the very bug Apple found,
There was lots of criticism for Apple’s supposedly poor coding and bad error testing. But here we have something that has been a part of Linux for perhaps 10 years. Where was all the great checking by all those eyeballs?
I have to say that if Snowden’s revelations only helped Apple and others to identify these bugs (simply because they looked) he should be welcomed as a whistleblower. Because these are really devastating security flaws.
SpreadingScience
Sustainable Path Foundation Idea Club
