By contrast, the current ranking system leads to the popular becoming more popular — once you’re on the top charts, you have increased visibility, which leads to more reviews, which further cements your chart position (as long as you stay inside your semantic rating bucket).
Those of us who want to discover hidden gems really need the search functionality to work with us, not against us. We want a system where the top charts are self-correcting, rather than self-reinforcing. Otherwise we get a situation like Apple’s with frozen charts, shady tactics, and skyrocketing user acquisition costs.
Cyanogen Inc. Turns Down Acquisition Attempt by Google, Seeks $1 Billion Valuation
As many of you may know, Cyanogen is built from Android source code, with layers upon layers of custom code placed on top. These changes allow for users to highly customize the look and feel of the OS. For example, users running Cyanogen can place custom skins on the OS and also increase a device’s security thanks to additional settings. There are countless developers that contribute their code to make Cyanogen a better alternative to vanilla Android, which is provided straight from Google as open source.
Cyanogen has told potential investors that it has a deal in place to bring its custom version of the Android OS to India through a manufacturer called Micromax. Alongside Samsung, Micromax currently holds almost as much share of the smartphone market in India, making this deal a very large step to get Cyanogen into the hands of millions of more people.
Snowflake-shaped networks are easiest to mend
They found the best networks are made from partial loops around the units of the grid, with exactly one side of each loop missing. All of these partial loops link together, back to a central source. These have a low repair cost because if a link breaks, the repair simply involves adding back the missing side of a loop. What’s more, they are resistant to multiple breaks over time, as each repair preserves the network’s fundamental design.
via Snowflake-shaped networks are easiest to mend – tech – 03 October 2014 – New Scientist.
Apple will face $350M trial over iPod DRM
Last week, US District Judge Yvonne Gonzales Rogers gave the green light (PDF) to sending a long-running antitrust lawsuit against Apple to trial. Plaintiffs in the case say that Apple used its FairPlay DRM system to “lock in” its customers and make it costly to switch to technology built by competitors, like Real Networks. They describe how Apple kept updating iTunes to make sure songs bought from Real’s competing digital music store couldn’t be used on iPods. As a result of this lock-in, Apple was able to overcharge its customers to the tune of tens of millions of dollars.
via Apple will face $350M trial over iPod DRM | Ars Technica.
Turning USB peripherals into BadUSB
BadUSB – Turning devices evil. Once reprogrammed, benign devices can turn malicious in many ways, including:
- A device can emulate a keyboard and issue commands on behalf of the logged-in user, for example to exfiltrate files or install malware. Such malware, in turn, can infect the controller chips of other USB devices connected to the computer.
- The device can also spoof a network card and change the computer’s DNS setting to redirect traffic.
- A modified thumb drive or external hard disk can – when it detects that the computer is starting up – boot a small virus, which infects the computer’s operating system prior to boot.
via Turning USB peripherals into BadUSB | Security Research Labs.
Robot Arm Will Install New Earth-Facing Cameras On The Space Station
TORONTO, CANADA – Canada’s robotic Canadarm2 will install the next two Urthecast cameras on the International Space Station, removing the need for astronauts to go outside to do the work themselves, the company announced today (Sept. 30).
Urthecast plans to place two Earth-facing cameras on the United States side of the station (on Node 3) to add to the two they already have on the Russian Zvezda module. Technical problems with the cameras forced the Russians to do an extra spacewalk to complete the work earlier this year.
via Robot Arm Will Install New Earth-Facing Cameras On The Space Station.
Gaining experience by doing and then figuring out how to automate that in space is the main reason for having a space station. This station is a valuable resource for all of mankind.
Bayesian Prediction for The Winds of Winter
Predictions are made for the number of chapters told from the point of view of each character in the next two novels in George R. R. Martin’s \emph{A Song of Ice and Fire} series by fitting a random effects model to a matrix of point-of-view chapters in the earlier novels using Bayesian methods. {\textbf{SPOILER WARNING: readers who have not read all five existing novels in the series should not read further, as major plot points will be spoiled.}}
via [1409.5830] Bayesian Prediction for The Winds of Winter.
Upgrade to LTE Will Let Phones Talk without Cell Towers, Allowing New Forms of Social Apps and Advertising
Facebook is exploring how the technology could be used with its mobile app. “LTE Direct would allow us to create user experiences around serendipitous interactions with a local business or a friend nearby,” said Jay Parikh, Facebook’s vice president of infrastructure engineering. “You could find out about events or do impromptu meet-ups.”
However, carriers will control which devices on their networks can use LTE Direct because it uses the same radio spectrum as conventional cellular links. Wireless carriers might even gain a new stream of revenue by charging companies that want to offer services or apps using the technology, Qualcomm says.
Why the Z-80’s data pins are scrambled
I have been reverse-engineering the Z-80 processor using images and data from the Visual 6502 team. The image below is a photograph of the Z-80 die. Around the outside of the chip are the pads that connect to the external pins. (The die photo is rotated 180° compared to the datasheet pinout, if you try to match up the pins.) At the right are the 8 data pins for the Z-80’s 8-bit data bus in a strange order.
via Ken Shirriff’s blog: Why the Z-80’s data pins are scrambled.
The motivation behind splitting the data bus is to allow the chip to perform activities in parallel. For instance an instruction can be read from the data pins into the instruction logic at the same time that data is being copied between the ALU and registers. The partitioned data bus is described briefly in the Z-80 oral history[3], but doesn’t appear in architecture diagrams.
The complex structure of the data buses is closely connected to the ordering of the data pins.
Shellshock: How does it actually work?
env x='() { :;}; echo OOPS' bash -c :
The “env” command runs a command with a given variable set. In this case, we’re setting “x” to something that looks like a function. The function is just a single “:”, which is actually a simple command which is defined as doing nothing. But then, after the semi-colon which signals the end of the function definition, there’s an echo command. That’s not supposed to be there, but there’s nothing stopping us from doing it.
via Shellshock: How does it actually work? | Fedora Magazine.
But — oops! When that new shell starts up and reads the environment, it gets to the “x” variable, and since it looks like a function, it evaluates it. The function definition is harmlessly loaded — and then our malicious payload is triggered too. So, if you run the above on a vulnerable system, you’ll get “OOPS” printed back at you. Or, an attacker could do a lot worse than just print things.
I copied and pasted the above env command and it echos back OOPS. This web server has been (I suspect) scanned already once with the scanner placing a ping command in the User Agent HTTP field. Apparently User Agent gets passed to a shell environmental variable which will then get executed. The only problem is that they need some kind of script to execute which there are none on this site. This site simply returned 404, file not found to the scanner.
This could be problematic on sites with a lot of cgi scripts. There is some exploit that can affect a client using dhcp to obtain an IP address from a malicious server. I’ll find an explanation of that and put that up in its own post. This story is evolving and even has its own brand name now — shellshock.