TODO: break this up into digestible chunks.
Now, the screed:
Privacy is a relative, incremental thing.
Let’s think about upping the level of basic security around ourselves from
the current social norm,
(which, unless you are taking steps, roughly equivalent to all of us standing
naked on the street corner shoving endoscopes up our arses while screaming out
our credit card numbers as a musical accompaniment)
to basic safety and sanity.
This won’t require wearing tin-foil hats and living in a bunker, merely pulling
out the endoscopes.
Basic dignity first, and leave the freaky spy shit
to people with the appropriate
This will be more tedious than we’d like, because the world is badly designed,
but let’s start with what’s achievable, and work towards making it easier next
Practicaly, first step, I would like to minimise the
amount of information complete strangers get about me for free.
For example, I would prefer the mafia not to be able to buy stuff with my
credit cards, I’d prefer my personal relationships are not used sell crap to
me, I’d prefer not to release those awkward photos from when I had a pony tail.
stuff I’d like to keep private, some stuff I’d like to share, and some stuff,
I’m happy to share, but only for the right price or with the right organisation;
I simply want to assign my personal information to the better categories, and
at a better price point.
And by “better”, I mean, “not selling the foundations of functional
democracy for all future times to unacountable interests for effectively a few
dollars a year.”
How we could do it better later
GPG and HTTPS (X509) are broken in usability terms because the conceptual
model of trust embedded in each network does not correspond to how people
actually experience the world.
As a result, there is a constant grind between people and these systems,
mainly showing up as a series of user interface disasters.
The GPG web of trust results in absurd social constructs like signing parties
because it does not work and creating social constructs that weird to support
it is a sign of that:
stand in a line and show 50 strangers your government ID to prove you exist?
Likewise, anybody who’s tried to buy an X509 certificate (HTTPS cert) knows
the process is absurd:
anybody who’s really determined can probably figure out how to fake your
details if they happen to be doing this before you do it for yourself, and of
the 1500 or so Certificate Authorities issuing trust credentials at least one
is weak or compromised by a State, and all your browser will tell you is
“yes, I trust this credential absolutely.”
You just don’t get any say in the matter at all.
The best explanation of this in more detail is the Ode to the Granovetter
Diagram which shows how this different trust model maps cleanly to the
networks of human communication found by Mark Granovetter in his sociological
We’re talking about building trust systems which correspond to actual trust
systems as they are found in the real world, not the broken military
abstractions of X509 or the flawed cryptoanarchy of GPG.
How we could do it better now
So, some baby steps towards a healthier privacy regime.
I am going to list some
techniques that have aroused my attention.
Later I will triage them according to how urgent is the priority of the privacy
leak they plug and how onerous to handle; e.g. something like:
- first keep my credit card details out of the hands of the hands of the mafia, then
- keep gratuitous personal data out of the hands of unscrupulous corporations, next
- keep nude selfies and pony tail pics out of the hands of futures employers
- keep personal data out of the hands of prying foreign security agencies
- keep personal data out of the hands of prying local security agencies
These reflect my personal needs;
if you are actually a person of specific
interest to state security agencies, or a mafia credit card thief, you will
probabably have different ones.
Prism break is a chaotic list of solutions.
Excellent reference, although it really needs to incorporate some idea of how
popular their suggested solutions are;
after all, most of these things are only of any damn use if your friends also
logins. Don’t login with facebook and google.
There might be better alternatives in the future. But for now, just don’t.
Synchronising files is worth its own page.
- Adblock Edge, Ghostery, Disconnect, DoNotTrackMe, RequestPolicy
- scriptsafe http://andryou.com/2011/08/14/scriptno/
- disconnet https://disconnect.me/ anonymises your searches
- don’t use them
- OK, in fact, not using them is harder than you’d like, because all your
friends have forgotten how to manage their life without facebook all up in
their shit, and anyway if you long in to one of these damn things even one
you are tracked virtually forever by their ubiquitous browser tracking bullshit.
- so, given that you are using social networks, minimise the risk
- chr15m’s tip: use a disposable isolated browser for spyware sites such as
tcpcrypt is a protocol that
attempts to encrypt (almost) all of your network traffic.
security mechanisms, Tcpcrypt works out of the box: it requires no
configuration, no changes to applications, and your network connections will
continue to work even if the remote end does not support Tcpcrypt, in which
case connections will gracefully fall back to standard clear-text TCP.
Install Tcpcrypt and you’ll feel no difference in your every day user
experience, but yet your traffic will be more secure and you’ll have made
life much harder for hackers.
The ephemeral nature of chats turns out to be potentially much more
than email, at least if you do it right.
Skype, however, does not do it; rather, it is an NSA honeypot.
Here are some attempts to do it right:
Cryptocat is an open implementation
Wickr is not open source but looks interesting
broader, group communications are nice to have, no? Dissent is one
fashionable open-source entrant with good academic creditials:
Dissent’s technical approach differs in two fundamental ways from the
traditional relay-based approaches used by systems such as Tor:
- Dissent builds on dining cryptographers and verifiable shuffle algorithms
to offer provable anonymity guarantees, even in the face of traffic
analysis attacks, of the kinds likely to be feasible for authoritarian
governments and their state-controlled ISPs for example.
- Dissent seeks to offer accountable anonymity, giving users strong
guarantees of anonymity while also protecting online groups or forums
from anonymous abuse such as spam, Sybil attacks, and sockpuppetry.
Unlike other systems, Dissent can guarantee that each user of an online
forum gets exactly one bandwidth share, one vote, or one pseudonym, which
other users can block in the event of misbehavior
Dissent offers an anonymous communication substrate intended primarily for
applications built on a broadcast communication model: for example,
bulletin boards, wikis, auctions, or voting. Users of an online group
obtain cryptographic guarantees of sender and receiver anonymity, message
integrity, disruption resistance, proportionality, and location hiding.
- Dissent builds on dining cryptographers and verifiable shuffle algorithms
email: see email.
Sick of your financial data being used to find out things about you that even you didn’t know?
Try to pay more cash or bitcoins.
- bitcoins have a thriving,
often slightly socially awkard tin-foilish community, but are useful.
They have lots of howto guides and pro-tip functions,
- bitcoins have a thriving,
running your own servers can potentially be less convenient for the panopticon:
More exotic things and general reading about stuff i should probably bother to understand:
- I went to the same school as Julian Assange but we learned different lessons
- citizen mesh networks
- GNU privacy handbook
- I2P seems to be hot right now
- freenet is somewhat hot
Academic stuff to read to stay paranoid
Yes, that’s right, deducing your password by listening to your computer.
But it gets worse:
Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be
performed by measuring the electric potential of a computer chassis.
A suitably-equipped attacker need merely touch the target computer with his
bare hand, or get the required leakage information from the ground wires at
the remote end of VGA, USB or Ethernet cables.
Maybe don’t read this if you are working on reducing your background paranoia.
Roth, A. (2014). The Algorithmic Foundations of Differential Privacy. Now Publishers. Online.
The mathematical foundations of doing stuff privately.
I hope someone else is reading this so that I don’t have to.
Sarigol, E., Garcia, D., & Schweitzer, F. (2014). Online Privacy as a Collective Phenomenon. arXiv:1409.6197 [cs]. Online.
Your friends have already disclosed secrets about you by disclosing they know
you on social media, secrets that will be further disseminated by random grad
students in Switzerland when the social media company goes bust.
See original: Privacy (notes on how to have it)
Email. What a disaster. Wastes time. Hard to secure. Totally necessary.
Some seek to avoid it entirely
But being realistic, we are already locked in to email. So, how can we minimise the harm?
- Sexy open-source alternative email client mailpile tries to be hackable and secure.
- google mail exists, but that is about selling my personal data to faceless
foreign corporations, so no. Unfortunately my contacts still insist on using
it, so my information is still ultimately being mined. Note to self: have
- gpgtools will upgrade even Apple Mail to be a bit more encryptey, as in, at least they have to work at it.
- At least get email from someone who is not paying their costs by abusing your personal data, e.g.
See original: Email (doing it better, or not doing it at all)
Parentheses and the beauty curve.
Notes from the Metalevel: An Introduction to Computer Composition by Heinrich Konrad Taube, uses old school LISP.
Fluxus is a rapid prototyping, playing and learning environment for 3D graphics, sound and games. Extends the Racket language with graphical commands and can be used within it’s own livecoding environment or from within the DrRacket IDE.
Extempore is a programming language and runtime environment designed to support ‘cyberphysical programming’. Cyberphysical programming supports the notion of a human programmer operating as an active agent in a real-time distributed network of environmentally aware systems. The programmer interacts with the distributed real-time system procedurally by modifying code on-the-fly.
Extempore provides a completely hotswappable runtime environment with a strong temporal semantics, a flexible concurrency architecture, builtin support for distributed heterogenous operation (both OS and Architecture), and aims to provide flexible compiler-as-a-service functionality. Extempore makes extensive use of the LLVM project to provide back-end code generation.
- Sorensen, A., & Gardner, H. (2010). Programming with time: cyber-physical programming with impromptu. In ACM Sigplan Notices (Vol. 45, p. 822). ACM Press. DOI. Online.
See original: Art LISP
My working definition:
Art made using any medium \(X\) such that in every art school, the Department of \(X\) is less than 50 years old.
Anything that science fiction of the 1930s to 1980s hypothesized we’d be doing In The Future, and we finally got around to doing it.
Stuff that is hard to get funding for because it looks suspiciously like video games, perhaps because it is video games.
See generative art for my personal favourite strand thereof.
Let me excerpt Near Future Laboratory’s criteria for new media art:
- It doesn’t work
- Your audience “interacts” by clapping/hooting/making bird calls/flapping their arms like a duck or waving their arms wildly while standing in front of a wall onto which is projected squiggly lines
- Your audience asks amongst themselves, “how does it work?”
- It’s just like using your own normal, human, perfectly good eyeballs, only the resolution sucks and the colors are really lousy..plus the heat from the CPU fan is blowing on your forehead which makes you really uncomfortable and schvitz-y
- Someone in your audience wearing a Crumpler bag, slinging a fancy digital SLR and/or standing with their arms folded smugly says, “Yeah..yeah, I could’ve done that too..c’mon dude..some Perlin Noise? And Processing/Ruby-on-Rails/AJAX/Blue LEDs/MaxMSP/An Infrared Camera/Lots of Free Time/etc.? Pfft… It’s so easy…”
- Someone in your audience, maybe the same guy with the Crumpler bag and digital SLR excitedly says, “Oh, dude. That should totally be a Facebook app!”
- It’s called a “project” and not a “piece of art”
- Your audience cups their hands over various proturbances/orifices at or nearby your project attempting to confuse/interact with the camera/sensor/laser beam, even if it uses no such technology
- There are instructions on how to experience the damn thing
See original: New Media art
Cet article propose des pistes pour repenser la gouvernance de la nature – notamment dans les espaces urbains à partir de l’étude des différentes représentations de la nature, de leur construction sociale et de la manière dont elles articulent les rapports de force entre acteurs.
En effet, les nouvelles politiques d’aménagement favorables à la biodiversité heurtent les représentations socialement construites pendant ces dernières décennies qui considèrent certains espaces (la ville) comme totalement dédiés aux humains, ce qui conduit souvent à des conflits.
Nous plaidons ici pour l’analyse critique des processus sociétaux menant à ces conceptions conflictuelles de la nature à travers la prise en considération des dynamiques interactives entre les acteurs humains et non-humains du système. Ces recherches pourraient participer à la résolution de conflits socio-écologiques potentiels.
Very trendy functional LISP-derivative.
Totally the hotness in generative art right now.
- thi.ng Computational design tools for Clojure/ClojureScript
- Co(de)Factory is a collaborative open source 3d rendering art-object making machine for the Barbican.
- lighttable is an IDE for clojure designed from the ground up to do freaky spacecode shit
- overtone is a port of supercollider to clojure, and very hip right this second.
- leipzig is a composition library for it that makes clojure usable
See original: Clojure
See also Thomas Schelling, Peyton Young, and many other engineering and
economics papers I haven’t heard of yet.
Minimum power principle.
Economics of standards.
[…] this is where Jon Postel caused a problem, back in 1981, when he coined
the robustness principle:
“Be conservative in what you do, be liberal in what you accept from others.”
[…] Postel’s “robustness” principle didn’t really work. The problem wasn’t
noticed for many years. In 2001 Marshall Rose finally wrote:
Counter-intuitively, Postel’s robustness principle […] often leads to
Why? When a new implementation is initially fielded, it is likely that it
will encounter only a subset of existing implementations.
If those implementations follow the robustness principle, then errors in
the new implementation will likely go undetected.
The new implementation then sees some, but not widespread deployment.
This process repeats for several new implementations.
Eventually, the not-quite-correct implementations run into
other implementations that are less liberal than the initial set of
The reader should be able to figure out what happens next.
See original: Standards hell
Practical tips, tricks and algorithms.
scikit-image is a collection of algorithms for image processing. It is available free of charge and free of restriction. We pride ourselves on high-quality, peer-reviewed code, written by an active community of volunteers.
Mahotas: Computer Vision in Python is a library of fast computer vision algorithms (all implemented in C++) operates over numpy arrays for convenience.
ilastik (also python)
the interactive learning and segmentation toolkit
ilastik is a simple, user-friendly tool for interactive image classification, segmentation and analysis. It is built as a modular software framework, which currently has workflows for automated (supervised) pixel- and object-level classification, automated and semi-automated object tracking, semi-automated segmentation and object counting without detection. Most analysis operations are performed lazily, which enables targeted interactive processing of data subvolumes, followed by complete volume analysis in offline batch mode. Using it requires no experience in image processing.
openCV is released under a BSD license and hence it’s free for both academic and commercial use. It has C++, C, Python and Java interfaces and supports Windows, Linux, Mac OS, iOS and Android. OpenCV was designed for computational efficiency and with a strong focus on real-time applications. Written in optimized C/C++, the library can take advantage of multi-core processing. Enabled with OpenCL, it can take advantage of the hardware acceleration of the underlying heterogeneous compute platform. Adopted all around the world, OpenCV has more than 47 thousand people of user community and estimated number of downloads exceeding 9 million. Usage ranges from interactive art, to mines inspection, stitching maps on the web or through advanced robotics.
simpleCV is an open source framework for building computer vision applications. With it, you get access to several high-powered computer vision libraries such as OpenCV – without having to first learn about bit depths, file formats, color spaces, buffer management, eigenvalues, or matrix versus bitmap storage. This is computer vision made easy.
See original: Machine vision
Asynchrony, robustness-under-failure, distributed calculation.
Tricks for doing lots of stuff at once without spending all day being confused by shitty thread abstractions.
CAP theorems, Byzantine generals, dining philosophers.
Although there are things of profound theoretical interest here, I will of necessity be taking a primarily pragmatic, solutions-driven approach.
See also probabilistic computing.
We believe that a coherent approach to systems architecture is needed, and we
believe that all necessary aspects are already recognized individually: we
want systems that are Responsive, Resilient, Elastic and Message Driven. We
call these Reactive Systems.
Systems built as Reactive Systems are more flexible, loosely-coupled and
scalable. This makes them easier to develop and amenable to change. They are
significantly more tolerant of failure and when failure does occur they meet
it with elegance rather than disaster. Reactive Systems are highly
responsive, giving users effective interactive feedback.
|||(Why manifesto? Because “design pattern” isn’t as cool as manifesto this year, and staying current is a buzzword Red Queen race)|
Libraries and hacks
composing asynchronous and event-based programs using observable sequences
and fluent query operators […]. Using RxJS, developers represent
asynchronous data streams with Observables, query asynchronous data streams
using LINQ operators, and parameterize the concurrency in the asynchronous
data streams using Schedulers. […]
Using RxJS, you can represent multiple asynchronous data streams (that come
from diverse sources, e.g., stock quote, tweets, computer events, web service
requests, etc.), and subscribe to the event stream using the Observer object.
The Observable notifies the subscribed Observer instance whenever an event occurs.
Because observable sequences are data streams, you can query them using
standard LINQ query operators implemented by the Observable type. Thus you
can filter, project, aggregate, compose and perform time-based operations on
multiple events easily by using these static LINQ operators. In addition,
there are a number of other reactive stream specific operators that allow
powerful queries to be written. Cancellation, exceptions, and synchronization
are also handled gracefully by using the methods on the Observable object.
See original: Concurrency hell
OK, pure network drivesjust arent as awesome as working locally, and synchronising changes globally. Git has shown us that for code, and dropbox has shown us that for documents - and for that matter, distributed databases have shown us that for data.
So, back to the individual user and their day-to-day needs…
File storage/sync/sharing is tricky. I am addicted to Dropbox, but their
technical and legal shortcomings are laughably bad. More secure alternatives:
- SpiderOak is the most popular
encrypted service, although still based in the USA, which, like Russia and
China, is more of an open file-sharing depot than a secure storage location
where you would keep actual private stuff.
- “sparkleshare creates a special folder on your computer. You can add
remotely hosted folders (or "projects") to this folder. These projects will
be automatically kept in sync with both the host and all of your peers when
someone adds, removes or edits a file.”
- Private. None of your data is ever stored anywhere else than on your
computers. There is no central server that might be compromised, legally
- Encrypted. All communication is secured using TLS. The encryption used
includes perfect forward secrecy to prevent any eavesdropper from ever
gaining access to your data.
- Authenticated. Every node is identified by a strong cryptographic
certificate. Only nodes you have explicitly allowed can connect to your cluster.
- Private. None of your data is ever stored anywhere else than on your
- “Ori is a distributed file system built for offline operation and empowers
the user with control over synchronization operations and conflict
resolution. We provide history through light weight snapshots and allow
users to verify the history has not been tampered with. Through the use of
replication instances can be resilient and recover damaged data from other nodes.”
- Wuala is a Swiss spideroak
competitor, which capitalises on stronger Swiss privacy laws.
- git-annex I have not yet tried, but it supports very explicit and
customisable folder-tree synchronisation, merging, and sneakernets and as
such I am excited by it.
See original: Synchronising files
Many dimensions plus linear algebra plus probability equals Random Matrix Theory.
Turns out to ppop up in a lot of linear systems, and have som elegant results, therefore super trendy.
- Bibliography and history at Scholarpedia
- Anderson, Guionnet and Zeitounni’s course
- Tao’s course
- Edelman, A., & Rao, N. R.(2005). Random matrix theory. Acta Numerica, 14, 233–297. DOI. Online.
- Krbálek, M., & Seba, P. (2000). The statistical properties of the city transport in Cuernavaca (Mexico) and random matrix ensembles. Journal of Physics A: Mathematical and General, 33(26), L229–L234. DOI. Online.
- Ormerod, P., & Mounfield, C. (2000). Random matrix theory and the failure of macro-economic forecasts. Physica A: Statistical Mechanics and Its Applications, 280(3-4), 497–504. DOI.
See original: Random Matrices
Are there actual applications of this to actual physics, or is this keyword
purely the mule offspring of physics adn computer science best put out to pasture?
See original: Computational mechanics