Jupyter notebooks

Some interesting projects:

Google has there own modified jupyter notebook that integrates into google drive:

https://colab.research.google.com/

And there is Binder (beta) that will create an executable jupyter environment from a github repo with jupyter notebooks.  Then anyone can easily run your code.

https://mybinder.org/

Build tools

So, I’ve been learning about some software engineering tools so that I can make my life easier while developing:

jitpack.io and https://travis-ci.org

jitpack makes it super easy to depend on a repo that is able to be built using gradle or maven.

travis-ci does continuous integration for your projects.  This means that if you are testing your code you will be doing it all the time.  And well I’m still not sure how to create test cases for mason as it doesn’t necessarily create the same output every time.  So…  But it is still cool.

Sun based internet

I was just reading about LiFi and I was wondering why not just create window attachments that produce the same effect?  Then you can use the sunlight instead and the window can modulate the light to achieve the same effect as the LiFi.  Then both the lifi bulbs and the windows could work together to achieve optimal coverage.

So, this method only makes sunlight a medium for information to be encoded onto.  Therefore, device to device communication still requires an LED.  The main interest for using sunlight is to allow for regular internet access.

On a grander scale could we modulate earth’s atmosphere to essentially just be a bigger window so that we give internet to everyone on earth through sunlight?  That sounds like an XKCD comic haha :).

Passwords

So yahoo has a new authentication system where it sends you a password to your device.  This seems to be less secure than 2-factor authentication, however it certainly is a lot less of a hassle than having to make and change your password.  The main issue is of course losing your phone.  So, I guess it will be a good idea to keep a strong password on your phone.  Main concern is how does yahoo confirm your identity if you loose your phone and want to change to a different phone?

Car insurance data

Did you know that auto insurance companies allow you to look up a quote online.  All you need is your name, address and date of birth and they will show you your cars!  That means you can with a little effort find out what cars people have!  Year and Model at least.  That could be valuable info for sales or targeted advertisements.  The crazy thing is that the website does not require you to agree that you are who you filled in the box says you are!  So, technically I don’t think you would be doing anything illegal.  Crazy.

blackhat

https://www.blackhat.com/us-14/archives.html#android-fakeid-vulnerability-walkthrough

https://www.blackhat.com/us-14/archives.html#cloudbots-harvesting-crypto-coins-like-a-botnet-farmer

https://www.blackhat.com/us-14/archives.html#hacking-the-wireless-world-with-software-defined-radio-2-0

https://www.blackhat.com/us-14/archives.html#miniaturization

 

Some interesting blackhat talks.

Using Twitter as a proxy for malicious intent

Today I went to a security talk and the speaker gave a demonstration of how when you tweet a link various “robots” will follow the link and index it and do other things.  He gave a couple of example of what could be done.  One example was tweeting links to login forms with valid user id but invalid password.  Since most login forms will lock the user out after some number of tries this will annoy users.  Especially since based on his research the links will be revisited long into the future.  So, the user may have to reset their password multiple times.  If you had all of the usernames one could lockout all of the users without anyone knowing it was you who did it.

He also was trying to actually figure out whether it was a human that actually attempted to load the link.  So, he discovered that different browsers have a certain cut off on the number of 403 redirects it will handle before quitting.  However, he has found that many bots will just continue to follow the redirects.

He also showed some other cool hacks.  The spring lunch group went out with a bang :)!