Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Science

What Does It Mean To Be a Data Scientist? 94

Posted by samzenpus
from the a-day-in-the-life dept.
Nerval's Lobster writes What is a data scientist? "To be honest, I often don't tell people I am a data scientist," writes Simon Hughes, chief data scientist of the Dice Data Science Team. "It's not that I don't enjoy my job (I do!) nor that I'm not proud of what we've achieved (I am); it's just that most people don't really understand what you mean when you say you're a data scientist, or they assume it's some fancy jargon for something else." So how do Simon and his team define "data scientist"? In this blog posting, he breaks it down along several lines: solid programming skills, a scientific mindset, and the ability to use tools are just for starters. A data scientist also needs to be a polymath with strong math skills. "All good scientists are skeptics at heart; they require strong empirical evidence to be convinced about a theory," he writes. "Likewise, as a data scientist, I've learned to be suspicious of models that are too accurate, or individual variables that are too predictive." His points are good to keep in mind right now, with everybody throwing around buzzwords like "Big Data" without fully realizing what they mean.

Comment: More intervention, earlier (Score 1) 289

All studies I've seen have suggested that more intervention, as early as possible, is ideal. The idea of play groups and other less formal types of socialization seems pretty good to me, perhaps it would serve as a better control for future studies (I'm not that well read, perhaps some research paper has already done this?).

The main point to all of this is that your son needs as much social opportunity as possible, and it needs to be NOW. That said, you can't really afford not to use as much of each option as you can. There is no opportunity to "fix" this later.

Comment: Firefox Hello, Pidgin (Score 1) 296

by Khopesh (#49001627) Attached to: Firefox Succeeded In Its Goal -- But What's Next?

Firefox Hello bundles this kind of thing right into the web browser. I kind of like this idea for allowing basic functionality (think of the browser-based IM in Google and Facebook) and even extending that to voice and video (the way Google Hangouts does), but I'd ideally like to see a more powerful stand-alone client for people that want more than just a few casual conversations here and there. (This is an even better idea for Thunderbird, since your contact list lives there.)

Fortunately, we have pidgin, a stand-alone IM client with a great feature set and wonderful cross-platform support (Adium is merely an OS X implementation of Pidgin). Pidgin desperately needs help, as it hasn't successfully had an easy-to-use voice (let alone video) capability. I'm hoping that WebRTC (which powers Firefox Hello and, I think, Google Hangouts) can provide this, at least for using Firefox Hello and/or bridging between two Pidgin/Adium/Libpurple users.

Firefox

Firefox Succeeded In Its Goal -- But What's Next? 296

Posted by Soulskill
from the building-actual-foxes-made-of-fire dept.
trawg writes: It's been more than 10 years since Mozilla released version 1.0 of Firefox, one of their first steps in their mission to 'preserve choice and innovation on the Internet'. Firefox was instrumental in shattering the web monoculture, but the last few years of development have left users uninspired. "Their goal was never to create the most popular browser in the world, or the one with the best UX, or the one with the most features, or the one with the best developer mode. ... It would be foolish to say a monoculture will never arise again (Google are making some scary moves with Chrome-only web applications). But at this point in time while Chrome is the ascendant browser (largely at the expense of Firefox), Mozilla’s ability to impact the web in general is greatly reduced." Perhaps it is time to move on to the next challenge — ensuring there is a strong Thunderbird to help preserve a free and open email ecosystem.
The Media

Does Showing a Horrific Video Serve a Legitimate Journalistic Purpose? 645

Posted by Soulskill
from the sensitive-topics dept.
HughPickens.com writes: Erik Wemple writes at the Washington Post that Fox News recently took the controversial step of posting a horrific 22-minute video online that shows Jordanian pilot Lt. Muath al-Kaseasbeh being burned to death. Fox warned internet users that the presentation features "extremely graphic video." "After careful consideration, we decided that giving readers of FoxNews.com the option to see for themselves the barbarity of ISIS outweighed legitimate concerns about the graphic nature of the video," said Fox executive John Moody. "Online users can choose to view or not view this disturbing content."

But Fox's decision drew condemnation from some terrorism experts. "[Fox News] are literally — literally — working for al-Qaida and ISIS's media arm," said Malcolm Nance. "They might as well start sending them royalty checks." YouTube removed a link to the video a few hours after it was posted, and a spokesperson for Facebook told the Guardian that if anyone posted the video to the social networking site it would be taken down. CNN explained that it wouldn't surface any of the disturbing images because they were gruesome and constituted propaganda that the network didn't want to distribute. "Does posting this video advance the aims of this terror group or hinder its progress by laying bare its depravity?" writes Wemple. "Islamic State leaders may indeed delight in the distribution of the video — which could be helpful in converting extremists to its cause — but they may be mis-calibrating its impact. If the terrorists expected to intimidate the world with their display of barbarity, they may be disappointed with the reaction of Jordan, which is vowing 'strong, earth-shaking and decisive' retaliation."
Encryption

GnuPG Gets Back On Track With Funding 51

Posted by Soulskill
from the pulling-together dept.
jones_supa writes: Soon after the poor state of the GnuPG was unveiled, the online community has rallied to help Werner Koch. He wanted to hire a full-time programmer to work on the project alongside him and to ensure that he's not living on the brink of bankruptcy all the time. Immediately after the article was published, it was revealed that he got a one-time grant of $60,000 from the Linux Foundation's Core Infrastructure Initiative. Also, the community donated over $150,000, and Facebook and Stripe have each pledged to provide $50,000 per year. All in all, it looks like Werner Koch won't be worried about funding for quite some time. The problem remains: it's very likely that other projects just as important as this one are probably facing the same kind of issues, but it would be nice to hear about them before they get in trouble, and not after.

Techdirt: The World's Email Encryption Software Relies On One Guy, Who Is Going Broke->

From feed by feedfeeder

The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive.

Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded.

"I'm too idealistic," he told me in an interview at a hacker convention in Germany in December. "In early 2013 I was really about to give it all up and take a straight job." But then the Snowden news broke, and "I realized this was not the time to cancel."

Like many people who build security software, Koch believes that offering the underlying software code for free is the best way to demonstrate that there are no hidden backdoors in it giving access to spy agencies or others. However, this means that many important computer security tools are built and maintained by volunteers.

Now, more than a year after Snowden's revelations, Koch is still struggling to raise enough money to pay himself and to fulfill his dream of hiring a full-time programmer. He says he's made about $25,000 per year since 2001 — a fraction of what he could earn in private industry. In December, he launched a fundraising campaign that has garnered about $43,000 to date — far short of his goal of $137,000 — which would allow him to pay himself a decent salary and hire a full-time developer.

The fact that so much of the Internet's security software is underfunded is becoming increasingly problematic. Last year, in the wake of the Heartbleed bug, I wrote that while the U.S. spends more than $50 billion per year on spying and intelligence, pennies go to Internet security. The bug revealed that an encryption program used by everybody from Amazon to Twitter was maintained by just four programmers, only one of whom called it his full-time job. A group of tech companies stepped in to fund it.

Koch's code powers most of the popular email encryption programs GPGTools, Enigmail, and GPG4Win. "If there is one nightmare that we fear, then it's the fact that Werner Koch is no longer available," said Enigmail developer Nicolai Josuttis. "It's a shame that he is alone and that he has such a bad financial situation."

The programs are also underfunded. Enigmail is maintained by two developers in their spare time. Both have other full-time jobs. Enigmail's lead developer, Patrick Brunschwig, told me that Enigmail receives about $1,000 a year in donations — just enough to keep the website online.

GPGTools, which allows users to encrypt email from Apple Mail, announced in October that it would start charging users a small fee. The other popular program, GPG4Win, is run by Koch himself.

Email encryption first became available to the public in 1991, when Phil Zimmermann released a free program called Pretty Good Privacy, or PGP, on the Internet. Prior to that, powerful computer-enabled encryption was only available to the government and large companies that could pay licensing fees. The U.S. government subsequently investigated Zimmermann for violating arms trafficking laws because high-powered encryption was subject to export restrictions.

In 1997, Koch attended a talk by free software evangelist Richard Stallman, who was visiting Germany. Stallman urged the crowd to write their own version of PGP. "We can't export it, but if you write it, we can import it," he said.

Inspired, Koch decided to try. "I figured I can do it," he recalled. He had some time between consulting projects. Within a few months, he released an initial version of the software he called Gnu Privacy Guard, a play on PGP and an homage to Stallman's free Gnu operating system.

Koch's software was a hit even though it only ran on the Unix operating system. It was free, the underlying software code was open for developers to inspect and improve, and it wasn't subject to U.S. export restrictions.

Koch continued to work on GPG in between consulting projects until 1999, when the German government gave him a grant to make GPG compatible with the Microsoft Windows operating system. The money allowed him to hire a programmer to maintain the software while also building the Windows version, which became GPG4Win. This remains the primary free encryption program for Windows machines.

In 2005, Koch won another contract from the German government to support the development of another email encryption method. But in 2010, the funding ran out.

For almost two years, Koch continued to pay his programmer in the hope that he could find more funding. "But nothing came," Koch recalled. So, in August 2012, he had to let the programmer go. By summer 2013, Koch was himself ready to quit.

But after the Snowden news broke, Koch decided to launch a fundraising campaign. He set up an appeal at a crowdsourcing website, made t-shirts and stickers to give to donors, and advertised it on his website. In the end, he earned just $21,000.

The campaign gave Koch, who has an 8-year-old daughter and a wife who isn't working, some breathing room. But when I asked him what he will do when the current batch of money runs out, he shrugged and said he prefers not to think about it. "I'm very glad that there is money for the next three months," Koch said. "Really I am better at programming than this business stuff."

Related stories: For more coverage, read our previous reporting on the Heartbleed bug, how to encrypt what you can and a ranking of the best encryption tools.

Republished from ProPublica. ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter .



Permalink | Comments | Email This Story








Link to Original Source

Comment: 3 bad pw tries (from ANY IP) = locked account (Score 1) 271

by Khopesh (#48990863) Attached to: Why Gmail Has Better Security Than Your Bank

Banks are secure because they lock your account when you fail to log in ~three consecutive times. Doesn't matter over what time period or what IP address you are using.

This is rather aggressive; somebody can lock your account with knowledge of your username, but it makes sense. One trick I use: my financial usernames are rather passwordlike (in that you're not going to guess them easily).

Encryption

Tips For Securing Your Secure Shell 148

Posted by Soulskill
from the locking-your-locks dept.
jones_supa writes: As you may have heard, the NSA has had some success in cracking Secure Shell (SSH) connections. To respond to these risks, a guide written by Stribika tries to help you make your shell as robust as possible. The two main concepts are to make the crypto harder and make stealing keys impossible. So prepare a cup of coffee and read the tutorial carefully to see what could be improved in your configuration. Stribika gives also some extra security tips: don't install what you don't need (as any code line can introduce a bug), use the kind of open source code that has actually been reviewed, keep your software up to date, and use exploit mitigation technologies.
Security

Inside Cryptowall 2.0 Ransomware 181

Posted by Soulskill
from the just-another-crypt-in-the-wall dept.
msm1267 writes: If you need more evidence that ransomware is here to stay, and could turn into cybercriminals' weapon of choice, look no further than Cryptowall. Researchers at Cisco's Talos group have published an analysis of a Cryptowall 2.0 sample, peeling back many layers of known commodities around this threat, such as its use of the Tor anonymity network to disguise command-and-control communication. But perhaps more telling about the commitment around ransomware is the investment attackers made in its capabilities to detect execution in virtual environments, building in many stages of decryption present before the ransomware activates, and its ability to detect 32- and 64-bit architectures and executing different versions for each.

+ - FCC Misplaced Around 600,000 Net Neutrality Comments

Submitted by Presto Vivace
Presto Vivace (882157) writes "FCC States It Misplaced Around 600,000 Net Neutrality Comments

Just as net neutrality opponents were celebrating the claim that their outrage-o-matic form letter campaigns resulted in more FCC-filed comments than neutrality supporters, the FCC has announced that it somehow managed to lose roughly 600,000 net neutrality comments during processing. According to a blog post by the FCC, the agency says that the comments were misplaced due to the agency's "18-year-old Electronic Comment Filing system (ECFS)."

"

Comment: Are biological self-reproducing robots ... robots? (Score 1) 391

by Khopesh (#48636235) Attached to: The Dominant Life Form In the Cosmos Is Probably Superintelligent Robots
Who is to say that we'd even be able to conceive these "robots" as anything but another form of life? They'd have to tell us that they were manufactured, and given the required self-sufficiency of space travel, said "manufacture" would probably be rather akin to what we call "reproduction." All of these lines are blurred when talking about sufficiently advanced technology and science.

+ - Excuse Me While I Kiss This Guy: The Science of Misheard Song Lyrics

Submitted by HughPickens.com
HughPickens.com (3830033) writes "Maria Konnikova writes in The New Yorker that mondegreens are funny but they also give us insight into the underlying nature of linguistic processing, how our minds make meaning out of sound, and how in fractions of seconds, we translate a boundless blur of sound into sense. One of the reasons we often mishear song lyrics is that there’s a lot of noise to get through, and we usually can’t see the musicians’ faces. Other times, the misperceptions come from the nature of the speech itself, for example when someone speaks in an unfamiliar accent or when the usual structure of stresses and inflections changes, as it does in a poem or a song. Another common cause of mondegreens is the oronym: word strings in which the sounds can be logically divided multiple ways. One version that Steven Pinker describes goes like this: Eugene O’Neill won a Pullet Surprise. The string of phonetic sounds can be plausibly broken up in multiple ways—and if you’re not familiar with the requisite proper noun, you may find yourself making an error.

Other times, the culprit is the perception of the sound itself: some letters and letter combinations sound remarkably alike, and we need further cues, whether visual or contextual, to help us out. In a phenomenon known as the McGurk effect, people can be made to hear one consonant when a similar one is being spoken. “There’s a bathroom on the right” standing in for “there’s a bad moon on the rise” is a succession of such similarities adding up to two equally coherent alternatives.

Finally along with knowledge, we’re governed by familiarity: we are more likely to select a word or phrase that we’re familiar with, a phenomenon known as Zipf’s law. One of the reasons that “Excuse me while I kiss this guy” substituted for Jimi Hendrix’s “Excuse me while I kiss the sky” remains one of the most widely reported mondegreens of all time can be explained in part by frequency. It’s much more common to hear of people kissing guys than skies."

Comment: Neil deGrasse Tyson wants NASA to have a 2x budget (Score 5, Insightful) 121

by Khopesh (#48568983) Attached to: NASA Gets 2% Boost To Science Budget

Neil deGrasse Tyson's video pleas We Stopped Dreaming and its follow-up A New Perspective proposed we increase NASA spending to 1% of the US Federal Budget (current spending: 0.5%) suggests we could go to Mars and innovate the way we did in the 70s, so there's a long way to go (a 2% boost leaves us 98% shy of Tyson's goal).

NASA is already trying to plan a manned mission to Mars or an asteroid in the future. It would be nice if they were funded for it.

It is not for me to attempt to fathom the inscrutable workings of Providence. -- The Earl of Birkenhead

Working...