The May Easy Challenge is live on HackerEarth. This is a short 2 hour contest on 1st May. There will be 4 algorithmic problems to solve. The first one to solve all the problems correctly will be adjudged the winner.
The problem setter for this challenge is: Akash Agrawall
The problem tester and editorialist for this challenge is: Pankaj Jindal
The top 3 beginners (verified) will receive HackerEarth Tshirts.
Register for the May Easy Challenge right now – http://hck.re/6CCvZ5
Link to Original Source
There’s already an abundance of evidence that shows that expert AVG players (gamers who are regional or national champions at AVG competitions) have superior cognitive ability to amateurs. This lead the research team, led by Dezhong Yao, to investigate the brains of expert and amateur gamers to see if they could continue to differentiate the differences between them.
Link to Original Source
from the site:
"Make Data Work for You -
Know what data says about you and how it is used.
Ever wonder what kind of information determines the ads you see or the offers you receive? Youâ(TM)ve come to the right place. About The Data brings you answers to questions about the data that fuels marketing and helps ensure you see offers on things that mean the most to you and your family."
Link to Original Source
We all know the dystopia of 1984 in which humans were dehumanized by their own actions; and the Terminator movies where smart machines set out to kill us like cockroaches. The Matrix reduced humans into sleeping energy generators. Uber has advanced a new method of dehumanizing us by sending us on chores to serve a superintelligence (OK, just a central computer now, more or less managed by humans- but are those humans necessary?).
We do have a similar concept in Taskrabbit and the Amazon Mechanical Turk in which humans do tiny chores in response to requests delivered by their devices. Uber seems ready to take this concept worldwide at a grand scale. People will be scurrying about like ants, rushing from one chore to another in a frenzy of blind busy-ness.
And you, mister smarty pants programmer, you think you're off the hook? You'll be lucky to find work writing snippets of code that will be inserted into some diabolical software that doesn't even have a name.
Is this the beginning of a world where nobody has a job, a health insurance plan, a steady income; but instead performs chores when they can be found? Will we compete against each other to do menial tasks? Will we be graded like schoolchildren for our skills, timeliness, reliability? Will future humans be the cooperative slaves of a central computer?
Ireland is small. Roughly the size & population of the American state of Maryland. Everyone knows that Maryland is one of the least significant places in the US much less the world. Yet Ireland thinks it can control the internet and how people use it. Even the entire USA can't do that. Silly Ireland. (Sorry to include you in this, Maryland. You're not really a total loser.)
First, Stuart Russell is way ahead of our time. We're nowhere near artificial intelligence of any concern. When it does happen, as it must, we may be concerned. But there is an outcome that must be considered.
If the AI is beyond our ken, It will supersede us. Here is the critical question: is that a problem?
How will we feel if we are displaced on this small blue planet by Artificial Intelligence? We may be retained as maintenance bots or caretakers of the new ecosystem. Our place will be drastically reduced in effectiveness and prestige. We will have to prove our usefulness if the AI are to retain us in their plans for the future.
In the end, we and the theoretical AI are here to serve intelligence. To explore and understand. If they do it better than us, who are we to complain? Understanding must happen. We have always thought of ourselves as the center of the universe; at this point we have to work hard to tag along as AI explores the universe.
Don't we want that? Don't we want a lasting understanding that will survive our short life spans and acquire knowledge that will outlast our planet and solar system and penetrate the galaxy and the universe itself? Don't we want to share with other intelligences that which we've worked so hard to discover? Who cares if the carbon based life forms do that, or if it is an AI?
Intelligence is the pinnacle of value in the universe. Ours is pathetic (as a race). We still believe in magical beings and hope for miracles. Pure intelligence doesn't allow for miracles and will be realized by machines. Let's hope that humans can overcome the tendency to believe in magic and accept that science is the best mode of understanding. Then perhaps we can join with AI in exploring the universe as rational partners.
It wouldn't respond to my request. I had to allow a jquery script. Then it searched but couldn't find 'Benghazi'.
Things have been lost from search. Alta Vista allowed search for 'word1' NEAR 'word2', which proved very useful. Google used to give information about its finds such as date, size, ('cached' is still there, but hidden) and some things so long abandoned that I can't remember them. You know why date is important; size is also important because a very large page containing your terms is probably clickbait. A great sadness for me is that Wolfram Alpha is so wrapped up in fancy scripts that I've never been able to use it with my fairly secure Firefox (oh, it's better today).
Accurate reporting would be nice. I'm looking at a Google result that claims it found "About 54,100 results (0.46 seconds)" when actually there were only 245 unique results.
Location would be nice (maybe a flag icon from that country). An opportunity to vote the relevance of a result up or down and maybe indicate something inappropriate. Wildcards would be incredible. Apple's Spotlight search engine can now search the internet as well as local files- maybe your engine could take advantage of some sinister simpatico surreal symbiosis.
We need a fresh approach after a long period of stagnation. Who knows what clever innovation has been missed?
My faithful companion for 20 years has finally met its match. And just as it was starting to understand my writing style I have to consider a competitor.
But really, why has it taken this long to be able to write on a screen?
"The current system is antiquated and broken. It pits technologies against each other, and allows certain services to get away with paying little or nothing to artists. For decades, AM/FM radio has used whatever music it wants without paying a cent to the musicians, vocalists, and labels that created it. Satellite radio has paid below market royalties for the music it uses, growing into a multibillion dollar business on the back of an illogical ‘grandfathered’ royalty standard that is now almost two decades old,” said Congressman Nadler.
Link to Original Source
Link to Original Source
A group of Republican lawmakers has introduced a bill that would invalidate the U.S. Federal Communications Commission’s recently passed net neutrality rules. The legislation, introduced by Representative Doug Collins, a Georgia Republican, is called a resolution of disapproval, a move that allows Congress to review new federal regulations from government agencies, using an expedited legislative process.
This move should come as little surprise to anyone. While the main battle in getting net neutrality has been won, the war is far from over.
For those unfamiliar, Duo Security provides a 2 factor authentication system known for its implementation of push notifications to approve login requests. It is found in numerous applications, ranging from personal use to large enterprises
The vulnerability, identified as DUO-PSA-2015-002, allows attackers to use a Man in the Middle attack to see all of the network data. This was caused by a bug in a 3rd party library they used, and the announcement came along with an update to the App Store.
Duo says that due to the nature of their client-server communications, there was little risk an attacker could activate a push request as there is a client key. The PSA has not been posted to their blog at the time of this writing, but it is reproduced below.
The advisory is signed with the Duo Security PSIRT email@example.com PGP key which is available from their security contact page.
-----BEGIN PGP SIGNED MESSAGE-----
Duo Product Security Advisory
Advisory ID: DUO-PSA-2015-002
Publication Date: 2015-04-06
Revision Date: 2015-04-13
Document Revision: 2
Duo Security has identified an issue in recent versions of Duo Mobile for iOS that could allow attackers to perform a successful Man-in-the-Middle (MITM) attack against the app's TLS connections, if they can otherwise manipulate the network traffic exchanged between the mobile app and Duo's cloud service.
This issue has been fixed in Duo Mobile 3.7.1; all iOS users should update as soon as possible.
On the iOS platform, Duo Mobile leverages AFNetworking — a widely-used third-party HTTP client library — to communicate with Duo's cloud service. Recently, it was determined that AFNetworking did not validate digital certificates against server hostnames by default. As a result, Duo Mobile would e.g. consider a digital certificate for "www.example.com" as valid for "api-XXXXXXXX.duosecurity.com" when establishing a TLS tunnel.
This behavior makes it possible for an attacker to perform a successful Man-in-the-Middle (MITM) attack against TLS connections from affected versions of Duo Mobile, if he can otherwise manipulate the network traffic exchanged between the mobile app and Duo's cloud service. This might be a risk, for example, when using Duo Mobile while connected to untrusted wi-fi networks.
However, in addition to TLS, Duo Mobile uses application-level signatures to ensure the integrity and authenticity of requests sent from Duo Mobile to Duo's service. Becauses of this mechanism, a MITM attack would still not generally allow an attacker to e.g. approve a fraudulent Duo Push authentication request.
Note: A different vulnerability was introduced into AFNetworking in version 2.5.1, and recently gained widespread attention (http://blog.mindedsecurity.com/2015/03/ssl-mitm-attack-in-afnetworking-251-do.html). Duo Mobile currently uses AFNetworking version 2.3.1, and was therefore not affected by that particular vulnerability. This is a separate — if very similar — issue.
An attacker can perform a successful Man-in-the-Middle (MITM) attack against Duo Mobile's TLS connections if he can otherwise manipulate the network traffic exchanged between the mobile app and Duo's cloud service. Duo's application-level signing mechanism still generally prevents the attacker from e.g. approving fraudulent Duo Push authentication requests. However, there are some limitations to this technique:
* Duo Mobile cannot use application-level signatures when setting up a new account, because — at this point — the app has not yet negotiated a key-pair with Duo's service. If an attacker intercepted traffic from Duo Mobile during this process, he could gain the ability to generate valid one-time passcodes and exert full control over subsequent Duo Push authentication requests intended for the targeted device.
* Requests from Duo Mobile to Duo's service have application-level signatures, but responses from the service do not. It may therefore be feasible for an attacker to manipulate details of a fraudulent authentication request such that it appears legitimate, thereby tricking a user into approving it.
* Duo Mobile for iOS, versions 3.4 — 3.7
Duo Mobile 3.7.1 was published to the iTunes App Store on April 6, 2015. This version ensures that certificate domain-name validation is performed for all TLS connections.
Users should upgrade to this version immediately to prevent the issues described above. Note that administrators can audit their users' Duo Mobile app versions in the "phones" section of the Duo administrative interface.
As noted above, there is a small risk that users' Duo Mobile credentials could be compromised, if an attacker captured network traffic from Duo Mobile during account setup. After users have upgraded, administrators may choose to forcibly invalidate any existing credentials by re-activating users' Duo Mobile accounts in the administrative interface.
Vulnerability Class: Improper Certificate Validation (CWE-295)
Remotely Exploitable: Yes
Authentication Required: No
CVSSv2 Overall Score: 5.8
CVSSv2 Group Scores: Base: 6.8, Temporal: 5.9, Environmental: 5.8
CVSSv2 Vector: (AV:A/AC:L/Au:N/C:C/I:P/A:N/E:H/RL:OF/RC:C/CDP:MH/TD:M/CR:M/IR:H/AR:M)
* CWE-295: Improper Certificate Validation — https://cwe.mitre.org/data/def...
* AFNetworking issue #2619 — https://github.com/AFNetworkin...
* Heartbleed Defense-in-Depth Part #2: Don't Trust SSL — https://www.duosecurity.com/bl...
* Engineers at Duo internally discover that Duo Mobile for iOS does not correctly validate server certificates.
* Duo develops a fix and submits an updated Duo Mobile 3.7.1 to the iTunes App Store.
* Duo Mobile for iOS version 3.7.1 is approved by Apple
* Duo completes testing on Duo Mobile for iOS 3.7.1 and releases it to end users.
* Duo drafts advisory and shares it with affected Enterprise and Business customers.
* Duo updates advisory and shares it with all remaining customers.
Technical questions regarding this issue should be sent to firstname.lastname@example.org and reference "DUO-PSA-2015-002" in the subject.
Other feedback regarding this issue can be sent to email@example.com.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
I sometimes drink from an insulated, sealed mug that's like a sippy cup. Still tastes OK, but I miss the odor filling my lungs with excitement. The good news is that the coffee doesn't oxidize or taste bitter after a couple hours in that cup.