Revealed: The naughty tricks used by Instart Logic to bypass ad blockers | The Register

Revealed: The naughty tricks used by web ads to bypass blockers; Thomas Claburn (San Francisco); In The Register; 2017-08-11.
Teaser: A behind-the-scenes look at the cat and mouse game played by publishers and devs

tl;dr → the ad blocker blockers and their blocker blocker blockers.

Mentions

History

Ignoring content control affordances

Exemplars

Blocker Blockers

a.k.a. The Enforcers

In alphabetical order

Instart Logic
  • California
  • Behaviors
    • disguises third-party network requests so they appear to be first-party network requests.
    • allows ad services used by website publishers to place cookies and serve ads that would otherwise by blocked by the SOP
    • detects when a browser developer console is open for the purpose of concealing code from the <euphemism>technically inclined</euphemism>
    • detects network analysis tools, cite
      • Wireshark
      • Charles Proxy, of Windows
Facebook

Attempts to block ad block.

PageFair

Purveyor to the trades of block-ad-block advice, products & services.

Sourcepoint

Purveyor to the trades of block-ad-block advice, products & services.

Uponit
  • JavaScipt code that attempts to bypass content blocking
  • <quote>Our JavaScript detects all blocked ad calls, fully recreates them (including targeting) and communicates them to our servers through a secure, undetectable channel that bypasses ad blockers,</quote> An impactful benefits statement.
  • code, as supplied by WHO? Raymond Hill.

Blockers

a.k.a. The Dissidents
uBlock Origin
Brave
  • yes.
Safari

Who

  • Peter Blum, VP product management at Instart Logic
  • Raymond Hill, maintains uBlock Origin
  • Luke Mulks, staff, development, Brave

Referenced

Related

E-Commerce as a Jobs Engine? Michael Mandel’s Unorthodox View | NYT

E-Commerce as a Jobs Engine? One Economist’s Unorthodox View; Andrew Ross Sorkin; In Dealbook, a gossip column, in the The New York Times (NYT); 2017-07-10.

tl;dr → Amazon is good. The government worker-counters are doing it wrong. Use a systems-theoretic whole-view to get the complete accounting; he does that. 1100 words.

Original Source

Michael Mandel; Tech The Creation of a New Middle Class?: A Historical and Analytic Perspective on Job and Wage Growth in the Digital Sector, Part I; a whitepaper; Progressive Policy Institute; 2017-03-09; 17 pages. <snide>Would ya look at that title, that’s a BIG one!</snide>

Mentions

  • Progressive Policy Institute
    • an idea shop. <quote>a Democratic-leaning think tank</quote>
    • Washington DC
  • Amazon
  • 2007-12 to May 2017-05
  • John Challenger, president of Challenger, Gray & Christmas, outplacement services
    quoted for color, background & countervailing diversity.

Claims

  • e-commerce jobs (warehouse work, stuffing boxes), pay about 30 percent more than the brick-and-mortar ones (floor supervisor, making change).
  • <quote>jobs at fulfillment centers are “decent paying,” often full time and usually with benefits.</quote>

Who

  • Michael Mandel, chief economic strategist at the Progressive Policy Institute.
  • John Challenger, president of Challenger, Gray & Christmas

Referenced

Is Serverless the New Visual Basic? | High Scalability

Is Serverless the New Visual Basic?; staff; In High Scalability; 2017-05-15.
14344500 – A Commentariat; On HackerNews; no comment, total silence.

tl;dr → Yes. Betteridge’s Law. Because <quote>with Serverless, hiring less experienced <snide>devops ‘droids<snide> can work out is better than hiring experienced cloud <snide>devops droids</snide>.</quote>

Original Source

Paul Johnston (movivo); Event-Driven Design Thinking, Outburst #6; In His Blog entitled The ServerlessCast; 2017-05; It’s linear media … you feel your life drifting away as the sonorous tones drone on and on and on, does this never end?  Is there no transcript?
Paul Johnston, CTO, movivo.

Mentions

Ends with the aphorism Only Time Will Tell. as <quote>It will be interesting to see if Serverless can avoid VB’s fate.</quote>  Call us back when that has transpired.

Summarization

Situation

  • An experienced cloud devops ‘droid will probably think procedurally, in terms of transactional systems, frameworks, and big fat containers that do lots of work.
  • An inexperienced cloud devops ‘droid ‘droid will do whatever is presented in front of it.

Remediation

A Serverless devops ‘droid needs to think

  • small functions that do one thing
  • linked by events;
  • asynchronous thinking
  • distributed thinking.

Diagnosis

Use devops ‘droids with sysadmin skills

  • they have the right stuff.
  • they don’t have the baggage of working with frameworks and servers, etc..

Prediction

  • A devops ‘droid with a sysadmin background is more likely than a framework ‘droid  to understand the distributed thinking that goes with building an entire system of events.
  • Once a system is built up, out, over, the experienced devops ‘droid class will get bored because Serverless systems don’t require the same amount of maintenance.
Claims
  • devops drods do understand event systems.
  • framework ‘droids do not understand event systems
  • framework ‘droids get bored, and remediate that in unconstructive ways.
  • event systems require less maintenance than frameworks.
  • frameworks require more maintenance than event systems.
  • framework ‘droids mostly do maintenance anyway;
    that’s all you’re buying, at the higher price point: maintenance of the shiny.

Nostrum

  • Need but two years of vo-tech on-the-job training
  • Hire younger, hungrier devops ‘droids who don’t have that experience behind them.
Translation

“younger, hungrier” and “less experienced” also means cheaper

Claim

Like Visual Basic, Serverless radically reduces the expertise needed to write a cloud program.
QED

Criticism

Visual Basic …

Reduces the expertise needed to write a cloud Windows program.

Visual Basic programs are a Big Ball of Mud.
  • are technical debt bombs.
  • hard to understand
  • hard to change
  • hard to test
  • poorly designed.
Visual Basic programs
  • have business logic is in the event handlers
  • no layering
  • the GUI is the orchestrator
  • are hard to test
  • use global variables
  • no separation of concerns
  • coupling is high
  • cohesion is low
Serverless has The Indicted Pattern

In Serverless <snip/> the database effectively becomes a store for global variables.

The Fate of Online Trust in the Next Decade | Pew Research Center

, ; The Fate of Online Trust in the Next Decade; Pew Research Center; 2017-08-10; 89 pages; landing.

Teaser

Many experts say lack of trust will not be a barrier to increased public reliance on the internet. Those who are hopeful that trust will grow expect technical and regulatory change will combat users’ concerns about security and privacy. Those who have doubts about progress say people are inured to risk, addicted to convenience and will not be offered alternatives to online interaction. Some expect the very nature of trust will change.

Concept

  • Delphi-type survey design
  • N=1,233
  • A pull-quote generation vehicle. To Wit.

Summary

  • 48% → trust will be strengthened
  • 28% → trust will stay the same
  • 24% → trust will be diminished

Scope

Six major themes on the future of trust in online interactions

Theme 1
Trust will strengthen because systems will improve and people will adapt to them and more broadly embrace them

  • Better technology plus regulatory and industry changes will help increase trust
  • The younger generation and people whose lives rely on technology the most are the vanguard of those who most actively use it, and these groups will grow larger
Theme 2
The nature of trust will become more fluid as technology embeds itself into human and organizational relationships

  • Trust will be dependent upon immediate context and applied differently in different circumstances
  • Trust is not binary or evenly distributed; there are different levels of it
Theme 3
Trust will not grow, but technology usage will continue to rise, as a “new normal” sets in

  • “The trust train has left the station”; sacrifices tied to trust are a “side effect of progress”
  • People often become attached to convenience and inured to risk
  • There will be no choice for users but to comply and hope for the best
Theme 4
Some say blockchain could help; some expect its value might be limited

  • Blockchain has potential to improve things
  • There are reasons to think blockchain might not be as disruptive and important as its advocates expect it to be
Theme 5
The less-than-satisfying current situation will not change much in the next decade
Theme 6
Trust will diminish because the internet is not secure, and powerful forces threaten individuals’ rights

  • Corporate and government interests are not motivated to improve trust or protect the public
  • Criminal exploits will diminish trust

Producers

Imagining The Internet (Center)
  • Pew Research Center
  • Elon University

Separately noted, maybe, but you have to wait for it.

The Actually Distributed Web | Doc Searls, Linux Journal

The Actually Distributed Web; Doc Searls; In His Blog, at Linux Journal; 2017-08-08.

tl;dr → ICO IPFS FTW!

Mentions

Theory

Of Marshall McLuhan, contra Harold Innis.

The Tetrad of Media Effects
  • “technology” is media, indeed “everything” is media.
  • the introduction of new media causes change in the millieu.
  • the new medium, four effects as a 2×2 combinator.
Axes
  • Ground
  • Figure
Interrogatories
  • What is enhanced?
  • What is obsoleted?
  • What is recovered (from obsolescence)
  • What is reversed (transformed), at the limit, any limit?

The last is very high concept: as in <quote ref=”there“>Acoustic radio flips into audio-visual TV.<quote>.
Pretty sure that the FCC doesn’t see it that way; nor does the NCEES; but this is media theory so it’s all compos mentis.

Device

Application

Analysis attributable to the author, Doc Searls.

Crypto Currencies
  • Enhance → exchange.
  • Retrieve → the bazaar.
  • Obsolesce → fiat currency.
  • Reverse → mutual unintelligibility, no exchange
    <metaphorical>isolated islands, walled gardens</metaphorical>).
Distributed Ledgers
  • Enhance → peer-to-peer.
  • Retrieve → individual agency.
  • Obsolesce → platform dominance.
  • Reverse → into one-to-one
    <refine>into peer-to-peer?</refine>.
Criticism

Via Why. The Web, of HTTP, cannot (or has not) <quote>

  • HTTP is inefficient and inexpensive…with video delivery, a P2P approach could save 60% in bandwidth costs <claime/d>.
  • Humanity’s history is deleted daily…IPFS provides historic versioning (like git) and makes it simple to set up resilient networks for mirroring of data.
  • The web’s centralization limits opportunity…IPFS remains true to the original vision of the open and flat web, but delivers the technology which makes that vision a reality.
  • Our apps are addicted to the backbone…IPFS powers the creation of diversely resilient networks which enable persistent availability with or without Internet backbone connectivity.
Remediation

Via How. The IPFS presents a (non-POSIX, yet POSIX-similar) hierarchical filesystem metaphor as a unifying artifice, wherein <quote>:

  • Each file and all of the blocks within it are given a unique fingerprint called a cryptographic hash.
  • IPFS removes duplications across the network and tracks version history for every file. <responsive>Uniqueness in time and space.</responsive>
  • Each network node stores only content it is interested in and some indexing information that helps figure out who is storing what. <responsive>What if no network is interested for a brief period? Who shall suffer the little files, the lost blocks, the unloved & unwanted slabs?</responsive>
  • When looking up files, you’re asking the network to find nodes storing the content behind a unique hash.
  • Every file can be found by human-readable names using a decentralized naming system called IPNS.
    <responsive>Like The DNS?</responsive>

</quote>

Avatars, Talismans

<quote>feudal castles of what in Europe</quote>

Old World Order
  • AOL
  • CompuServe
  • BSD
  • Linux
  • UNIX
New World Order
  • Google Alphabet
  • Amazon
  • Facebook
  • Apple

GAFA → Google, Amazon, Facebook and Apple.
No Microsoft? FAMA? GAMF? <sic>MAGA?</sic>

Promoters

Who

  • Juan Benet
    • founder, Protocol Labs
    • inventor credit, IPFS
    • juan@benet.ai, an SMTP address.
    • @JuanBenet, a Twitter address screen name?
  • Tim Berners-Lee, a priori.
  • Brad Burnham, Union Square Ventures.
  • Brendan Eich, Brave; hagiography.
  • Marshall McLuhan, a theorist; hagiography
  • Linus Torvalds, a priori.
  • Phil Windley, chair (emcee), Sovrin Foundation.

Referenced

Definitional

Thematic Wikis
Jimi Wales’ Wiki

Previously

In Linux Journal

Actualities

Spread

Chartistry


http://coinmarketcap.com/charts

The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments | Poon, Dryja

Joseph Poon, Thaddeus Dryja; https is busted, The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments, draft v0.5.9.2; a white paper; Lightning Network; 2016-01-14; 59 pages.

tl;dr → transactions are fractioned out (structured) into micro-transactions and sent via separate channels.

Abstract

The bitcoin protocol can encompass the global financial transaction volume in all electronic payment systems today, without a single custodial third party holding funds or requiring participants to have anything more than a computer using a broadband connection. A decentralized system is proposed whereby transactions are sent over a network of micropayment channels (a.k.a. payment channels or transaction channels) whose transfer of value occurs off-blockchain. If Bitcoin transactions can be signed with a new sighash type that addresses malleability, these transfers may occur between untrusted parties along the transfer route by contracts which, in the event of uncooperative or hostile participants, are enforceable via broadcast over the bitcoin blockchain in the event of uncooperative or hostile participants, through a series of decrementing timelocks.

Mentions

  • slow blockchain
  • fast fractional network
  • gossip protocol
  • ledger

Referenced

  1. Satoshi Nakamoto. Bitcoin: A Peer-to-peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf, Oct 2008-10.
  2. Manny Trillo. Stress Test Prepares VisaNet for the Most Wonderful Time of the Year, 2013-10.
  3. Bitcoin Wiki. Example 7: Rapidly-adjusted (micro)payments to a pre-determined party within Contracts. undated.
  4. bitcoinj (a github). Working with micropayment channels. undated.
  5. Leslie Lamport. The Part-Time Parliament. In ACM Transactions on Computer Systems, 21(2):133–169. 1998-05.
  6. Leslie Lamport. Time, Clocks and The Ordering of Events in a Distributed System. In Communications of the ACM, 21(7):558–565, 1978-07.
  7. Alex Akselrod. Draft. 2013-03.
  8. Alex Akselrod. ESCHATON. 2014-04.
  9. Peter Todd. Near-zero fee transactions with hub-and-spoke micropayments. 2014-12.
  10. C. J. Plooy. J..nl/bitcoin/ripple_bitcoin_draft_2.pdf”>Combining Bitcoin and the Ripple to create a fast, scalable, decentralized, anonymous, low-trust payment network. 2013-01-01.
  11. Mark Friedenbach. BIP 0068: Consensus-enforced transaction replacement signaled via sequence numbers (relative locktime). 2015-05.
  12. Mark Friedenbach BtcDrak, Eric Lombrozo. BIP 0112: CHECK-SEQUENCEVERIFY. 2015-08.
  13. Jonas Schnelli. What does OP CHECKSEQUENCEVERIFY do?. In Stack Exchange 2015-07.
  14. Greg Maxwell (nullc). Some Discussion. On /r/Bitcoin, hosted on reddit. 2015-05.
  15. Gavin Andresen. BIP 0016: Pay to Script Hash. 2012-01.
  16. Pieter Wuille. BIP 0032: Hierarchical Deterministic Wallets. 2012-02.
  17. Ilja Gerhardt, Timo Hanke. Homomorphic Payment Addresses and the Pay-to-Contract Protocol. 2012-12; arXiv:1212.3257.
  18. Nick Szabo. Formalizing and Securing Relationships on Public Networks. In His Blog. 1997-09.

Leaky PostgreSQL passwords plugged | The Register

Leaky PostgreSQL passwords plugged; Richard Chirgwin; In The Register; 2017-08-13.
Teaser: DBAs: strap on your patching boots. Every DB in your clusters needs work

Original Sources

Mentions

  • CVE-2017-7547
    • pg_user_mappings
  • CVE-2017-7546
    • 1477184; In Bugzilla at Red Hat
    • Adam Mariš
  • CVE-2017-7548
    • lo_put()

Bitcoin IRA

Seems to be just that: A schemevehicle which sells beneficial interest in the Bitcoin commodity under the Individual Retirement Accounts (IRA) system. Seems legit.

How

  • No prospectus.
  • You have to sign up with PII to hear more.
  • A salesbot will call.

When

Who

  • Edmund C. Moy (Chief Strategist)
  • Amith B. Nirgunarthy (Director of Marketing)

Promotions

Heavy in the SEM space

 


Delivery of details requires PII

 

Actualities

Michael Flossman (Lookout) reports that more than 4,000 Android apps secretly record audio and steal logs | Ars Technica

Researchers report >4,000 apps that secretly record audio and steal logs; ; in Ars Technica; 2017-08-12.

tl;dr → Some pro bono work results in a bug report.  Google has already remediated.

Original Sources

Michael Flossman (Lookout); SonicSpy: Over a thousand spyware apps discovered, some in Google Play; In Their Blog; 2017-08-10.

Mentions

  • SonicSpy
  • SpyNote, is similar

 

Roundup on Onavo Protect VPN used to inform Facebook UX, M&A | Houseparty contra Bonfire, On This Day contra Timehop

In archaeological order…

tl;dr → Onavo is a VPN. Facebook snoops the traffic on it to grok trends. Trend highlights cause cloned features in Facebook UX or deal flow at Facebook M&A.

  • The Washington Post piece goes broad to illustrate the pattern across a wide range of business lines and a long time span.
  • The Wall Street Journal (WSJ) piece goes deep to focus on travel log: group video chat with Facebook’s attempt to acqui-hire Houseparty prior to the launch of Bonfire in 2017-Q4 (“in the Fall”).

Separately noted.