What would it look like to return home from outside our galaxy?
What would it look like to return home from outside our galaxy?
A few times a year, I like to read John Allspaw’s post On Being a Senior Engineer. If you haven’t read it yet (or recently), go do that. I’ll wait. I keep coming back to this post not only because I find it helpful to share with other people, such as in the course of a mentoring relationship with someone looking to become a more senior engineer, but also because it helps remind me of what is important in being a mature engineer and so helps me up my own engineering game.
The first “obligatory pithy characteristic of mature engineers” in John’s post is Mature engineers seek out constructive criticism of their designs. Since there is so much of an emphasis in that post on the squishy human parts (or “soft skills”) of engineering, I like to think of mature engineers as people who seek out constructive criticism of all their work, not just the technical parts. (Actually, this probably applies to all career paths, not just engineering. For example, the best managers I’ve had were the ones who actively solicited feedback on how they were doing as managers and really listened to the answers.) In addition to just seeking out constructive feedback, however, mature engineers need to be able to both give and receive feedback constructively.
I call out receiving feedback separately from seeking it out because I’ve seen people over the years go through the superficial motions of asking for feedback but either don’t receive it well or never actually incorporate or use any of it. Receiving feedback isn’t always easy, and it can be tough to know which feedback is actually constructive. How can we do better at this?
On the flip side is being able to give feedback in a way that maximizes the likelihood that it will be received well. I’ve found that receiving feedback has made me better at giving it – for example, after writing the book and getting feedback and edits from a bunch of different people, I was able to better articulate what kinds of feedback I found most helpful in various stages of the writing process and incorporate that knowledge into the feedback I gave to others. But aside from receiving feedback ourselves, how else can we get better at giving it?
Finally, I’d be remiss if I didn’t mention Lara Hogan’s excellent post on giving presentation feedback. I’ve found that much of what she’s written can be modified slightly to apply to more than just rehearsals for presentations. (“Hearing the sound of your own voice is never a good enough reason to give feedback” – always true! As someone who is trying to tone down their wisecracks in meetings, this is super valuable to keep in mind.)
Giving and receiving feedback can both be quite tricky – these are the squishy, interpersonal, feelings sorts of things that we’re not necessarily the best at. But these interpersonal skills are part of what differentiate mature or senior engineers, so it’s important that we practice them whenever we can.
Possibly named after the Norse God of War, Odin is the latest Locky persona [read:variant] hitting mailboxes. This shift was detected by our ‘MailRunner’ classifier, which we’ll dissect in a future blog post.
Odin very much resembles another Locky variant, Zepto. Truth be told, these are all likely just improvements by the author to fix bugs or simply a shift in approach to make signature matching more difficult rather then a completely new variant. Odin comes after a slight dip over the weekend in the number of samples we saw hitting our classifier so perhaps the authors took a break to pull in some changes.
Let’s take a look at some of the traits of Odin.
Odin stays consistent by conveniently arriving in your mailbox posing as something important. We noticed two different patterns with the inbound emails that match prior Locky/Zepto campaigns:
| Pattern 1 | Pattern 2 | |
| Source Email Domain | Reverse MX Lookup | No association with recipient |
| Source Email User | (?:[A-Z])(?:[a-z]{1,})(?:[0-9]{1,3}) | (?:[A-Z])(?:[a-z]{1,})\.(?:[0-9]{1,4}) |
| Subject | Re: Documents Requested and FW:Documents Requested | Updated invoice #(?:[0-9]{7}) |
| Filename | (?:[newdoc|doc|untitled])(?:[0-9]{1,3})\.zip | (?:[a-f0-9]{8,14})\.zip |
| Uncompressed Filename | (?:[A-Z0-9]{10})\.wsf or just CJPOG21534.wsf | (?:[a-zA-Z]) Hidden file and Updated invoice pdf (?:[A-Z0-9]{5})\.wsf |
The downloaders in both patterns were obfuscated Windows Script Files. Both appeared to be obfuscated using different techniques seen in previous Locky/Zepto campaigns:
The first pattern used a very familiar structure with Locky/Zepto: 3 JavaScript blocks with content wrapped in CDATA tags. As the script executes, it deobfuscates the next, performing various tests to discover a sandbox environment. One notable difference in the encoding was the abundant use of the ‘decodeHexLONG’ variable.
The second pattern passes its entire encoding through an eval(), which can be dumped to gain better insight into what it is doing.
The single-character named file in the second pattern is interesting. There doesn’t be an instance in the overall infection where this file is touched which may imply this file was mistakenly included. File sizes for these files vary, and they all contain binary data. Could this be a key or something valuable to decrypt infected files? I’d love to hear back from you if anyone uncovers what this does. Here’s an example of one:
The downloader fetched an obfuscated DLL which is responsible for the infection.
| Pattern 1 | Pattern 2 | |
| Download URL | Various (?:.*/g766d4ft?rRffpf=NrdcbOsmH) | Various (?:[a-zA-Z0-9]{3,8}) |
| Download Server | Various (nginx, Apache, …) | Various nginx/1.10.1,LiteSpeed, … |
| Sample Filename | OesxPJXWfao1.dll | ughGZjTSwn.dll |
| Sample MD5 | 9B3DE41F4106963A50E9AF2566912451 | 27DFFCFF609AAF6CFABF0304B52DFB74 |
| Sample SHA1 | 7BBA55F6A117D8C5CFD0D41A5C1ECFA6136BB092 | 7B1E0ED52B2D801B6F8E346D9CDAEBE885B99946 |
| Arch | 32-Bit | 32-bit |
| File Version | 6.1.7601.17621 | 2.0.4.0 |
| Company | Microsoft Corporation | ACE Compression Software |
| Link Date | 11:15 AM 9/26/2016 | 8:00 AM 9/26/2016 |
| POST Server URI | /apache_handler.php | /apache_handler.php |
The companies for each pattern imply that one may be packed. Let’s take a quick view of their entry points.
Pattern 1 mostly downloaded Odin from a single location:
resboiu[.]ro:80/g766d4ft?rRffpf=NrdcbOsmH
However newer variants have diversified. We can see a pretty significant relative spike in traffic to this host today:
Here are a list of hosts in both campaigns:
The data sent back to the server remains consistent
Odin get’s it’s name from the ‘.odin’ file extension it renames encrypted files to. The files are renamed in a similar fashion:
Where ‘A8ZR6SLDQ-3F13-ZPWJ’ is a unique identifier for your infection.
After infection, the patterns are again slightly different, but both redirect to the same payment page.
Payment pages are the same, but the prices are not. In the two samples below, one is 1.5 BTC while another is just 0.5 BTC. Other samples floating around are upwards to 3.0 BTC.
The post Odin is Locky’s Latest Persona appeared first on OpenDNS Umbrella Blog.
Brian Krebs writes about the massive DDoS attack against his site. In fact, the site is down as I post this.
Like knowing what asteroid will be whizzing by Earth next? You’re in luck because now you can subscribe to the Daily Minor Planet, a brand new service that delivers daily reports on the latest asteroid happenings di-rect to your inbox.
“Most people don’t realize how common asteroid flybys are,” said Matt Holman, director of the Minor Planet Center and astronomer at the Harvard-Smithsonian Center for Astrophysics (CfA). “We want the Daily Minor Planet to educate readers in an entertaining way, so the next time they see a doom-and-gloom asteroid headline, they’ll know where to go to find the facts.”
The e-alert’s name combines the title of the fictional newspaper home of Superman’s Clark Kent, the Daily Planet, with the historical name of asteroids, or minor planets. In a nod to the real-life newspaper world, it will be available in two formats: classic and modern. If only Jimmy Olsen and Lois Lane were on the staff.
Almost every day, a known asteroid passes within a few million miles of Earth. On those dates, the Daily Minor Planet will list the flyby asteroid along with the time and distance of its closest approach. On days without a cosmic flyby, the report will feature a newly discovered asteroid or highlight an article from the popular press.
The Daily Minor Planet continues a collaboration that began with Asteroid Explorers, a website designed to increase public awareness of asteroids and their impact and risks to the world. That website’s interactive tools allow visitors to investigate questions like “Which asteroids have the highest risk of impacting Earth?” and “Which asteroids are easiest to travel to?”
This month alone, some 1070 new asteroids have been discovered with 120 of them of the Earth-approaching class. Don’t even try to guess how many we know about as of today’s date (OK, it’s 717,768). In other words, expect regular updates of new discoveries!
Now that I’ve whet your appetite, take a moment to subscribe to this delightful asteroid rag at http://minorplanetcenter.net/daily-minor-planet.
It’s starting to feel like my favorite time of year once more—the autumnal equinox took place last week, marking the end of summer and the start of fall across the Northern Hemisphere. Autumn is the season of harvests, festivals, migrations, winter preparations, and of course, spectacular foliage. Across the north, people are just beginning to feel a crisp chill in the evening air, leaves are splashing mountainsides with bright color, apples and pumpkins are being gathered, and animals are on the move. Collected here are some early images from this year's autumn—more will come later as the season unfolds.
It’s now possible to build dports using LibreSSL instead of OpenSSL. Set SSL_DEFAULT in make.conf to the appropriate port name, and start building. Use synth for fastest results, of course.
LibreSSL will eventually become the default library. This is in addition to the previously-mentioned, already-completed in DragonFly 4.7, base system switch to LibreSSL.
Today we’re announcing that we’ve raised a Series B round of $65M to fund our global expansion, bringing our total capital raised to $94M. Flexport’s mission is fix the user experience in global trade.
The funding will help us hire and retain more smart, driven people to tackle the many challenges we face. And it will also let us continue our rapid international expansion. Unlike many high growth Silicon Valley companies, Flexport has been a global company from day one. Our employees speak more than 35 languages, and helping companies go global is at the very heart of our mission.
The post Flexport Raises $65M to Fund Global Expansion appeared first on Flexport.
Just got my Mastering Emacs update. Mickey has put out version 2 to incorporate new material reflecting changes in Emacs 25.1. The upgrade is free to current owners; You should be getting an email from Mickey. If you don't already have a copy and you're an Emacs user, you're in luck. Mickey is making the new edition available for just $25. That's a 37% discount so follow the link and get yours now.
As Rosetta began homing in on Comet 67P/Churyumov–Gerasimenko in the weeks leading up to its arrival in August 2014, it became very clear that this was no ordinary comet. But its striking shape was only just the beginning of the comet’s surprises. After more than two years spent living with the comet, Rosetta scientists reflect on some of the mission’s unexpected discoveries, the mysteries solved and the new questions raised.
Compilation of the brightest outbursts seen at Comet 67P/Churyumov–Gerasimenko by Rosetta’s OSIRIS narrow-angle camera and Navigation Camera between July and September 2015.
Credits: OSIRIS: ESA/Rosetta/MPS for OSIRIS Team MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA; NavCam: ESA/Rosetta/NavCam – CC BY-SA IGO 3.0
“Rosetta has completely changed our picture of comets,” says Eberhard Grün, an interdisciplinary scientist working on the Rosetta mission at the Max Planck Institute for Nuclear Physics in Heidelberg, Germany.
“Previously, they were pictured as dirty ice balls – or, as some prefer, icy dust balls – but now we know them, or at least this one, to be geologically complex worlds where a myriad of processes are at work creating the incredible surface structure and activity of the comet.”
While many of the results from the mission highlight the findings of individual instruments – 11 on Rosetta and 10 on Philae – the role of the interdisciplinary scientists is to keep abreast of the findings of the entire mission, and see how the different results fit together and develop a more comprehensive view of how the comet ‘works’.
“It is only really in the last few months that it felt like all the pieces of the puzzle were falling into place without effort, and step-by-step it is becoming clearer which of our results are the crucial keys to deciphering the ‘Rosetta stone’ we have in our hands,” says Marco Fulle, also a Rosetta interdisciplinary scientist, based at the National Institute of Astrophysics, Trieste, Italy, and lead author of a paper summarising a number of the most unexpected and significant findings made in the first two years of data analysis.
One big open question concerned the origin of comets. “This was one of the things I was really looking forward to finding out about: just how primordial are comets?” says Bonnie Buratti from NASA, who acts as their project scientist for Rosetta.
“With the data presented so far, the comet certainly looks pretty primordial, offering us a glimpse of what the building blocks of the planets and moons may have looked like, 4.6 billion years ago.”
Results from Rosetta so far indicate that comets are likely ancient leftovers of early Solar System formation, and not younger fragments resulting from subsequent collisions between other, larger bodies.
Where was the comet born?
“One of the most unexpected and important discoveries was that of molecular oxygen,” says Marco. “Combined with the detection of molecular nitrogen, noble gases and the value of the D/H ratio in the comet’s water , this tells us that the comet was born in a very cold region of the protoplanetary nebula, far from the Sun.”
Nitrogen and oxygen in particular need low temperatures to be trapped in the comet’s ices, so the fact they are observed outgassing today along with water vapour suggests they were incorporated into the comet during its formation.
Deuterium-to-hydrogen in the Solar System. Click for full caption. Data from Altwegg et al. 2014 and references therein.
The ratio of deuterium – an isotope of hydrogen with one additional neutron – to normal hydrogen found in the comet’s water holds other important clues to the conditions in which the comet was born.
Theoretical simulations indicate that this ratio should change with distance from the Sun and with time in the first few million years of Solar System history. Since the ratio does not change during a comet’s life, it is an important indicator of the conditions at the time of the formation of its constituent ingredients, and therefore where the comet was most likely born.
The ratio has been measured for 11 comets, mainly via remote observations, and Rosetta’s comet has the highest of them all. This suggests that comets formed over a much wider range of distances from the Sun in the young Solar System than previously thought.
Rosetta’s measurement of the ratio was also one of the most anticipated results of the mission for another reason: its direct link to the source of Earth’s oceans. Was water brought to our planet by comets or asteroids? Rosetta found that its comet’s water is quite different to that of Earth’s, and indeed of other comets and asteroids too, again indicating a diverse origin.
The essence of the question has changed,” says Bonnie. “Now we have to ask: what fraction of the water on Earth came from comets, how much came from asteroids or other bodies, and how much was here to begin with?”
“We have made great progress in starting to address the big questions Rosetta set out to answer, but full answers will take time,” says ESA’s Rosetta project scientist Matt Taylor.
Philae's view at Abydos. Credits: ESA/Rosetta/Philae/CIVA
“We have already made inroads into the composition and characterisation of the comet coma. We’ve also studied the surface of the nucleus in great detail, started to classify surface features and regions, and now we’re trying to understand these surface features at a range of scales.”
“Similarities between the scene captured by Philae at its final resting place in Abydos at millimetre-scale and those seen in the Hathor cliff by Rosetta at metre-scale are incredible,” adds Eberhard. “They demonstrate that there is a lot for us to understand about how various physical processes work at different scales, as well as the properties of the material we are looking at.”
Comet shape in control
The shape of the comet and the features on its surface play a role in its activity, driving its seasons, dust transport and influencing the gas densities observed in the coma.
“The comet shape is extremely important to link what we see on the surface of the nucleus to our observations of the coma using both Rosetta’s in-situ instruments and remote sensing,” says Marco.
“Many teams in the Rosetta community, not just the instrument scientists, but also observational astronomers and experts in computer modelling, have been working hard on this topic, and it is a nice surprise to see that their results are in very good agreement: this is not trivial when such a challenging problem is faced for the first time.”
The cliffs of Hathor, seen in a 31 August 2016 view of the comet. Credits: ESA/Rosetta/NAVCAM – CC BY-SA IGO 3.0
For a comet that is constantly changing, this one is apparently doing so with persistent regularity. The comet has been the subject of much attention from Earth-based astronomers, who have recorded similar patterns of behaviour in its activity as it repeats its 6.5 year orbit around the Sun.
“We now know that this is related to the shape of the comet, and the way the release of gas from the two lobes distributes internal stresses between the body and head. This allows the spin axis to remain well fixed in space, which in turn means regular seasons and repetitive behaviour along the comet’s orbit,” says Marco.
Owing to its double-lobed shape and the inclination of its rotation axis, the comet’s seasons are very different between the two hemispheres over its 6.5 year-long orbit. For most of the orbit, the northern hemisphere experiences a very long summer, lasting over 5.5 years, while the southern hemisphere undergoes a long, dark and cold winter.
However, a few months before the comet reaches perihelion – the closest point to the Sun along its orbit – the situation changes, and the southern hemisphere transitions to a brief and relatively hot summer.
These seasons drive the transfer of dust across the comet. During the few months around perihelion, Rosetta has observed that some areas of the northern nucleus received a shower of dust up to a few metres thick, starting with dust grains of a few millimetres across and up to metre-sized objects.
“Although it is misleading to transfer our terrestrial experiences to a comet, let’s fantasise for moment,” says Marco. “If we were standing on the comet, I could imagine this dust movement to be like a very calm and gentle pumice-fall, albeit with dust up to giant beach ball size, during a night with a sustained breeze – but too tenuous to be felt – coming from the south.”
While some of the dust is redistributed around the comet in this way, some particles are also ejected at speeds high enough to escape the gravity of the comet. A tiny fraction was then collected by Rosetta’s dust-analysing instruments.
“The dust ‘showers’ recorded by the GIADA instrument were one of the most surprising observations of the mission for me,” says Marco. Dust showers describe a cluster of dust particles detected by the instrument over a sustained period; some previously reported showers were observed to last 0.1– 30 seconds.
Comet's dusty environment. Credits: ESA/Rosetta/MPS for OSIRIS Team MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA
“It was something we had never seen before and had not been expected, so it generated quite some discussion. Luckily, more and more instruments are confirming that the very fluffy, very big and very charged dust particles we suggested to explain these weird observations may really exist, although we are still working out the wider implications.”
Nicolas Altobelli, ESA’s deputy Rosetta project scientist, was also particularly fascinated by the dust observations: “I found it incredible that for the first time we could see grains of dust collected and imaged or scanned by the COSIMA and MIDAS instruments.”
These grains are linked to the interplanetary dust particle populations that are thought to have grown into larger and larger agglomerations of particles during the early phases of Solar System formation. To understand how comets are formed, scientists need to understand the structure of the smallest grains and how they are built.
“Before Rosetta, the only way to study them was to go on an expedition to Antarctica to collect meteorites preserved in the snow and to look for interplanetary dust grains inside them,” says Nicolas. “But those grains might have been altered by the entry of the parent body through our planet’s atmosphere and by the time spent in the snow. With Rosetta, we have a direct delivery of pristine material from the source.”
But how the dust actually leaves the surface of the comet is still an open question. “To win against the low gravity of the comet is easy, but overcoming the stronger Van der Waals electrical forces binding the dust particles to each other still remains a mystery,” adds Marco.
Surprises further afield
Matt has a background in plasma physics and was especially looking forward to monitoring how the comet would interact with its environment as it hurtled through space along its orbit around the Sun.
“One of the biggest surprises for me was the detection of the diamagnetic cavity. The spacecraft was on orbits around the comet way beyond where everyone thought this region might form, and so we weren’t expecting to see it.”
Magnetic field-free cavity at comet. Click for full caption.
The diamagnetic cavity is a region devoid of magnetic field, arising at the interface between the incoming solar wind and the outflowing gas from a comet. Based on previous observations at other comets, theoretical simulations had predicted that such a cavity would extend only 50–100 km from the nucleus during the comet’s most active months, but one of the first detections made by Rosetta was at 170 km.
“Rosetta has shown that this region and its boundary are particularly dynamic and as a result we’ve been lucky enough to make a number of observations of the boundary as the magnetic field-free region repeatedly passed around the spacecraft,” says Matt.
“In addition, we discovered the ‘song’ of the comet , driven by plasma waves, and a set of plasma boundaries so unusual that we will be digging through the data for years to come.”
A generation of comet chasers
The results of Rosetta are helping to put the observations of other comets in context and vice-versa: without the results of previous missions, some of Rosetta’s results would be hard to understand.
“For example, the ‘holes’ left over after active regions peter out look like those we saw on Comet 81P/Wild-2 from larger distances,” says Bonnie. “We also see similarities in the ‘ponding’” of dust, and features that remind us of wind-blown processes on Earth. These seem to be common on comets.”
“The results of NASA’s Stardust mission to 81P/Wild-2 certainly helped us to better understand our dust,” adds Marco.
“Comparing the results of various missions is not trivial. Most missions prior to Rosetta only collected snapshots as they flew past their targets, so it is hard to understand how representative those brief observations were of each comet, especially in terms of their composition.
“We need a patient observer like Rosetta, following its target during the whole orbit, to avoid any bias in the measurements due to local or sporadic events, or the effect of the comet’s seasons on the coma, for example.”
This is only the beginning
But even with over two years of data now safely collected, tracking the comet through its most active period as it passed through perihelion, and giving unrivalled insight into the evolution of the comet, this is still only the beginning of Rosetta’s big discoveries.
“To me, the importance of Rosetta lies more in the potential the data have than what we’ve already discovered,” says Eberhard. “The abundance of data we obtained during Rosetta’s two-year rendezvous will eventually unveil the deep secrets of this comet.”
Matt agrees: “For me, the big answers will surely come by piecing all of this together and combining observations with new models – which can now be improved thanks to Rosetta’s results – to address how comets work, where they come from and how they fit into Solar System’s history.
“Now that the operational side of the mission is drawing to a close, we’ll have much more time to delve into this treasure trove of data.”
“Rosetta has certainly shown us that what she observed was in many cases quite different from what we had planned,” reflects Marco. “But it is the surprises that will surely make Rosetta the key to understanding our own as well as other solar systems.”
Imagine how Rosetta's descent might look if you were an observer at Comet 67P/C-G!
This new animation visualises the final stages of Rosetta's descent to Comet 67P/Churyumov–Gerasimenko on 30 September 2016. The sequence is speeded up to show the relative motion of Rosetta and the rotating comet below.
Earlier today, Rosetta completed a small manoeuvre as planned that puts it on the start of a 16 x 23 km orbit needed in preparation for the collision manoeuvre on 29 September.
Recap the final trajectories in the below animation:
This is the second post in a series of three about Etsy’s API, the abstract interface to our logic and data. The previous post is about concurrency in Etsy’s API infrastructure. This post covers the operational side of the API infrastructure.
How do the decisions for developing Etsy’s API that we discussed in the first post relate to Etsy’s general architecture? We’re all about Do It Yourself at Etsy. A cloud is just other people’s computers, and not in the spirit of DIY; that’s why we rather run our own datacenter with our own hardware.
Also, Etsy kicks it old school and runs on a LAMP stack. Linux, Apache, MySQL, PHP. We’ve already talked about PHP being a strictly sequential, single-threaded, shared-nothing environment, leading to our choice of parallel cURL. In the PHP world, everything runs through a front controller, for example index.php. In that file, we have to include other PHP files if we need them, and to make that easier, we usually use an autoloader to help with dependencies.
Every web request gets a new PHP environment in its own instance of the PHP interpreter. The process of setting up that environment is called bootstrap. This bootstrapping process is a fixed cost in terms of CPU work, regardless of the actual work required by the request. By enabling multiple, concurrent HTTP sub-requests to fetch data for a single client request, this fixed cost was multiplied. Additionally, this concurrency encouraged more work to be done within the same wall clock time. Developers built more diverse features and experiences, but at the cost of using more back-end resources. We had a problem.
As more teams adopted the new approach to build features in our apps and on the web, more and more backend resources were being consumed, primarily in terms of CPU usage from PHP. In response, we added more compute capacity, over time growing the API to four times the number of servers prior to API v3. Continuing down this path we would have exhausted space and power in our datacenters. This was not a long term solution.
To solve this, we tried several strategies at once. First, we skipped some work by allowing to mark some subrequests as optional. This approach was abandoned because people used it as a graceful error recovery mechanism, triggering an alternate subrequest, rather than for optional data fetches. This didn’t help us reduce the overall work required for a given client request.
Also, we spent some time optimizing the bootstrap process. The bootstrap tax is paid by all requests and subrequests, making it a good place to focus our efforts. This initially showed benefit with some low hanging fruit, but it was a moving target in a changing codebase, requiring constant work to maintain a low bootstrap tax. We needed other ways of doing less work.
A big step forward was the introduction of HTTP response caching. We had to add caching quickly, and first tried the same cache we use for image serving, Apache Traffic Server. While being great for caching large image files, it didn’t work as well for smaller, latency sensitive API responses. We settled on Varnish, which is fast and easy to configure for our needs. Not all endpoints are being cached, but for cached ones, Varnish will serve the same response many times. We accept staleness for a small 10 – 15 minute period, drastically reducing the amount of work required for these requests. For the cacheable case, Varnish handles thousands of requests per second with a 80% hit rate. Because the API framework requires input parameters to be explicit in the HTTP request, this meshed well with introducing the caching tier. The framework also transparently handles locale, passing the user’s language, currency and region with every subrequest, which Varnish uses to manage variants.
The biggest step forward came from a courageous experiment. Dan from the core team looked at bigger organizations that faced the same problem, and tried out facebook’s hhvm on our API cluster. And got a rocketship. We could do the same work, but faster, solving this issue for us entirely. The performance gain from hhvm was a catalyst for performance improvements that made it into PHP7. We are now completely switched over to PHP7 everywhere, but it’s unclear what we would have done without hhvm back in the day.
In conclusion, concurrency proved to be great for logical aggregation of components, and not so great for performance optimization. Better database access would be better for that.
If we have a tree-like request with sub-requests, a simple solution would be to route this initial request via a load balancer into a pool, and then run all subrequests on the same machine. This leads to a lumpy distribution of work. The next step from here is one uniform pool, and routing the subrequests back into that pool again, to have a good balance across the cluster. Over time (and because we experimented with hhvm), we created three pools that correspond to the three logical tiers of endpoints. In this way, we can monitor and scale each class of endpoints separately, even though each node in all three clusters works the same way.
If we sit back and think about this for a bit – how is this architecture specific to Etsy’s ecosystem? Where wouldn’t it work? What are the known problems?
The most obvious gaping hole is that we have no API versioning. How do we even get away with that? We solve this by keeping our public API small and our internal API very very fluid. Since we control both ends of the internal API via client generation and meta-endpoints, the intermediate language of domain objects is free to evolve. It’s tied into our continuous deployment system, moving along with up to 60 deploys per day for etsy.com. And the client is constantly in flux for the internal API.
And as long as it’s internal at Etsy, even the outside layer of bespoke AJAX endpoints is very malleable and matures over time.
Of course this is different for the Apps and the third party API, but those branch off after maturing on the internal API service over several years. Software development companies who focus on an extensive public API or even have that as the main service could not work in this way. They would need an internal place to let the API endpoints mature, which we do on the internal API service that is powering Etsy.
We know there are very technical solutions to version changes being used in our industry, such as ESPN having a JSON schema, and publishing just a schema change, like a diff, which can be smaller than 100k. That’s really exciting, but we’re just not at the point where this is our most important priority, since we don’t have too many API consumers at Etsy yet. We ourselves are our biggest consumer, and generated clients shield us from the versioning problem for now, while giving us the benefit of a monorepo-like ecosystem, in which we can refactor without boundaries between PHP and JavaScript.
Let’s talk about tooling that we built to learn more about the behavior of our code in practice. Most of the tools that we developed for API v3 are around monitoring the new distributed system.
As we know, with API v2, we had the problem that almost an arbitrary amount of single threaded work could be generated based on the query parameters, and this was really hard to monitor. Moving from the single-threaded execution model to a concurrent model triggering multiple API requests was even more challenging to monitor. You can still profile individual requests with the usual logging and metrics, but it’s hard to get the entire picture. Child requests need to be tied to back to the original request that triggered them, but they themselves might be executed elsewhere on the cluster.
To visualize this, we built a tool for distributed tracing of requests, called CrossStitch. It’s a waterfall diagram of the time spent on different tasks when loading a page, such as HTTP requests, cache queries, database queries, and so on. In darker purple, you can see different HTTP requests being kicked off for a shop’s homepage, for example you see the request for the shop’s about page is running in parallel with requests for other API components.
Bespoke API calls can create HTTP request fanout to concurrent components, which in turn can create fanout to atomic component endpoints. This can create a strain on the API and database servers that is not easy for an endpoint developer to be aware of when building something in the development environment or rolling out a change to a small percentage of users.
The fanout manager aims to put a ceiling on the overall resource requests that are in flight, and we are doing this in the scheduler part of the curl callback orchestrator by keeping track of sub-requests in memcached. When a new request hits the API server, a key based on the unique user ID of that root request is put into memcached. This key works as a counter of parallel in-flight requests for that specific root request. The key is being passed on to the concurrent and component endpoint subrequests. When the scheduler runs a subrequest, it increments the counter for that key. When the request got a response and it’s slot is freed in the scheduler, the counter for the key is decremented. So we always know how many total subrequests are in-flight for one root request at the same time.
In a distributed system like this, multiple requests can be competing for the same slot. We have a problem that requires a lock.
To avoid the lock overhead, we circumvent the distributed locking problem by relying on memcached’s atomic increment and decrement operation. We optimistically first increment the memcached key counter, and then check whether the operation was valid and we actually got the slot. Sometimes we have to decrement again because this optimistic assumption is wrong, but in that case we are waiting for other requests to finish anyway and the extra operation makes no difference.
If an endpoint has too many sub-requests in flight, it just waits before being able to make the next request. This provides a good feedback for our developers about the complexity of the work before the endpoint goes into production. Also, the fanout limit can be hand-tweaked for specific cases in production, where we absolutely need to fetch a lot of data, and a higher number of parallel requests speeds up that fetching process.
We also have a tool for automated documentation of new endpoints. It is called datafindr. It shows endpoints and typed resources, and example calls to them, based on a nightly snapshot of the API landscape.
Writing new endpoints is easy in our framework, but decommissioning existing endpoints is hard. How can we find out whether an existing endpoint is still being used?
Right now we don’t have such a tool, and to decommission an existing endpoint, we have to explicitly log whether that specific endpoint is called, and wait for an uncertain period of time, until we feel confident enough to decide that no one is using it any more. However, in theory it should be possible to develop a tool that monitors which endpoints become inactive, and how long we have to wait to gain a statistically significant confidence of it being out of use and safe to remove.
This is the second post in a series of three about Etsy’s API, the abstract interface to our logic and data. The next post will be published in two weeks, and will cover the adoption process of the new API platform among Etsy’s developers. How do you make an organization switch to a new technology and how did this work in the case of Etsy’s API transformation?
September 26, 2016
For Immediate Release
OTTAWA – Today, the BC Civil Liberties Association (BCCLA) and Canadian Association of Refugee Lawyers (CARL) launched a legal challenge to protect the rights of Canadians facing revocation of their Canadian citizenship due to allegations of misrepresentation. The organizations argue that any Canadian facing the loss of their citizenship must have a full and fair opportunity to defend themselves in a hearing. However, this long-standing right to a hearing was taken away by the last government in Bill C-24.
Since it took office, the current government has set targets and initiated revocation proceedings to strip citizenship from between 40 and 60 Canadians per month, despite the fact that it denounced citizenship revocations by the Minister alone, without a hearing, as “dictatorial” while in opposition.
In a legal action filed with the Federal Court today, the BCCLA and CARL argue that the revocation regime created by the former government is procedurally unfair and violates the Charter rights of Canadians.
The process gives Canadians who are being stripped of their citizenship no right to an oral hearing, no right to have their case decided by an independent decision-maker, and no right to disclosure of relevant materials that would allow them to know the case against them. In addition, they have no opportunity to argue why they should not be stripped of their citizenship for humanitarian or compassionate reasons. (Note to editors: Examples of the injustice caused by this unfair process are described below.)
“People facing such a severe consequence – the loss of their Canadian citizenship – should be entitled to basic procedural protections as a matter of fairness” says Josh Paterson, BCCLA Executive Director. “Instead, the government is pressing ahead and revoking citizenships under a process it has publicly acknowledged is unfair. People are losing their citizenship and could face deportation to countries they barely know without ever having a chance to defend themselves in front of an independent decision-maker. This flies in the face of Canadians’ Charter rights and must stop immediately.”
Paterson added: “In Canada, if we get a parking ticket, we can get a court hearing to defend ourselves. But if the government accuses a Canadian of lying and tries to take away their citizenship, they get no hearing and no opportunity to fully defend themselves. Even the person’s kids who grew up here could lose their citizenship, even though they were not at fault. That is absurd, and completely unjust.”
In addition to publicly acknowledging the unfairness of the process while in opposition, the government has also made a public commitment to change the process and create a right to an appeal. In light of this, the BCCLA and CARL requested that the government impose a voluntary moratorium on revocations in the meantime, but the government refused.
“We are baffled by the government’s intransigence on this issue” stated Lorne Waldman, lawyer for the organizations and an executive member of CARL. “A permanent resident subject to deportation for misrepresentation has a right to a hearing and an appeal at the Immigration Appeal Division – it makes no sense that a citizen whose citizenship is being revoked has fewer rights than a permanent resident being stripped of their status. In either situation, an individual should have a right to a fair hearing. Instead, we have a single government official acting as investigator, prosecutor, and decision-maker. This is unjust and contrary to Canadians’ expectations that decisions with significant ramifications for human rights will be made in a fair and transparent manner.”
Earlier this year, the Federal Court issued a temporary stay of proceedings in a number of revocation cases, finding that there is a serious issue with the constitutionality and validity of the revocation process. Individuals able to retain lawyers have been able to get stays of their own cases on the basis of this precedent, but many individuals are unable to retain counsel and are slipping through the cracks. There is no legal aid funding available for these types of cases. BCCLA and CARL stated that that is why they decided to take legal action.
The organizations do not object to the government having the power to revoke citizenship that was acquired on the basis of misrepresentation, but state that citizens must have the right to challenge the revocation in a fair judicial hearing process.
MEDIA CONTACT:
Charlotte Kingston, Director of Community Engagement, charlotte@bccla.org
Personal stories of Canadians affected by these revocations
Example 1
Ms. A came to Canada from Iran in her early 20s. She had been married to someone considerably older than her in her home country. She alleges that he raped and abused her. She left him and fled to Canada. Considering herself single, she did not declare the marriage on her application for permanent residence. The government is now claiming that she misrepresented her marital status and is seeking to revoke her Canadian citizenship. If they are successful, she will become a foreign national and face deportation to her home country, where her abusive ex-spouse continues to reside. She has family in Canada who are also Canadian citizens and she does not want to be separated from them.
QUOTE: “I fled an abusive marriage and considered myself single when I arrived in Canada. Now my citizenship could be revoked because the government says I did not state that I was married. I was coming to Canada, in part, to get away from my abuser so I’m terrified I could be deported back to the country where my abuser lives and have to leave my Canadian family behind. But the government isn’t willing to factor any of these humanitarian considerations into their decision, and there’s no other decision-maker I can appeal to.” – Ms. A, a Canadian citizen who wishes to remain anonymous
Example 2:
Mr.H became a Canadian citizen in 2006. He was first served with a revocation notice in 2012. The government alleges that Mr. H spent too much time outside of Canada to qualify for citizenship, but Mr. H claims it is a misunderstanding and can explain the discrepancies in his travel documents. As was his right under the process that was in place when he received the revocation notice in 2012, Mr. H asked that his case be referred to the Federal Court. However, the government took no further action on his case until July 2015, just weeks after Bill C-24 came into effect. The government now claims they can process his revocation according to the new procedure, under which he has no right to take his case to the Federal Court to correct the misunderstanding.
QUOTE: “I can explain the things the government believes are “misrepresentations” in my case, and I fully intended to do so back in 2012 when I was first served with the revocation notice. That’s why I asked for a referral of my case to the Federal Court. But then the government refused to do anything with my case for over three years. This caused me and my family considerable distress and suffering while we wondered what would happen. In 2015, the government created a new process that stripped me of my right to explain myself to an independent decision-maker, and then they reactivated my case. I just want to explain myself to someone impartial who will listen.” – Mr.H
Example 3
Ms. B is an Egyptian national and became a Canadian citizen when she was eight years old. Because she was a minor, her citizenship was processed under her mother’s citizenship application. In September 2015, when Ms. B was 18 years old and no longer a minor, immigration authorities (“CIC”) served her parents with notice of their intention to revoke her and her family’s citizenships on the basis of misrepresentation. Ms. B. was never served with these documents, and her parents did not tell her about the notice. Although she was an adult, her parents made representations on her behalf to CIC, without telling her, but her citizenship was revoked in December, 2015. She didn’t find out until January, 2016. Ultimately, because it had failed to serve her, the Minister withdrew its revocation decision against her and issued a new notice of intention to revoke her citizenship in March, 2016. Ms. B is an a student at a Canadian university and has always considered herself first and foremost a Canadian. She has never lived in Egypt and does not speak the Egyptian dialect. She never made any misrepresentations herself, but is facing the loss of her Canadian citizenship because of her parents’ alleged misrepresentations.
QUOTE: “I was completely shocked when I learned that Canada had revoked my citizenship without even hearing from me. I didn’t think such a thing could happen here. As a kid, I was always under my parents’ control, and my father was always the decision-maker in our family. But I felt safe and secure knowing that once I was 18, I would have the right to make my own decisions as an adult. I identify with Canadian democratic values and culture and always dreamed of building a life for myself in this country. I made a decision to go to school in Canada, away from my parents, to pursue my goal of becoming a teacher and contributing to Canadian society in a meaningful way. I want to continue living here in Canada, where my fundamental rights as a woman are protected by the Canadian Constitution. I now feel very vulnerable. I do not feel I can safely return to and reside in Egypt, given all of the instability and insecurity in that region.” – Ms. B, a Canadian citizen who prefers to remain anonymous
Example 4
Mr. C and his family, including parents and two brothers, were landed as permanent residents of Canada in 1997, when Mr. C had just turned 2 years old. Since then, he has spent his entire life in Canada, gone to school, graduated and started a successful career. He has little connection to his parents’ home country. About six months ago, all five family members were served notices of intent to revoke citizenship based on an allegation the father had not disclosed a minor criminal conviction in their home country on their original permanent residence application over 20 years ago. At the time of the alleged misrepresentation, Mr. C would have been about nine months old. Now, the entire family faces loss of citizenship, automatic loss of their permanent resident status, and removal without access to even an administrative hearing or any mechanism whereby humanitarian and compassionate circumstances can be taken into consideration by any decision-maker. Further, it’s clear from the notice itself that the Minister was apprised of the failure to mention the prior criminal conviction over a decade ago but decided not to pursue it until the laws recently changed to make the revocation process easier.
QUOTE: “I’m shocked that I could lose my Canadian citizenship on the basis of something my father allegedly did when I wasn’t even a year old. I have made my home and my life in Canada – it’s the only country I’ve ever known. But that doesn’t matter under this unfair process. The humanitarian and compassionate reasons for letting me stay are considered irrelevant.”
Example 5
Mr. Z became a Canadian citizen in 2006. At his citizenship interview, he states that he explained all of his absences from Canada. The immigration officer checked his passports and confirmed that he had completed the required number of days of residence. However, he received a revocation notice in July 2015 alleging that he had been out of the country for longer than he had claimed on his citizenship application. Mr. Z presented evidence regarding what happened at his citizenship interview and argued that the evidence, which was accepted by the government, contradicted the allegations in the revocation notice. Despite this, the government revoked his citizenship without even giving him an oral hearing to explain himself.
QUOTE: “I was devastated when I was told that the government was trying to revoke my citizenship. The allegations against me are not true and I have not been given an opportunity to explain! Under the new system, I have no option of going before an independent decision maker. I feel helpless.” – Mr. Z
No Centauri Dreams posts this week — I’ll be back next Monday. I’ve been running hard and it’s time for a break. I’ll keep up with comment moderation as best I can, though I’m going to be trying to catch up with many long overdue commitments outside the interstellar field in coming days. As always, thanks to all for the continuing support. See you soon!
Comet dust particles may be small, but they come in large numbers. COSIMA Principal Investigator Martin Hilchenbach shares some impressive facts about the instrument’s performance, and reflects on the personal highlights of the team during Rosetta’s mission.
Rosetta’s dust analysing instrument COSIMA (COmetary Secondary Ion Mass Analyser) has had a busy two years at Comet 67P/Churyumov-Gerasimenko: 31 000 dust particles collected at the last count (mid-August 2016). And as Martin puts it “..which are soon to be returned to the surface of the comet!”
Impressively, one single COSIMA team member, Sihane Merouane, identified and labelled all imaged particles and compiled the archive list, and 6053 particles now have proper names – the first assignments given for COSIMA and the wider Rosetta team members and their families. According to Martin, it would take around five hours to read out the list of names assigned to the particles on just one target. There have been 21 targets in total exposed.
Meet some of the COSIMA grain family! The target plate measures 1cm across, and shows dust grains collected between 11 August and 12 December 2014. Credits: ESA/Rosetta/MPS for COSIMA Team MPS/CSNSM/UNIBW/TUORLA/IWF/IAS/ESA/BUW/MPE/LPC2E/LCM/FMI/UTU/LISA/UOFC/vH&S.
And these targets are small – just one centimetre square each. Of course, the comet dust is even smaller; COSIMA is optimized to study particles a few tens to hundreds of micrometres in size – although the largest particle imaged by COSIMA exceeded 2 mm!
The grains were identified in 9522 snapshots made by the COSIMA microscope, and selected grains were analysed with a secondary ion mass spectrometer. That is, they were fired at with a beam of indium ions, sparking individual ions (secondary ions) from their surfaces, which were then analysed by the mass spectrometer. This process reveals the composition of the grains, which in turn contributes to our understanding about the composition of the primordial matter from the early Solar System.
While at Comet 67P/C-G COSIMA fired its ion beam 8 billion times, resulting in the detection of 35 million silicon secondary ions, 2.8 million carbon ions, 13 million sodium ions and 1 million magnesium ions, as well as generating 34 595 secondary ion mass spectra.
Martin notes: “We had to take a break with these particular measurements after 3 770 secondary mass spectra, between mid autumn 2014 and spring 2015, in order to restore the primary ion gun subsystem which operated outside of the nominal operational parameters. Thanks to the outstanding achievements of Andreas Koch, Laurent Thirkell, Jouni Rynö and Henning Fischer, we could continue using the gun and collected a further 30,825 mass spectra.”
Reflecting on how the team’s personal lives have evolved over the course of the mission, Martin notes that 7 team members and their spouses have collectively had 12 babies since Rosetta launched in 2004. He also notes that all the software written for the COSIMA development, testing, operation and archiving since 1998 has spanned 12 programming languages, more languages than spoken by the 59-strong COSIMA team.
For the software savvy readers amongst you, the 12 programming languages and the number of lines written in each are as follows:
(That’s a total of 245 841 total lines of software code since 1998!)
Programming is not the only thing that happens on Earth while COSIMA is busy collecting dust. The COSIMA team have prepared and worked with 304 reference model test targets for secondary ion yield calibrations as well as instrument parameter fine tuning, and the vacuum pumps of the COSIMA reference model has operated for 102,720 hours.
Like many of Rosetta’s instruments, COSIMA was on the drawing board from an early stage. Martin recalls: “One team member was already involved with Rosetta and COSIMA in 1984, in the very first meeting of the science study team of what was then the “Comet Nucleus Sample Return” cornerstone mission of the newly defined Horizon 2000 program of ESA. In the early 1990s, the mission evolved into a comet rendezvous mission dedicated to the characterisation of cometary material. One of the key arguments at that time was that if we could not bring cometary samples back to the laboratory on Earth, then we should take key laboratory instruments to the comet. COSIMA, along with many other instruments, was already part of the discussion then, and we’re very happy with how it’s all worked out!”
On summing up the highlights of COSIMA’s discoveries, Martin concludes: the tiny bits and pieces of dust particles collected in the coma of Comet 67P/C-G revealed their heterogeneous composition, their fragility and their close family relation to interplanetary dust particles.
This post is part of a series that looks behind the scenes of the instrument teams to find out what it was really like "living with a comet" for two years.
COSIMA stories featured on this blog
Profiling COSIMA's dust grain family
First release of Rosetta comet phase data from four orbiter instruments
COSIMA: Meet the family
COSIMA watches comet shed its dusty coat
COSIMA detects sodium and magnesium in a dust grain called Boris
COSIMA catches cosmic dust
COSIMA checked out and ready for collecting comet dust
Rosetta’s Grain Impact Analyser and Dust Accumulator GIADA has detected and measured the properties of some 6650 comet dust particles. Principal Investigator Alessandra Rotundi reports on the “beautiful results” that her team’s instrument has collected at Comet 67P/Churyumov-Gerasimenko.
GIADA has been on since May 2014, and we caught the first dust grain on 1 August 2014. The first love is never forgotten! It was the most exciting measurement, and such an emotion! I cannot say that it was unexpected, though; we actually estimated that we’d start detecting dust in that period, and in particular, one of the GIADA Co-Investigators (Eberhard Grün) foresaw exactly 1 August as the starting point for our dust detections!
Since then GIADA has collected 6650 dust particles. For 4825, the cross-sections are known, and for 1825, the momentum, mass and speed are also known. Among this group we also know the cross-section for 307 particles. We always hope for combined particle detections by the GDS (Grain Detection System) and the IS (Impact Sensor) subsystems because these combined detections provide the greatest number of information for individual dust particle, i.e. the momentum, the speed, the mass, the optical cross section and the density.
We’re very happy with what we’ve achieved, but of course there were times where we could not collect any dust due to routine operational activities of the spacecraft and when we were very far from the comet for spacecraft safety reasons. For example, there were times when we had to close the cover to protect the sensitive instrument interior during cruise phase, during the approach manoeuvres, and 22 times during our time at the comet. We also had to switch off the GDS laser subsystem 47 times for safety reasons, for example when the spacecraft was pointed (for the benefit of other instrument measurements) such that sunlight would be shining directly into the laser curtain of the instrument. This action prevented overheating of the lasers and saturating the GDS subsystem, effectively making it blind.
At some point we also noticed a critical increase in ‘noise’ recorded by GDS: it was due to the dust deposited on the optics. To fix this issue we had to send software patches to increase the subsystem's noise thresholds in order to be able to continue our observations. This operation was performed four times and always with success.
Aside from that very first dust collection, two other events stand out as being particularly exciting for us. Without doubt one was the outburst on 19 February 2016 – the GIADA ‘events’ were the first clue that something interesting had happened, and what resulted in us alerting the other instrument teams to see what corresponding data they had collected.
The core GIADA team. Image courtesy: A. Rotundi
There was another exciting event only a couple of weeks ago: on 5 September. A huge dust event was registered, and had in just a few hours about one-third of the combined GDS-IS events detected during the whole scientific phase! It’s going to be very interesting to analyse this data set – a first look suggests it is quite different to what we’ve seen before, so this will make for an interesting story (stay tuned!)
Of course, we are also looking forward to the end of mission descent, where we hope to collect even more interesting data.
Taking stock of the instrument performance over the lifetime of the mission I have to say that GIADA behaved greatly; we have really beautiful results and are exploiting the data to reach results well beyond what we had nominally expected.
This post is part of a series that looks behind the scenes of the instrument teams to find out what it was really like "living with a comet" for two years.
Blog posts featuring GIADA results:
Rosetta captures comet outburst
GIADA investigates comet's "fluffy" dust grains
GIADA's dust measurements: 3.7-3.4 AU
Getting to know Rosetta's comet – Science special edition
GIADA tracks the dust
GIADA "touches" the comet!
GIADA set to analyse comet dust
This image of Saturn could not have been taken from Earth.
After a fun discussion with Mr. JJ Asghar, I wrote up a mini-tutorial on getting Emacs to do some of the heavy typing for you when you create a new file... you know, boilerplate needed when creating a new file of a particular type.
My tutorial covers and integrates the auto-insert feature and the
yasnippet template system.
Our drive went nicely and we are already about halfway to our next drill site! Our original plan to head toward an outcrop called “Karasburg” had to be changed because it turned out to be covered in sand and not very steep, making it a less-desirable science target. So instead we are heading toward a location where (we hope) the stratigraphy will be better-exposed.
For this weekend’s plan, we start out on sol 1470 with a Navcam dust devil search and atmospheric observation, plus ChemCam of the targets “Chiagne,” “Chibemba,” and “Chibanda.” Mastcam will document those three targets, as well as the location of the automated ChemCam observation that was collected after yesterday’s drive. Mastcam also has three mosaics: a 6×3 of the Karasburg outcrop, a 4×1 of a location called “Longojo,” and a 5×2 extension of the drive direction mosaic.
On Sol 1471, we will do a wheel checkup with MAHLI and then drive, followed by the usual post-drive imaging. On Sol 1472 we have another AEGIS automated ChemCam observation, a couple of Mastcam atmospheric observations, and ChemCam calibration targets.
Dates of planned rover activities described in these reports are subject to change due to a variety of factors related to the martian environment, communication relays and rover status
Rick, the real person on whom the character is based, has only ever had two complaints about the comic. One is that he doesn’t like it when the character Rick wins, like he does here. He feels that it is not in keeping with the totally fictional character I created (by pretty much watching him live his life and taking notes).
His other complaint was when I once referred to him as having a defeatist attitude. He called me, more than a little irritated, and said, “I’m not a defeatist. I’m just profoundly negative.”
You can comment on this comic on Facebook.
As always, thanks for using my Amazon Affiliate links (US, UK, Canada).
Provisions of C-24 that allow citizenship stripping for misrepresentation without a fair hearing are unconstitutional, argue legal groups
(Le français suit)
Attention News Editors:
TOMORROW: Media are invited to a press conference on Monday, September 26 at 11:00am Eastern
What: Press conference to announce filing of lawsuit.
When: TOMORROW, Monday, Sept 26, 2016 at 11:00 am ET
Who: Lorne Waldman, counsel
Josh Paterson, Executive Director, BC Civil Liberties Association
Chantal Tie, executive member, Canadian Association of Refugee Lawyers
Where: Charles Lynch Press Conference Room, Centre Block, Parliament Buildings, Ottawa
Commentaires disponibles en français.
MEDIA CONTACT
Charlotte Kingston, charlotte@bccla.org
AVIS AUX MÉDIAS : FAUSSES DÉCLARATIONS POUR OBTENIR LA CITOYENNETÉ – contestation juridique
La loi qui permet la révocation de citoyenneté sans une audience juridique est inconstitutionnelle, déclare l’ALCCB et l’ACAADR
Le dimanche, 25 septembre, 2016
À l’attention des chefs de la rédaction :
DEMAIN :
Quoi : Une conférence de presse pour annoncer le dépôt de la poursuite
Quand : DEMAIN, lundi 27 sept 2016 à 11 h 00 HE
Qui : Lorne Waldman, avocat
Josh Paterson, directeur-général, Association des libertés civiles de la Colombie-Britannique
Chantal Tie, membre du conseil exécutif de l’Association canadienne des avocats et avocates en droit des réfugiés
Où : Salle de conférence de presse Charles-Lynch, Édifice du centre, Colline parlementaire, Ottawa
PERSONNES-RESSOURCES POUR LES MÉDIAS
Charlotte Kingston, Charlotte@bccla.org
Following on from my post on using C-x k to kill the current buffer, why not bind C-x w to delete-frame in order close the current emacs “window” (remember, in Emacs-speak, a frame is what most other apps would call a window). This is way better than the default C-x 5 0
Just add the following to your emacs config file
(global-set-key (kbd "C-x w") 'delete-frame)
September 2016 Observer’s Challenge is NGC 7009, better known as the Saturn Nebula. The following are observations by Jaakko Saloranta of Finland and Dr. James Dire of Hawaii.
The complete Observer’s Challenge will be posted when all reports are received, compiled and edited. Roger Ivester
By Jaakko Saloranta
4.7-inch Sky-Watcher @ 228x
Very bright, E-W elongated blue disk visible even with a pair of 8×30 binoculars. Fairly obvious ring structure with two faint extensions visible on both sides of the disk. Central star is buried inside the high surface brightness halo and remains invisible.
4.7-Inch Sky-Watcher @ 228x
Very bright, E-W elongated blue disk visible even with a pair of 8×30 binoculars. Fairly obvious ring structure with two faint extensions visible on both sides of the disk. Central star is buried inside the high surface brightness halo and remains invisible.
22-Inch Capella @ 1058x (observing from California.)
A breathtaking view. Central star is surrounded by a complex, mottled elliptical ring with knots (W bigger) at both ends. Outer halo is more round, with a brightening in the NW edge.
A breathtaking view. Central star is surrounded by a complex, mottled elliptical ring with knots (W bigger) at both ends. Outer halo is more round, with a brightening in the NW edge.
Pencil sketch by Jaakko with the colors inverted:
NGC 7009 – The Saturn Nebula
By Dr. James R. Dire
The Saturn Nebula, a.k.a NGC7009, is located in Aquarius, just north of the constellation Capricornus. The nebula lies approximately six degrees due north of the star Theta Capricorni (mag 4.1), and one and one-third degree due west of the star Nu Aquarii (mag. 4.5). The nebula also resides within a couple of degrees of both M72 and M73!
NGC7009 is a planetary nebula. The nebula was formed when its host star shed a good amount of its gas when is evolved into a red giant star. The star then evolved into a white dwarf that now resides inside the planetary nebula. Planetary nebulae got their name because at the eyepiece so many of them have the blue color and disk appearance of the planets Uranus and Neptune. In the case of NGC7009, it received its common name, the Saturn Nebula, due to a bar-like feature that resembles Saturn’s rings. However, NGC7009 and all other planetary are not really planets.
In the eyepiece at low power, NGC7009 appear blue and round, almost star-like. A magnification of 100 is required to resolve it into a disk and even higher power is required to see its ring-like bar. The nebula is around 30 arc-sec in size and is magnitude 7.8
My image of NGC7009 was taken earlier this month (Sept. 2016) with a Discovery 10-inch f/6 Newtonian with a Televue Paracorr II coma corrector mounted on a Paramount ME German equatorial (http://www.astrojim.net/KCC%20Observatory.html). I used an SBIG ST-2000XCM CCD camera and the exposure was one hour. The hour-long exposure was necessary to bring out the bar-like feature in the nebula. The brightest star in the image is magnitude 10. JD
I manage to avoid a topic this week, really. That’s good!
#! magic, details about the shebang/hash-bang mechanism on various Unix flavours. (via)John Gilmore, an American entrepreneur and civil libertarian, once famously quipped that “the Internet interprets censorship as damage and routes around it.” This notion undoubtedly rings true for those who see national governments as the principal threats to free speech.
However, events of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely potent cyber weapons with transnational reach.
More than 20 years after Gilmore first coined that turn of phrase, his most notable quotable has effectively been inverted — “Censorship can in fact route around the Internet.” The Internet can’t route around censorship when the censorship is all-pervasive and armed with, for all practical purposes, near-infinite reach and capacity. I call this rather unwelcome and hostile development the “The Democratization of Censorship.”
Allow me to explain how I arrived at this unsettling conclusion. As many of you know, my site was taken offline for the better part of this week. The outage came in the wake of a historically large distributed denial-of-service (DDoS) attack which hurled so much junk traffic at Krebsonsecurity.com that my DDoS protection provider Akamai chose to unmoor my site from its protective harbor.
Let me be clear: I do not fault Akamai for their decision. I was a pro bono customer from the start, and Akamai and its sister company Prolexic have stood by me through countless attacks over the past four years. It just so happened that this last siege was nearly twice the size of the next-largest attack they had ever seen before. Once it became evident that the assault was beginning to cause problems for the company’s paying customers, they explained that the choice to let my site go was a business decision, pure and simple.
Nevertheless, Akamai rather abruptly informed me I had until 6 p.m. that very same day — roughly two hours later — to make arrangements for migrating off their network. My main concern at the time was making sure my hosting provider wasn’t going to bear the brunt of the attack when the shields fell. To ensure that absolutely would not happen, I asked Akamai to redirect my site to 127.0.0.1 — effectively relegating all traffic destined for KrebsOnSecurity.com into a giant black hole.
Today, I am happy to report that the site is back up — this time under Project Shield, a free program run by Google to help protect journalists from online censorship. And make no mistake, DDoS attacks — particularly those the size of the assault that hit my site this week — are uniquely effective weapons for stomping on free speech, for reasons I’ll explore in this post.
Google’s Project Shield is now protecting KrebsOnSecurity.com
Why do I speak of DDoS attacks as a form of censorship? Quite simply because the economics of mitigating large-scale DDoS attacks do not bode well for protecting the individual user, to say nothing of independent journalists.
In an interview with The Boston Globe, Akamai executives said the attack — if sustained — likely would have cost the company millions of dollars. In the hours and days following my site going offline, I spoke with multiple DDoS mitigation firms. One offered to host KrebsOnSecurity for two weeks at no charge, but after that they said the same kind of protection I had under Akamai would cost between $150,000 and $200,000 per year.
Ask yourself how many independent journalists could possibly afford that kind of protection money? A number of other providers offered to help, but it was clear that they did not have the muscle to be able to withstand such massive attacks.
I’ve been toying with the idea of forming a 501(c)3 non-profit organization — ‘The Center for the Defense of Internet Journalism’, if you will — to assist Internet journalists with obtaining the kind of protection they may need when they become the targets of attacks like the one that hit my site. Maybe a Kickstarter campaign, along with donations from well-known charitable organizations, could get the ball rolling. It’s food for thought.
Earlier this month, noted cryptologist and security blogger Bruce Schneier penned an unusually alarmist column titled, “Someone Is Learning How to Take Down the Internet.” Citing unnamed sources, Schneier warned that there was strong evidence indicating that nation-state actors were actively and aggressively probing the Internet for weak spots that could allow them to bring the entire Web to a virtual standstill.
“Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services,” Schneier wrote. “Who would do this? It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that.”
Schneier continued:
“Furthermore, the size and scale of these probes — and especially their persistence — points to state actors. It feels like a nation’s military cyber command trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.”
Whether Schneier’s sources were accurate in their assessment of the actors referenced in his blog post is unknown. But as my friend and mentor Roland Dobbins at Arbor Networks eloquently put it, “When it comes to DDoS attacks, nation-states are just another player.”
“Today’s reality is that DDoS attacks have become the Great Equalizer between private actors & nation-states,” Dobbins quipped.
What exactly was it that generated the record-smashing DDoS of 620 Gbps against my site this week? Was it a space-based weapon of mass disruption built and tested by a rogue nation-state, or an arch villain like SPECTRE from the James Bond series of novels and films? If only the enemy here was that black-and-white.
No, as I reported in the last blog post before my site was unplugged, the enemy in this case was far less sexy. There is every indication that this attack was launched with the help of a botnet that has enslaved a large number of hacked so-called “Internet of Things,” (IoT) devices — mainly routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords. Most of these devices are available for sale on retail store shelves for less than $100, or — in the case of routers — are shipped by ISPs to their customers.
Some readers on Twitter have asked why the attackers would have “burned” so many compromised systems with such an overwhelming force against my little site. After all, they reasoned, the attackers showed their hand in this assault, exposing the Internet addresses of a huge number of compromised devices that might otherwise be used for actual money-making cybercriminal activities, such as hosting malware or relaying spam. Surely, network providers would take that list of hacked devices and begin blocking them from launching attacks going forward, the thinking goes.
As KrebsOnSecurity reader Rob Wright commented on Twitter, “the DDoS attack on @briankrebs feels like testing the Death Star on the Millennium Falcon instead of Alderaan.” I replied that this maybe wasn’t the most apt analogy. The reality is that there are currently millions — if not tens of millions — of insecure or poorly secured IoT devices that are ripe for being enlisted in these attacks at any given time. And we’re adding millions more each year.
I suggested to Mr. Wright perhaps a better comparison was that ne’er-do-wells now have a virtually limitless supply of Stormtrooper clones that can be conscripted into an attack at a moment’s notice.
A scene from the 1977 movie Star Wars, in which the Death Star tests its firepower by blowing up a planet.
The problem of DDoS conscripts goes well beyond the millions of IoT devices that are shipped insecure by default: Countless hosting providers and ISPs do nothing to prevent devices on their networks from being used by miscreants to “spoof” the source of DDoS attacks.
As I noted in a November 2015 story, The Lingering Mess from Default Insecurity, one basic step that many ISPs can but are not taking to blunt these attacks involves a network security standard that was developed and released more than a dozen years ago. Known as BCP38, its use prevents insecure resources on an ISPs network (hacked servers, computers, routers, DVRs, etc.) from being leveraged in such powerful denial-of-service attacks.
Using a technique called traffic amplification and reflection, the attacker can reflect his traffic from one or more third-party machines toward the intended target. In this type of assault, the attacker sends a message to a third party, while spoofing the Internet address of the victim. When the third party replies to the message, the reply is sent to the victim — and the reply is much larger than the original message, thereby amplifying the size of the attack.
BCP38 is designed to filter such spoofed traffic, so that it never even traverses the network of an ISP that’s adopted the anti-spoofing measures. However, there are non-trivial economic reasons that many ISPs fail to adopt this best practice. This blog post from the Internet Society does a good job of explaining why many ISPs ultimately decide not to implement BCP38.
Fortunately, there are efforts afoot to gather information about which networks and ISPs have neglected to filter out spoofed traffic leaving their networks. The idea is that by “naming and shaming” the providers who aren’t doing said filtering, the Internet community might pressure some of these actors into doing the right thing (or perhaps even offer preferential treatment to those providers who do conduct this basic network hygiene).
A research experiment by the Center for Applied Internet Data Analysis (CAIDA) called the “Spoofer Project” is slowly collecting this data, but it relies on users voluntarily running CAIDA’s software client to gather that intel. Unfortunately, a huge percentage of the networks that allow spoofing are hosting providers that offer extremely low-cost, virtual private servers (VPS). And these companies will never voluntarily run CAIDA’s spoof-testing tools.
CAIDA’s Spoofer Project page.
As a result, the biggest offenders will continue to fly under the radar of public attention unless and until more pressure is applied by hardware and software makers, as well as ISPs that are doing the right thing.
How might we gain a more complete picture of which network providers aren’t blocking spoofed traffic — without relying solely on voluntary reporting? That would likely require a concerted effort by a coalition of major hardware makers, operating system manufacturers and cloud providers, including Amazon, Apple, Google, Microsoft and entities which maintain the major Web server products (Apache, Nginx, e.g.), as well as the major Linux and Unix operating systems.
The coalition could decide that they will unilaterally build such instrumentation into their products. At that point, it would become difficult for hosting providers or their myriad resellers to hide the fact that they’re allowing systems on their networks to be leveraged in large-scale DDoS attacks.
To address the threat from the mass-proliferation of hardware devices such as Internet routers, DVRs and IP cameras that ship with default-insecure settings, we probably need an industry security association, with published standards that all members adhere to and are audited against periodically.
The wholesalers and retailers of these devices might then be encouraged to shift their focus toward buying and promoting connected devices which have this industry security association seal of approval. Consumers also would need to be educated to look for that seal of approval. Something like Underwriters Laboratories (UL), but for the Internet, perhaps.
As much as I believe such efforts could help dramatically limit the firepower available to today’s attackers, I’m not holding my breath that such a coalition will materialize anytime soon. But it’s probably worth mentioning that there are several precedents for this type of cross-industry collaboration to fight global cyber threats.
In 2008, the United States Computer Emergency Readiness Team (CERT) announced that researcher Dan Kaminsky had discovered a fundamental flaw in DNS that could allow anyone to intercept and manipulate most Internet-based communications, including email and e-commerce applications. A diverse community of software and hardware makers came together to fix the vulnerability and to coordinate the disclosure and patching of the design flaw.
In 2009, Microsoft heralded the formation of an industry group to collaboratively counter Conficker, a malware threat that infected tens of millions of Windows PCs and held the threat of allowing cybercriminals to amass a stupendous army of botted systems virtually overnight. A group of software and security firms, dubbed the Conficker Cabal, hashed out and executed a plan for corralling infected systems and halting the spread of Conficker.
In 2011, a diverse group of industry players and law enforcement organizations came together to eradicate the threat from the DNS Changer Trojan, a malware strain that infected millions of Microsoft Windows systems and enslaved them in a botnet that was used for large-scale cyber fraud schemes.
These examples provide useful templates for a solution to the DDoS problem going forward. What appears to be missing is any sense of urgency to address the DDoS threat on a coordinated, global scale.
That’s probably because at least for now, the criminals at the helm of these huge DDoS crime machines are content to use them to launch petty yet costly attacks against targets that suit their interests or whims.
For example, the massive 620 Gbps attack that hit my site this week was an apparent retaliation for a story I wrote exposing two Israeli men who were arrested shortly after that story ran for allegedly operating vDOS — until recently the most popular DDoS-for-hire network. The traffic hurled at my site in that massive attack included the text string “freeapplej4ck,” a reference to the hacker nickname used by one of vDOS’s alleged co-founders.
Most of the time, ne’er-do-wells like Applej4ck and others are content to use their huge DDoS armies to attack gaming sites and services. But the crooks maintaining these large crime machines haven’t just been targeting gaming sites. OVH, a major Web hosting provider based in France, said in a post on Twitter this week that it was recently the victim of an even more massive attack than hit my site. According to a Tweet from OVH founder Octave Klaba, that attack was launched by a botnet consisting of more than 145,000 compromised IP cameras and DVRs.
I don’t know what it will take to wake the larger Internet community out of its slumber to address this growing threat to free speech and ecommerce. My guess is it will take an attack that endangers human lives, shuts down critical national infrastructure systems, or disrupts national elections.
But what we’re allowing by our inaction is for individual actors to build the instrumentality of tyranny. And to be clear, these weapons can be wielded by anyone — with any motivation — who’s willing to expend a modicum of time and effort to learn the most basic principles of its operation.
The sad truth these days is that it’s a lot easier to censor the digital media on the Internet than it is to censor printed books and newspapers in the physical world. On the Internet, anyone with an axe to grind and the willingness to learn a bit about the technology can become an instant, self-appointed global censor.
I sincerely hope we can address this problem before it’s too late. And I’m deeply grateful for the overwhelming outpouring of support and solidarity that I’ve seen and heard from so many readers over the past few days. Thank you.
Photographer Phyllis B. Dooney was introduced to East New York, a low-income Brooklyn neighborhood, by way of a marching band. Rather than running home to a traditional nuclear family, the students she photographed would spend evenings with their aunts, with their grandmothers, or shuttling between their mom’s and dad's separate houses or apartments. Communities like this are often condemned by the media as having broken homes. But Dooney wanted to explore what parenting, specifically fatherhood, really looked like when adults and children alike are grappling with "the long-term societal and psychological effects of mass incarceration, the War on Drugs and the 1980s crack epidemic, and frequent exposure to crime and trauma."
She interviewed and took portraits of these men in their homes, often with their children, and utilized camera obscuras to project the streets into their private spaces. "The men seen here expose how the 'deadbeat Dad' label—often stapled to the American inner-city Black man and men of color in particular—is a gross and counter-productive simplification," Dooney said.
After reading through the extensive comments on August’s ware, I’m not convinced anyone has conclusively identified the ware. I did crack a grin at atomicthumbs’ suggestion that this was a “mainboard from a Mrs. Butterworth’s Syrup of Things sensor platform”, but I think I’ll give the prize (please email me to claim it) once again to Christian Vogel for his thoughtful analysis of the circuitry, and possibly correct guess that this might be an old school laser barcode scanner.
The ware is difficult to evaluate due to the lack of a key component — whatever it is that mounts into the pin sockets and interacts with the coil or transformer near the hole in the center of the circuit board. My feeling is the placement of that magnetic device is not accidental.
A little bit of poking around revealed this short Youtube video which purports to demonstrate an old-school laser barcode mechanism. Significantly, it has a coil of similar shape and orientation to that of this ware, as well as three trimpots, although that could be a coincidence. Either way, thanks everyone for the entertaining and thoughtful comments!
Heart and Soul and Double Cluster
China’s first space station, Tiangong-1 or Heavenly Palace, is out of control and doomed to fall to Earth in the second half of 2017. Should you worry? Not really. Two-thirds of the planet is covered in water and much of the remainder is either uninhabited or thinly so, making the chance of any one individual being struck by debris exceedingly small.
Amateur satellite trackers speculated months ago that the 34-foot (10.4-meter) long module appeared to be in trouble. Chinese officials confirmed loss of contact with the station at a recent press conference but added that the most of the 18,600 pounds (9.3 U.S. tons) would burn up harmlessly in the atmosphere during re-entry. Wu Ping, deputy director of China’s manned space engineering office, stated that the country’s first space station had “comprehensively fulfilled its historical mission”.
Tiangong-1 was launched in 2011 as a demonstration that China was a player in space. Two manned Chinese spacecraft visited the station, the first in June 2012 with a crew that included that country’s first female astronaut, Liu Yang. A year later, another crew arrived to perform maintenance and conduct experiments.
Unlike the Russian Mir space station, which was brought down in a controlled manner using its propulsion system, the Heavenly Palace lacks such niceties and instead will re-enter “naturally”. Even a couple days before reentry, the best we’ll be able to do is predict its fall to within 6-7 hours with only a rough idea of the breakup zone. Based on Tiangong-1’s orbit, denser pieces of satellite hardware such as rocket engines could partially survive the plunge, landing anywhere within a wide band of latitude stretching from 43° North to 43° South.
Big birds like this one have come down before without incident. Witness the X-ray observatory ROSAT and Upper Atmosphere Research Satellite or UARS both of which fell and burned to pieces harmlessly in 2011. Tiangong-1 is a large object that will be tracked by radar installations around the world, so there’s no fear of losing sight of it. Matter of fact, as atmospheric drag slowly claws at the station, reducing its altitude, it will gradually become brighter and move faster across the sky as the months pass.
To keep an eye on it, head over to Chris Peat’s Heavens Above site, sign in with your location and then click the Tiangong-1 link in the left-hand column for a list of flyby times for your city. When you click on a particular time, a map will pop up showing you the satellite’s path across your local sky. Coolest!
From now till early October, northern hemisphere skywatchers can watch the doomed station zip across the dawn sky’s winter constellations. Then it disappears in daylight for a week or so until returning to the evening sky at mid-month. Don’t expect an object as bright as the International Space Station (ISS)! During a bright pass, Tiangong-1 shines at first magnitude (not bad – about as bright as Deneb in the Northern Cross) but more typically around the brightness of the Big Dipper stars. Like the ISS, it moves in an arc across the sky from west to east.
Watch the launch of Tiangong-2
With a forward look to developing new space technologies, China successfully launched its second space station into orbit on September 15. Tiangong-2 will dock with manned and cargo spacecraft and accommodate two taikonauts (Chinese astronauts) for up to a month. Future crews will conduct 14 science experiments to condition for longer space flights and habitation in microgravity.
As Tiangong-2 gets prepped, we’ll have lots of time to say farewell to the first Heavenly Palace by making a point to see it sail across the sky in the coming months.
I’ve started doing more of my blogging on Medium.com’s blogging platform. It’s just easier in terms of generating readership, commenting, recommendations etc. But I still will post links to those articles here, since this is sort of my digital home page.
People, Process, Tools…In That Order
In technology circles, we tend to solve our problems in a backwards fashion. We pick the technology, retrofit our process to fit with that technology, then we get people onboard with our newfound wizardry. But that’s exactly why so many technology projects fail to deliver on the business value they’re purported to provide. We simply don’t know what problem we’re solving for.
I just found a neat trick today i.e hiding uninteresting(temporary files like backup or autosave files, all files of a particular extension or a particular set of files which match a regexp) files in
dired-modeusingdired-x. Here’s how I did it in my.emacs:-
(use-package dired-x :config (progn (setq dired-omit-verbose nil) ;; toggle `dired-omit-mode' with C-x M-o (add-hook 'dired-mode-hook #'dired-omit-mode) (setq dired-omit-files (concat dired-omit-files "\\|^.DS_STORE$\\|^.projectile$"))))
There is also
dired-omit-extensionswhich can be used to hide all files of a particular extension.
[Editorial Note: Sorry about the lousy formatting. Org2blog is misbehaving again so I had to paste the HTML into the WordPress editor.]
Ben Maughan over at Pragmatic Emacs has a really nice tip. It's one of
those things that you (or at least I) don't think about but once you
see the tip, you think, “That's just what I need.” The idea is to kill
the current buffer without asking.
Maughan asks how many times you've called kill-buffer via
【Ctrl+x k】and wanted to kill some buffer other than the one you're in. I can't
ever remember doing that. Maughan provides a one line fix to your
init.el that will just delete the current buffer without asking.
Perfect.
If you think you'll sometimes want the old behavior and don't want to
remember kill-buffer, it's trivial to add a bit of Elisp that
calls kill-this-buffer unless the universal argument is provided in
which case it calls kill-buffer. Bind this to
【Ctrl+x k】 and you have the best of both worlds.
Here's some code that does that
(defun jcs-kill-a-buffer (askp) (interactive "P") (if askp (kill-buffer (funcall completing-read-function "Kill buffer: " (mapcar #'buffer-name (buffer-list)))) (kill-this-buffer))) (global-set-key (kbd "C-x k") 'jcs-kill-a-buffer)
Good Afternoon Esteemed Parenting Colleagues of the Internet,
If you have a moment, would you do me a favor and pop on over to Amazon to leave a review for the hilarious ILTKU book, “Parenting is Easy: You’re Probably Just Doing it Wrong”?
That is, if you own a copy of course!
If you don’t, would you pop on over to Amazon, purchase one, (or 12, totally your choice!), wait dutifully for its arrival, rejoice in its succinct and refreshing look at the trials of motherhood through the lens of modern marketing, and THEN leave a review?
You’re the best.
XOXO,
ILTKU
It’s the convention time of year!
Harvest Moon Eclipse
It's been a rough year for people who believe in free trade. In June, the UK decided to leave the European Union—the biggest free trade block in the world. A potential trade deal between the U.S. and Europe seems to be falling apart. And the Trans-Pacific Partnership — a trade deal between the U.S. and 10 other countries — has two very prominent opponents: Hillary Clinton and Donald Trump.
On today's show, we pack 240 years of trade history into 22 minutes. There's a Scotsman who was captured by gypsies (possibly), a man who dreamed of world peace (truly), and Robert Smith in the streets with revolutionaries (sort of).
Music: "Funky Festivities" and "Chilltown." Find us: Twitter/Facebook.
9())
Back in 2004 the Hubble Ultra Deep Field (UDF) images blew our minds. 10,000 galaxies visible in an otherwise empty region of sky 1/10th the diameter of the full moon. How’s that? If every fly-speck of sky is similarly jammed with stellar pinwheels, there must be billions of galaxies above us. And there are!
These spectacular pictures probed more deeply than ever before and revealed a menagerie of galaxies stretching back to less than a billion years after the Big Bang. The area was observed several times by Hubble and many other telescopes, resulting in the deepest view of the universe to date.
Now, international teams of astronomers have used the Atacama Large Millimeter/submillimeter Array (ALMA) in Chile to explore the same distant corner of sky in light redder than red and redder even than infrared. ALMA picks up the light emitted in the millimeter part of the spectrum between visible light and radio waves. Millimeter refers to the light’s wavelength, the distance between successive crests of a light wave. The rainbow palette of visible light is made of wiggle-shaped waves with crests separated by billionths of a meter. Comparatively huge millimeter-wide gulfs separate the crests of millimeter light.
These new ALMA observations are significantly deeper and sharper than previous surveys at millimeter wavelengths and clearly show how the rate of star formation in young galaxies is closely related to how massive a galaxy is. They also trace how much star-forming gas was available at different points in a galaxy’s lifetime, providing new insights into the “Golden Age” of galaxy formation approximately 10 billion years ago. Has Galactic Golden Age really been over for so long? Don’t worry. Thanks to the billions of years of travel time for Golden-agers’s light to reach us, we can still see them in their devil-may-care youth using scopes like the Hubble that see deeply across space.
Unlike visible light, millimeter light allows us to see the faint glow emitted from gas clouds and warm dust in galaxies in the early universe. ALMA observed the Hubble UDF for a total of around 50 hours. The study showed clearly for the first time that how massive a galaxy is is the best predictor of star formation rate back in the day. ALMA detected essentially all of the high-mass galaxies and virtually nothing else.
Jim Dunlop, lead author on the deep imaging paper, was ecstatic:
“This is a breakthrough result. For the first time we are properly connecting the visible and ultraviolet light view of the distant Universe from Hubble and far-infrared/millimeter views of the universe from ALMA.” Basically, he’s saying we’re seeing the deep universe in great detail in a much wider range of colors than ever before. Color or wavelength codes precious information about the composition and behavior of astronomical objects. The more colors we can add to the rainbow, the better. Besides millimeter waves, astronomers examine the sky in UV, infrared, radio, X-rays and even gamma rays.
The second team of astronomers used ALMA to conduct a deeper search across about one sixth of the total UDF image looking for cool gas and made a surprising discovery: a population of galaxies not clearly seen in any other deep survey of the sky. Some of the new ALMA observations were specifically tailored to detect galaxies that are rich in carbon monoxide, an indicator of regions ripe for star formation. These reservoirs of gas are often hard to spot with the Hubble, which lacks the ability to “see” its subjects in millimeter light. Like having a friend who has a different point of view to one’s own, ALMA can reveal the “missing half” of the galaxy formation and the evolution process.
“The new ALMA results imply a rapidly rising gas content in galaxies as we look back further in time,” said Manuel Aravena, lead author of two of the papers. “This increasing gas content is likely the root cause for the remarkable increase in star formation rates during the peak epoch of galaxy formation, some 10 billion years ago.”
You gotta have gas to get the car going. Galaxies need gas (mostly hydrogen, helium and a trace of heavier elements) to mold the stars that fill their guts and set their spiral arms aglitter. Our sun and solar system owe their existence to a long-dispersed gas cloud that gravitated together over 4.5 billion years ago. Life has given that chaotic molecular mess eyes to admire the wonder of it ever happening.
These new results are just the start of a series of future observations to probe the distant cosmos with ALMA. A planned 150-hour observing campaign to further illuminate the star-forming potential of the early universe is already in the works.
A Lego model of a giant space kraken destroying a Destroyer from Star Wars.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
“Sometimes after a long day at work, I just want to come home, put everyone in formal wear, and feed my toddler a salad on the table.”
WHERE: River Market, New Westminster – Main Hall.
WHEN: Friday October 21. 7:00pm to 10:00pm
COST: $12.00 – Includes entry and one drink ticket (12 oz beer)
Hear from a panel of local experts and enthusiasts of the craft beer industry in an open question and answer period. Whether you’re a homebrewer, an entrepreneur, a student, or you just enjoy drinking the stuff, bring your questions and thirst for great, local craft beer!
Gary Lohin – Local Legend and Brewmaster at Central City Brewers and Distillers
Alek Egi – Instructor at KPUs Diploma in Brewing and Brewing Operations program and former technologist at the Canadian Malting Barley Technical Centre (CMBTC)
Julian Zelazny – BJCP Master Beer Judge (The only person with that title in BC and one of the three in Canada!)
Zachari Turgeon – Lead scientist on yeast innovation at Bright Brewers Yeast Inc.
Carlos Mendes – Beer industry lawyer, contact lawyer for Richards Buell Sutton LLP Craft Beer Practice Group, Scout Magazine beer writer, writer of BC Beer Law blog
*Check back for updates!
cue Movie Voice Over Voice
They thought they knew PAM. They were wrong…
My long-dreaded PAM book is now available, in both print and ebook.
You can grab it at all the usual suspects–I mean, bookstores.
Here’s a tiny tip. By default C-x k runs the command kill-buffer which prompts you for which buffer you want to kill, defaulting to the current active buffer. I don’t know about you, but I rarely want to kill a different buffer than the one I am looking at, so I rebind C-x k to kill-this-buffer which just kills the current buffer without prompting (unless there are unsaved changes).
Just add this to your emacs config file
(global-set-key (kbd "C-x k") 'kill-this-buffer)
Ornithologists in the Czech Republic, a volcanic eruption in Costa Rica, protests in Charlotte, Oktoberfest in Munich, an elephant demolition crew in India, historic re-enactments in Poland and Australia, and much more.
This is the first of a series of blog posts that delve behind the scenes of Rosetta's instrument teams to find out what it was really like "living with a comet" for two years, with some impressive statistics collected along the way.
Tasked with collecting and scanning – in 3D – the comet’s smallest dust grains, Rosetta’s Micro-Imaging Dust Analysis System (MIDAS) also has one of the smallest teams: “1.2 people in the beginning”, says principal investigator Mark Bentley. But as ever with Rosetta, the numbers are big: after two years of science, Mark and his PhD student Thurid Mannel report on the highs and lows of the 52 million up-down motions of the MIDAS scanning tip.
Team MIDAS: Thurid Mannel (PhD student), Mark Bentley (PI), Harald Jeszenszky (technical manager), and Roland Schmied (postdoc) with the MIDAS Qualification Model (QM). Image courtesy G. Kargl.
Mark reflects on the post-hibernation period, the overall performance of the instrument, and lessons learned for a future MIDAS:
The early days of the mission, when we were first starting operations after hibernation exit in January 2014 were pretty crazy – mainly because we were a rather small team, approximately 1.2 people comprised of me and 20% of Harald's time (Harald is MIDAS technical manager). As such I was trying to juggle many hats, from high-level science planning, to very low-level telecommand hacking – and being a father to a 3-month-old! The learning curve was also pretty steep. Although I’d been using the Flight Spare for several years, figuring out how the planning system worked and playing with real data was a challenge – but lots of fun. The only worrying moment came during one of the interactive checkouts, when Harald and myself were at ESOC watching the data come down “live”, when I realised that a parameter that controlled one of the motors was set wrong. Knowing that there was, at this point, nothing that could be done, I simply had to wait and watch the telemetry come down, hoping I hadn’t broken MIDAS before we had even got to the comet… Fortunately the engineers did their jobs very well, and everything was fine.
Overall the instrument has performed extremely well, but there are always things that could be improved for the next version. One key problem is that we could only expose a target to space to collect dust OR scan a target with the microscope – not both together. Ultimately the comet was and is an unpredictable beast, and so apart from applying high level factors (e.g. closer=better) it was something of a guessing game deciding when to expose and when to scan. So I was extremely happy in February 2016 – already into the extended mission – when we happened to be exposing a target during a gas and dust outburst. Not only did this give us a target covered in dust, but many other instruments were observing at the same time, so we have started to weave a coherent story about this event and the dust we have been imaging. In fact we got so much dust on this target, that we basically stopped exposing and decided to focus our attention on this one target.
And we’re still trying to image as much as possible – and will be doing to until about 12 hours before the orbiter “lands” on the surface of Comet 67P on 30 September.
MIDAS works by collecting and then physically scanning grains with an Atomic Force Microscope. This uses a very fine tip, a bit like an old-fashioned record player needle, that is scanned over a particle. The deflection of the needle and therefore the height of the sample are measured to build up a 3D picture. This enables scientists to determine the structure of the particle, and thus gain insight into how it might have formed.
MIDAS PhD student Thurid Mannel joined the team as an intern in May 2014, and started her PhD in June 2016. Here she shares the frustrations that went alongside the most joyous moments of scientific discovery:
I think the most surprising observation was after nearly three months at the comet and not detecting anything, we then recorded an image so distorted that we barely realised it was a large dust particle that we were looking at!
Atomic force microscope topographic images of MIDAS particle E, a loosely packed ‘fluffy’ aggregate comprising many grains. (a) Overview image with a pixel resolution of 210 nm and a colour scale representing height. b) Sub-units (grains) of the particle detected at the resolution of the instrument are outlined. (c) 3D image of the particle corresponding to the area covered by the red outline in (a) with two times height exaggeration to aid visualisation.
We had been exposing a facet from mid-September 2014 and looked for dust on it every now and then, but did not find anything… until 14 November. This was a great relief for us, since the other dust analysing instruments COSIMA and GIADA already sampled many dust particles. We celebrated our first dust and shared the image with you on this blog. Of course we wanted to discover more of this particle – but any attempt to re-scan it failed. Scans on different locations on this target either gave too distorted results for scientific use or were completely failing, the only bright spots were very few rather distorted, barely recognisable dust particles. It was quite an emotional roller coaster for us! Since scanning on this target resulted in more failed than successful scans we decided, with heavy-hearts, to give up on this particular target.
In December we exposed a fresh target and hoped for better images of cometary dust. The new target, however, showed no dust at all until end of December – and in January we were finally able to record my most favourite scan: it is shown in Mark’s recent Nature paper as particle E (see image left) and it really stands out in our whole particle collection. We knew this already in the moment we received the image – another absolute highlight for me.
Shortly after we were able to record our three smallest dust particles so far, one of them also presented in Mark’s paper as particle D. However, except for one other particle, additional scans on this facet showed no dust at all, just the empty facet.
After the safe mode in 2015 we had to stay so far from the comet that MIDAS did not detect any dust particles – a rather depressing time for us. It was the end of July when we decided to use the time to go back to the target with the first particle on, the one that we abandoned earlier. We started doing very coarse and very cautious overview-scans at locations distant from the ones we had all those problems at the beginning of the mission, and discovered that the whole target must be covered with large, fragile dust particles! This was the most surprising observation for me! We had all the dust collected in the beginning of the mission without knowing it! Their height, their enormous size, and their fragility were probably causing all the distortions at the beginning of the mission. Even now, when we know about the wealth of particles we collected on this facet, their sizes and fragility makes it hard for us to image them. With a lot of patiently tweaking the scanning parameters in the end we succeeded to image at least some of the enormous particles. No other target gave us such a hard time and no other target holds so many, and such large dust particles [note that large for MIDAS is a few tens of micrometers].
This story illustrates well that MIDAS is not an instrument with high statistics but rather with high precision. Every dust particle is a precious resource due to our limited dust collection slots. And thus, my second most surprising event was when we were collecting dust particles exactly during the outburst event in February 2016. What a lucky coincidence for MIDAS! The wealth of particles we collected could keep us going for years, if it weren’t for our consumables slowly running out – we’ve now used all 16 of our scanning tips.
Although in the beginning MIDAS did not have the best start, in the end we can look back at sampling dust from very different phases of cometary evolution, including different dust populations, sizes and morphologies. There is a lot of material still to be analysed to understand the dust of Comet 67P at the micrometre to nanometre size, which will be important to our understanding of how comets are built.
MIDAS stories featured on this blog:
Imaging tiny comet dust in 3D
MIDAS and its first dust grain
Calibration and a MIDAS selfie
Software upgrade at 655 million kilometres
Waking up MIDAS
Introducing MIDAS: Rosetta's Micro-Imaging Dust Analysis System
As the Rosetta mission draws to a close next Friday, 30 September 2016, the CometWatch team here at ESA realised that this will be the last 'regular' entry of this popular feature on the blog (*) through which we have shared a great deal of views of Comet 67P/Churyumov-Gerasimenko taken with Rosetta's navigation camera (NAVCAM) since July 2014, shortly before Rosetta's arrival at the comet.
As it happens, Rosetta recently took a new image of its final “landing” site on 67P/C-G, which we thought would make the perfect entry for this week’s CometWatch. The image was taken on 18 September 2016, when the spacecraft was 12.1 km from the centre of the comet.
Enhanced NAVCAM image of Comet 67P/C-G taken on 18 September 2016, 12.1 km from the nucleus centre. The scale is 1.0 m/pixel and the image measures about 1.1 km across. Credits: ESA/Rosetta/NAVCAM – CC BY-SA IGO 3.0
The image depicts the dust-covered terrains of Ma'at, on the small comet lobe, where Rosetta is destined to make a controlled impact next week. The spacecraft will aim at a point just right of the image centre, next to Deir el-Medina, the large pit located slightly below and to the right of centre in this view.
At the scale of today's CometWatch – 1.0 m/pixel – the main structure of Rosetta would span roughly 2 x 2 pixels; taking into account its two solar panels, the entire structure would span about 32 pixels across.
Deir el-Medina is about 130 m-wide and, like other pits located in the Ma'at region, exhibits intriguing metre-sized lumpy structures called ‘goosebumps’ on its internal walls. During the descent, Rosetta will collect unprecedented close-up views of these structures, which scientists believe could be the signatures of early ‘cometesimals’ that assembled to create the comet in the early phases of Solar System formation.
In the composite image below, Rosetta's planned impact point in Ma’at is shown – with an approximate indication of the targeted 700 x 500 m ellipse – in the context of the small lobe of Comet 67P/C-G, together with Philae’s first and final touchdown sites.
The first touchdown site of the lander Philae, Agilkia (left); the final touchdown site of Philae, Abydos (centre); and the planned impact point of Rosetta (right). Credits: CIVA: ESA/Rosetta/Philae/CIVA; NAVCAM: ESA/Rosetta/NAVCAM – CC BY-SA IGO 3.0; OSIRIS: ESA/Rosetta/MPS for OSIRIS Team MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA; ROLIS: ESA/Rosetta/Philae/ROLIS/DLR
Another recent view of the comet, taken with the OSIRIS wide-angle camera on 20 September, when Rosetta was 13.7 km, was published earlier this week via the OSIRIS Image of the Day website.
OSIRIS wide-angle camera image taken on 20 September 2016, when Rosetta was 13.7 km from the centre of the comet. The scale is 1.28 m/pixel and the image measures about 2.6 km across. Credit: ESA/Rosetta/MPS for OSIRIS Team MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA
Most of the view is dominated by the Khonsu, Atum and Anubis regions on the large comet lobe, with the rough terrains of Anuket, bridging the comet neck and small lobe, visible in the lower right corner.
A close-up of Khonsu, portraying a large boulder in this region, was also recently published. It was taken with the OSIRIS narrow-angle camera on 17 September, 7.7 km from the comet centre.
OSIRIS narrow-angle camera image taken on 17 September 2016, when Rosetta was 7.7 km from the centre of the comet. The scale is 0.13 m/pixel and the image measures about 266 m across. Credit: ESA/Rosetta/MPS for OSIRIS Team MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA
On behalf of the CometWatch team, thank you for following our feature on the blog!
(*) Don't despair, there will be more NAVCAM images taken during next week, which will be later shared on the Archive Image Browser.
The original NAVCAM image is provided below.
Love skirts?
Love pants?
Try skwantz!
SKWANTZ
Remember the San Bernardino killer's iPhone, and how the FBI maintained that they couldn't get the encryption key without Apple providing them with a universal backdoor? Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from the phone, extracting the memory, and then running a brute-force attack without worrying about the phone deleting the key.
The FBI said it was impossible. We all said they were wrong. Now, Sergei Skorobogatov has proved them wrong. Here's his paper:
Abstract: This paper is a short summary of a real world mirroring attack on the Apple iPhone 5c passcode retry counter under iOS 9. This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c. Although the process can be improved, it is still a successful proof-of-concept project. Knowledge of the possibility of mirroring will definitely help in designing systems with better protection. Also some reliability issues related to the NAND memory allocation in iPhone 5c are revealed. Some future research directions are outlined in this paper and several possible countermeasures are suggested. We show that claims that iPhone 5c NAND mirroring was infeasible were ill-advised.
Susan Landau explains why this is important:
The moral of the story? It's not, as the FBI has been requesting, a bill to make it easier to access encrypted communications, as in the proposed revised Burr-Feinstein bill. Such "solutions" would make us less secure, not more so. Instead we need to increase law enforcement's capabilities to handle encrypted communications and devices. This will also take more funding as well as redirection of efforts. Increased security of our devices and simultaneous increased capabilities of law enforcement are the only sensible approach to a world where securing the bits, whether of health data, financial information, or private emails, has become of paramount importance.
Or: The FBI needs computer-security expertise, not backdoors.
Patrick Ball writes about the dangers of backdoors.
EDITED TO ADD (9/23): Good article from the Economist.
Brief but powerful outbursts seen from Comet 67P/Churyumov–Gerasimenko during its most active period last year have been traced back to their origins on the surface.
In the three months centred around the comet’s closest approach to the Sun, on 13 August 2015, Rosetta’s cameras captured 34 outbursts.
Compilation of the brightest outbursts seen at Comet 67P/Churyumov–Gerasimenko by Rosetta’s OSIRIS narrow-angle camera and Navigation Camera between July and September 2015.
Credits: OSIRIS: ESA/Rosetta/MPS for OSIRIS Team MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA; NavCam: ESA/Rosetta/NavCam – CC BY-SA IGO 3.0
These violent events were over and above regular jets and flows of material seen streaming from the comet’s nucleus. The latter switch on and off with clockwork repeatability from one comet rotation to the next, synchronised with the rise and fall of the Sun’s illumination.
How to spot the difference between ‘normal’ background activity and short-lived transient events at Comet 67P/Churyumov–Gerasimenko. Click for large image, full caption and credit info.
By contrast, outbursts are much brighter than the usual jets – sudden, brief, high-speed releases of dust. They are typically seen only in a single image, indicating that they have a lifetime shorter than interval between images – typically 5–30 minutes.
A typical outburst is thought to release 60–260 tonnes of material in those few minutes.
On average, the outbursts around the closest approach to the Sun occurred once every 30 hours – about 2.4 comet rotations. Based on the appearance of the dust flow, they can be divided into three categories.
One type is associated with a long, narrow jet extending far from the nucleus, while the second involves a broad, wide base that expands more laterally. The third category is a complex hybrid of the other two.
“As any given outburst is short-lived and only captured in one image, we can’t tell whether it was imaged shortly after the outburst started, or later in the process,” notes Jean-Baptiste Vincent, lead author of the paper published today in Monthly Notices of the Astronomical Society.
“As a result, we can’t tell if these three types of plume ‘shapes’ correspond to different mechanisms, or just different stages of a single process.
“But if just one process is involved, then the logical evolutionary sequence is that an initially long narrow jet with dust is ejected at high speed, most likely from a confined space.
“Then, as the local surface around the exit point is modified, a larger fraction of fresh material is exposed, broadening the plume ‘base’.
“Finally, when the source region has been altered so much as not to be able to support the narrow jet anymore, only a broad plume survives.”
Locations of the summer outbursts observed by Rosetta’s OSIRIS (blue dots) and NavCam (red dots) between July and September 2015, superimposed on a regional map of Comet 67P/Churyumov–Gerasimenko.
Click for full caption details.
Credits: OSIRIS: ESA/Rosetta/MPS for OSIRIS Team/MPS/UPD/LAM/IAA/SSO/INTA/UPM/DASP/IDA
The other key question is how these outbursts are triggered.
The team found that just over half of the events occurred in regions corresponding to early morning, as the Sun began warming up the surface after many hours in darkness.
The rapid change in local temperature is thought to trigger thermal stresses in the surface that might lead to a sudden fracturing and exposure of volatile material. This material rapidly heats up and vaporises explosively.
The other events occurred after local noon – after illumination of a few hours.
These outbursts are attributed to a different cause, where the cumulative heat makes its down to pockets of ‘volatiles’ buried beneath the surface, again causing sudden heating and an explosion.
“The fact that we have clear morning and noon outbursts points to at least two different ways of triggering an outburst,” says Jean-Baptiste.
Cliff collapse and comet activity. Click for full caption details. Credits: Based on J.-B. Vincent et al (2015)
But it is also possible that yet another cause is involved in some outbursts.
“We found that most of the outbursts seem to originate from regional boundaries on the comet, places where there are changes in texture or topography in the local terrain, such as steep cliffs, pits or alcoves,” adds Jean-Baptiste.
Indeed, the fact that boulders or other debris are also seen around the regions identified as the sources of the outbursts confirms that these areas are particularly susceptible to erosion.
While slowly eroding cliff faces are thought to be responsible for some of the regular, long-lived jet features, a weakened cliff edge may also suddenly collapse at any time, night or day. This collapse would reveal substantial amounts of fresh material and could lead to an outburst even when the region is not exposed to sunlight.
At least one of the events studied took place in local darkness and may be linked to cliff collapse.
“Studying the comet over a long period of time has given us the chance to look into the difference between ‘normal’ activity and short-lived outbursts, and how these outbursts may be triggered,” says Matt Taylor, ESA’s Rosetta project scientist.
“Studying how these phenomena vary as the comet progresses along its orbit around the Sun give us new insight into how comets evolve during their lifetimes.”
Notes
This article is mirrored from the main ESA web portal.
“Summer fireworks on Comet 67P,” by J.-B. Vincent et al is published in Monthly Notices of the Royal Astronomical Society
This article also uses information from “Are fractured cliffs the source of cometary dust jets? Insights from OSIRIS/Rosetta at 67P,” by J.-B. Vincent et al, published in Astronomy & Astrophysics 2015
Of the 34 outbursts, 26 were detected with the OSIRIS narrow-angle camera, three with the OSIRIS wide-angle camera, and five with the Navigation Camera.
A circumbinary planet is one that orbits two stars, and to date we haven’t found many of them. Word of a new detection comes from an event observed back in 2007 during a microlensing study called OGLE — Optical Gravitational Lensing Experiment. OGLE is a Polish undertaking designed to study dark matter using gravitational microlensing, but while dark matter remains as dark as ever, the project has been able to deliver useful findings on distant exoplanets.
A number of groups specializing in gravitational microlensing also contributed to this analysis. These are observation efforts not as well known to the public as Kepler or Gaia, but they’re doing exceptional work: MOA (Microlensing Observations in Astrophysics); MicroFUN (Microlensing Follow-Up Network); PLANET (Probing Lensing Anomalies NETwork); and Robonet. Subsequent Hubble Telescope data were then applied to the analysis, confirming the discovery.
Image: This artist’s illustration shows a gas giant planet circling a pair of red dwarf stars. The Saturn-mass planet orbits roughly 480 million kilometers from the stellar duo. The two red dwarf stars are a mere 11 million kilometers apart. The illustration is based on Hubble Space Telescope observations that helped astronomers confirm the existence of a planet orbiting two stars in the system OGLE-2007-BLG-349, located 8,000 light-years away. Credit: NASA, ESA, and G. Bacon (STScI).
The distance of the stars in question — some 8000 light years away in the direction of galactic center — raises the issue of microlensing’s unique capabilities. Gravitational microlensing happens when a foreground star moves in front of a background star, causing the gravity of the former to ‘bend’ the light of the latter. The ‘bending’ is actually the light following the curvature of spacetime caused by the foreground star’s gravitational field, but whatever we call it, gravitational microlensing can help us detect planets that would otherwise be lost to us, for how the light is magnified offers many clues to the foreground star and any possible planets.
Both radial velocity and transit methods detect planets most readily when they are near to their star. A planet orbiting close in makes multiple transits in a shorter period of time than one further out, which is why the early Kepler detections were of planets like this, with the boundary of detection gradually moving outward with time. Radial velocity, which looks at the Doppler shift of light from the star as it is tugged by the orbiting planet, likewise shows its strongest signal for a close-in, large planet, and that’s why we had so many early detections of ‘hot Jupiters.’
But gravitational microlensing is another thing entirely, capable of finding planets and stars at a wide range of orbital distances around stars that can be many thousands of light years away. The OGLE-2007-BLG-349 event produced a light curve that needed additional data from the Hubble Space Telescope to confirm, allowing astronomers to separate the background source star and the lensing star in the crowded starfield.
What we wind up with is a planet orbiting about 480 million kilometers from its host stars, both of them red dwarfs no more than 11 million kilometers apart. David Bennett (NASA GSFC), lead author on the paper discussing the discovery, describes the process used in the work:
“The ground-based observations suggested two possible scenarios for the three-body system: a Saturn-mass planet orbiting a close binary star pair or a Saturn-mass and an Earth-mass planet orbiting a single star… [T]he model with two stars and one planet is the only one consistent with the Hubble data. We were helped in the analysis by the almost perfect alignment of the foreground binary stars with the background star, which greatly magnified the light and allowed us to see the signal of the two stars.”
Unlike Kepler’s ten discovered circumbinary planets, the two orbiting OGLE-2007-BLG-349 are much further away from their hosts. The paper discusses another two-star plus one planet event that has been interpreted as a planet orbiting one of the two stars (OGLE-2013-BLG-0341), and a second event dominated by a stellar binary signal, adding:
This suggests that there should be many more two-star plus one planet events in the data that we have already collected, but that we are not efficient at finding planetary signals in events that are dominated by stellar binary microlensing features. So, we recommend a systematic search for planetary signals in the light curves of strong stellar binary events.
As you might expect, the paper for today has a long list of co-authors. It’s Bennett et al., “The First Circumbinary Planet Found by Microlensing: OGLE-2007-BLG-349L(AB)c,” accepted at The Astronomical Journal and available as a preprint.
