Planet Aardvark

August 17, 2019

• Astro Bob Cosmic Rays Make The Moon Glow Brighter Than The Sun

  

  If your eyes were sensitive to every form of light, a rainbow wouldn’t end at red and violet. Beyond red you’d see infrared, which we sense as heat, and beyond that the microwaves that cook your food and radio waves that carry music and news to your FM radio. After violet lies ultraviolet (responsible for sunburn), X-rays to peer beneath your skin and finally high-powered gamma rays like those released by highly radioactive materials.

  The moon looks white to our eyes because it reflects light of all colors in the rainbow. Combined they make white. The moon like the planets is visible by reflected sunlight. Take away the sun and every moon and planet would go dark. But if our eyes could see the high-energy radiation called gamma rays, the moon would appear brighter than the sun. That’s how NASA’s Fermi Gamma-ray Space Telescope has seen our neighbor in space for the past decade.

  

  Gamma-ray observations are not sensitive enough to clearly see the shape of the Moon’s disk or any surface features — it can only detect a bright glow at the moon’s position in the sky — but images have greatly improved over the years. What makes the moon glow so brightly even without the sun to illuminate it?  Fast-moving particles called cosmic rays.

  Cosmic rays are mostly protons, the little subatomic nuggets the form the nuclei of atoms. Hydrogen has one proton in its nucleus, oxygen has eight and gold 79. More protons per atom is the reason gold is so much heavier than oxygen. Cosmic rays are mostly single protons accelerated by violent phenomena in the universe like supernova blasts and high-speed jets of particles produced when matter falls into black holes. Like a well-struck ball with a baseball bat, the events propel many of them at near-light speeds across the universe.

  

  Because the particles are electrically charged (a proton has a positive charge, an electron has a negative charge), they’re strongly affected by magnetic fields, which the moon lacks. Unable to screen out the particles, even low-energy cosmic rays can reach the surface. When cosmic rays strike, they interact with the minerals in the powdery lunar soil called regolith and produce gamma-rays. The Moon absorbs most of these gamma rays, but some of them escape into space and are captured by Fermi.

  As NASA prepares to return humans to the moon through the Artemis program, these gamma-ray observations are a reminder that astronauts will require protection not only from solar storms but from the same cosmic rays that produce this high-energy gamma radiation.

  While the moon’s gamma-ray glow is amazing, the sun still shines brighter in gamma rays that have even higher energies. The sun screens out lower energy cosmic rays because of its magnetic field, but the more powerful ones strike its outer atmosphere and produce gamma rays that reflect back into space.

  

  Because cosmic rays reach the moon from all over the galaxy (and even beyond its confines), the moon lacks its usual cycle of monthly phases, maintaining a full-moon appearance every day. One thing that does change is the moon’s gamma brightness which varies by about 20 percent over the sun’s 11-year activity cycle. Variations in the intensity of the Sun’s magnetic field during the cycle change the rate of cosmic rays reaching the Moon and along with it how many gamma rays are produced.

  Don’t you wish you could just flick on a filter and see the universe in ALL of its colors? That’s what astronomers do every day with space-based telescopes like Hubble, Fermi and Chandra — get above the air that obscures so much of the multi-hued rainbow known as the electromagnetic spectrum.

• DragonflyBSD Blog In Other BSDs for 2019/08/17

  This is a somewhat pre-made post coming off a week on the road, so I packed it chock-full.

  • The UNIX Philosophy in 2019.  (via)
  • Converse to previous: Brian Will – Replacing the Unix tradition.
  • Summer Sun and microsystems.
  • How does a “real” Unix system feel compared to *BSDs and Linux?
  • GSoC 2019 Report Update: Incorporating the memory-hard Argon2 hashing scheme into NetBSD.
  • Valuable News – 2019/08/05.
  • Removal of route-collector mode in bgpd(8).
  • tpmr(4) driver added to -current.
  • OPNsense 19.7.2 released.
  • Linux kernel’s inability to gracefully handle low memory pressure.  Linked cause you know what performs well under memory restriction?  Any BSD.  (via)
  • Devine Lu Linvega’s Uses This entry.  Interesting to see his workstation details because his workstation is 2 machines, with Plan 9 variations, and segregated on work vs. distraction.  (and sometimes FreeBSD.)
  • NetBSD light weight theme.
  • Wanting to install Trident to boot from my USB stick…
  • LibreSSL 3.0.0 Released.  (via)
  • Play Windows Games On FreeBSD.  Encapsulating setup.  (via)
• Ham Signal (The Lightbulb People) Baofeng DM-5R, RD-5R, and DM-9HX Programming CODE PLUG
  The Baofeng DM-5R radio series which includes the variant DM-9DX (bigger battery) and the RD-5R (sold by Radio Oddity) are all basically the same radio and utilize the DMR.exe application to perform programming or building and maintenance of the radio's code plug.  This radio got a bad rap when first introduced as it was originally a tier 1 only device while competitors allowed  DMR communication across both the tier1 and tier 2 timeslots.  However, that has long since been fixed, and the

August 16, 2019

• Bruce Schneier Friday Squid Blogging: Robot Squid Propulsion

  Interesting research:

  The squid robot is powered primarily by compressed air, which it stores in a cylinder in its nose (do squids have noses?). The fins and arms are controlled by pneumatic actuators. When the robot wants to move through the water, it opens a value to release a modest amount of compressed air; releasing the air all at once generates enough thrust to fire the robot squid completely out of the water.

  The jumping that you see at the end of the video is preliminary work; we're told that the robot squid can travel between 10 and 20 meters by jumping, whereas using its jet underwater will take it just 10 meters. At the moment, the squid can only fire its jet once, but the researchers plan to replace the compressed air with something a bit denser, like liquid CO2, which will allow for extended operation and multiple jumps. There's also plenty of work to do with using the fins for dynamic control, which the researchers say will "reveal the superiority of the natural flying squid movement."

  I can't find the paper online.

  As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

  Read my blog posting guidelines here.

• WB3GCK Outer Banks 2019

  Once again, my family made our annual vacation trip to North Carolina. We rented a house in Corolla on the Outer Banks for the week. Of course, in between the usual vacation activities, there was some ham radio involved.

  For various logistical and traffic reasons, it took us longer than usual to get there. It wasn’t until the next day (Sunday), that I was able to get an antenna up. This year, I went with my trusty “Up & Outer” antenna.

  I mounted a 28-foot pole on the 3rd story deck for the vertical element. I strapped a smaller pole to a fence to support the horizontal element. I put a BNC-to-binding post on my KX3 and fed the 300-ohm twin-lead directly. It loaded up fine from 60M through 10M. Surprisingly, the ambient noise levels were low. Man-made noise is usually a challenge in these rental houses.

  

  I operated from a 2nd-floor deck on the rear of the house. This spot provided some nice shade for most of the day and gave a great view of Currituck Sound.

  

  I managed to catch a few hours of the SKCC Weekend Sprintathon (WES) contest. Running 10 watts, I worked 20 stations and added 8 more new contacts to my quest for the Senator Award. For good measure, I also worked DP6A in Germany who was participating in another contest. So, the antenna set-up appeared to be working fine.

  

  For the rest of the week, I fell into a pattern of casual QRP operating for a bit in the late mornings. The rest of the time was spent swimming, crabbing, and riding bikes with my grandkids. I still managed to make a handful of contacts each day and enjoyed some nice rag-chews.

  Mid-week, we had some unsettled weather. I had a “Plan B” for inclement weather, though. I planned to move my radio gear into an unused sitting area not far from my outdoor location. I was going to use a small piece of pipe insulation to route the twin-lead in through a sliding door and keep it from touching the metal door jamb. Fortunately, the weather cooperated and “Plan B” never came into play.

  As usual, the week went by too fast. On our last day, I made two more contacts before it was time to pack up the radio and tear down my antenna.

  This was another fun vacation, radio-wise. I made 40 contacts, including some very nice early morning CW chats. I also worked a couple of stations who were also operating portable while on vacation and made a couple of DX contacts to boot. Plus, I continued my slow-but-steady progress towards my SKCC Senator Award, adding 16 new ones this week.

  It was nice to be using a decent antenna in a low-noise environment — a welcomed change of pace from my home station!

  72, Craig WB3GCK

• Centauri Dreams Looking for Life Under Flaring Skies

  The faint glow of a directly imaged planet will one day have much to tell us, once we’ve acquired equipment like the next generation of extremely large telescopes (ELTs), with their apertures measuring in the tens of meters. Discovering the makeup of planetary atmospheres is an obvious deep dive for biosignatures, but there is another. Biofluorescence, a kind of reflective glow from life under stress, could be detectable in some conditions at astronomical distances.

  New work on the matter is now available from Jack O’Malley-James and Lisa Kaltenegger, at Cornell University’s Carl Sagan Institute. The duo have been on the trail of biofluorescence for some time now, and in fact their paper in Monthly Notices of the Royal Astronomical Society picks up on a 2018 foray into biosignatures involving the phenomenon (citation below). Here the question is detectability in the context of biofluorescence as a protective mechanism, an ‘upshift’ of damaging ultraviolet into longer, safer wavelengths.

  “On Earth, there are some undersea corals that use biofluorescence to render the sun’s harmful ultraviolet radiation into harmless visible wavelengths, creating a beautiful radiance,” says Kaltenegger.” Maybe such life forms can exist on other worlds too, leaving us a telltale sign to spot them.”

  

  Image: An example of coral fluorescence. Coral fluorescent proteins absorb near-UV and blue light and re-emit it at longer wavelengths. Credit: Available under Creative Commons CC0 1.0 Universal Public Domain Dedication.

  Biofluorescence in vegetation is an effect that is detectable from Earth orbit. Here the effect is comparatively small, accounting for 1-2 percent of the vegetation reflection signal, but of course it is also widespread given the coverage of vegetation over much of Earth’s surface. The phenomenon is also seen in corals, which produce a higher degree of fluorescence. Earth levels of biofluorescence are clearly too small to act as useful biosignatures for exoplanets, but higher levels may well occur elsewhere.

  That’s because our early work on the atmospheres of Earth-sized planets will delve into systems around small M-dwarf stars. Such worlds are plentiful and the Transiting Exoplanet Survey Satellite (TESS) is expected to add to our inventory of habitable zone examples nearby. Even now, we have interesting targets: Proxima Centauri b, Ross 128b, TRAPPIST-1e, -f, -g, LHS 1140-b, for example, all of which orbit M-dwarf stars. And M-dwarf stars are known to flare.

  This, in fact, is one of the cases originally made against life in such systems, for extreme X-Ray and UV radiation would create a challenging environment for even the simplest lifeforms. M-dwarfs vary in terms of the amount of radiation they produce; indeed, a planet around an inactive M-dwarf receives a lower dose of ultraviolet than Earth. But planets around active stars, particularly given the fact that the habitable zone is so close to the small star, receive much higher flux, and such flaring remains active for longer on M-dwarfs than on stars like the Sun.

  Life could conceivably flourish underground on such worlds, or within oceans, but even on Earth, the authors note, we see biological responses like protective pigments and DNA repair pathways that are ways of mitigating radiation damage. The corals mentioned above use biofluorescence to reduce the risk of damage to symbiotic algae, absorbing blue and ultraviolet photons and re-emitting them at longer wavelengths.

  Corals that display this phenomenon cover a mere 0.2 percent of the ocean floor, making for only a tiny change in our planet’s visible flux. But the situation could be different in actively flaring M-dwarf systems. To study the matter, O’Malley-James and Kaltenegger begin with a biofluorescent surface biosphere in a shallow, transparent ocean, adjusting the variables to simulate different ocean conditions. They vary fluorescent protein absorption and emission to produce values for reflected and emitted light. The assumption is that life evolving in conditions of extreme UV flux will produce ever more efficient fluorescence, in terms of absorbed vs, emitted photons (at maximum efficiency, all photons are absorbed and re-emitted).

  The authors calculate the UV flux for different classes of M-dwarfs and quantify the outgoing emissions of common pigments during fluorescence. The model also includes atmospheric effects with varying cloud coverage, generating spectra and colors for hypothetical planetary conditions. False positives from mineral fluorescence are considered, as are signals produced by surface vegetation, with different fractions of surface coverings and biofluorescent life.

  But let’s cut to the chase. A biosphere otherwise hidden from us could be revealed through the temporary glow resulting from the flare of an M-dwarf. From the paper:

  Depending on the efficiency of the fluorescence, biofluorescence can increase the visible flux of a planet at the peak emission wavelength by over an order of magnitude during a flare event. For comparison, the change in brightness at peak emission wavelengths caused by biofluorescence could increase the visible flux of an Earth-like planet by two orders of magnitude for a widespread biofluorescent biosphere and clear skies, with low-cloud scenarios being more likely for eroded atmospheres. In an M star system, the reflected visible flux from a planet will be low due to the host star’s low flux at these wavelengths; however, the proposed biofluorescent flux is dependent on the host star’s UV flux, resulting in additional visible flux that is independent of the low stellar flux at visible wavelengths. This suggests that exoplanets in the HZ of active M stars are interesting targets in the search for signs of life beyond Earth.

  Video: Lisa Kaltenegger, director of Cornell University’s Carl Sagan Institute, explains why studying bioluminescence on Earth can guide the way humans search for life on other planets.

  If biofluorescence can evolve on the planets of active M-dwarf stars, it may turn out that high ultraviolet flux could be the key to reveal its existence. We need to quantify such effects because our ground- and space-based assets in the hunt for biosignatures are going to be homing in on the most readily studied planets first, and that means nearby worlds around red dwarfs. What O’Malley-James and Kaltenegger are doing is charting one possible signature that we may or may not find, but one which we now know to include in our investigative toolkit.

  The paper is O’Malley-James and Kaltenegger, “Biofluorescent Worlds – II. Biological fluorescence induced by stellar UV flares, a new temporal biosignature,” Monthly Notices of the Royal Astronomical Society 13 August 2019 (abstract/full text). The earlier paper on this issue is O’Malley-James and Kaltenegger, “Biofluorescent Worlds: Biological fluorescence as a temporal biosignature for flare stars worlds,” accepted at MNRAS (preprint).

  

  

  
• Ed Yong A Tissue Sample From 1966 Held Traces of Early HIV

  In 1966, a 38-year-old man visited a hospital in what is now the Democratic Republic of Congo. His name, his symptoms, and everything about him beyond his age and gender have been lost to history. But a piece of one of his lymph nodes was collected and preserved. By analyzing it, a team of researchers led by Michael Worobey from the University of Arizona have shown that the man was infected by HIV, the virus that causes AIDS. He wouldn’t have known it, though, and nor would his doctors. HIV was formally discovered 17 years later.

  By wresting tiny genetic fragments from that tissue sample, Worobey’s team has almost completely reconstructed HIV’s genome from a time before anyone even knew it existed. And that work helps to flesh out the origin story of what would become one of the most important pandemics in human history. “There’s no other way to test these important inferences about the origins of one of the most important infectious diseases to ever hit humans,” says Worobey, who spent about five years trying to piece together that one tiny genome. “In retrospect, we’d probably do it again, but it’s crazy how much work it was.”

  HIV was identified only in the 1980s, after a mysterious new syndrome began affecting men in United States. It seemed to come out of nowhere, but it had actually originated decades earlier and a continent away. We know this because as the virus spreads, its genes change. By comparing those changes and estimating how quickly they happen, scientists can backtrack their way through HIV’s evolutionary history to its very beginning.

  The place, most likely: southern Cameroon. The estimated time: the 1920s. There and then, a chimpanzee virus hopped into some unlucky person, before making its way to the city now known as Kinshasa. In a populous and growing hub with a multitude of hosts, the new virus gained ground, eventually spawning lineages that spread around the world.

  [Read: Stopping HIV would require an entirely different Trump]

  This long history means that many people must have been infected with HIV before anyone knew what was making them sick. Samples of their tissues were collected by pathologists, treated with a chemical fixative, embedded in wax, examined under microscopes (likely to no avail), and then stored in drawers. That process (and especially the fixative) does horrible things to the RNA molecules that comprise HIV’s genome, “but not horrible enough to destroy them completely,” Worobey told me. “It turns out that you can retrieve [RNA] more than 50 years later, even if the thing has been sitting in a drawer at ambient temperature. Which can be pretty warm in Kinshasa.”

  But since HIV hadn’t even been identified, there’s no easy way of telling which old sample might contain traces of the virus. Finding those traces is like looking for a largely corroded needle in a thousand haystacks. Understandably, then, despite two decades of searching, scientists have only twice found traces of HIV from its prediscovery period in Kinshasa. David Ho from Rockefeller University found one in a blood sample from 1959; Worobey identified another in a lymph node from 1960.

  [Read: How one man was wrongly blamed for bringing AIDS to America]

  In both cases, barely anything of the virus’s RNA remained—just 1 percent of the total. Those pieces were enough to prove that HIV was circulating in Kinshasa decades before its discovery, and to sketch the outlines of the virus’s history. But since fragmentary evidence can be misleading, Worobey wanted to get a complete historical genome.

  His colleagues Sophie Gryseels and Tom Watts developed more sensitive tools for extracting RNA and applied them to more than 1,600 tissue samples from the University of Kinshasa. They found just one with traces of HIV and spent five years pulling every piece of RNA they could from it. “There are very sophisticated evolutionary models you can use to trace back what has happened through history, but they’re still models,” Gryseels told me. “With old genetic material, you can see what reality was actually like.”

  The old virus most closely resembled those from subtype C—the most prevalent lineage of HIV, and one that dominates in southern Africa today. But the 1966 virus wasn’t actually part of that group. It was more of a distant cousin, and it suggests that what we see of HIV today is just a small fraction of the total diversity that existed in Kinshasa in the 1960s. Only a few of those historical viruses then broke out, to become global problems.

  “Why are we interested in fossils? Because they tell a story,” says Beatrice Hahn, from the Perelman School of Medicine, who studies the evolution of HIV. “This HIV ‘fossil’ is no different. It’s an important piece in the evolutionary puzzle.”

  [Read: A mutation that resists HIV has other harmful consequences]

  The team also used the 1966 sample to check the history of HIV that they and others had gleaned by looking at modern viruses. Happily, that narrative turns out to be mostly right. The team estimates that the virus first arose sometime between 1896 and 1905—a little earlier than what others have calculated, but within the right ballpark. HIV’s present, it seems, is a good indicator of its past.

  That’s not always the case with viruses. When researchers found traces of hepatitis B from the Bronze Age, they learned that the virus evolved 100 times more slowly than anyone had thought, which radically revised estimates of its origins. Even SIV, HIV’s chimp-infecting cousin, evolved at different rates in the distant past and in recent history, making it hard to work out when it arose. HIV, by contrast, has been more consistent. “It’s very reassuring,” Worobey said.

  It might seem unexciting to spend a lot of time to learn that everything you knew was more or less right, but science depends upon such work. Without it, entire edifices of research can be constructed on shaky or nonexistent foundations.

  The study is “admirable,” says Bette Korber from Los Alamos National Laboratory, and “the reconstruction of HIV’s emergence and spread is very important.” Korber pioneered such reconstructions: She created the first decent estimate of HIV’s date of origin, using a genetic database that she and others (including Worobey’s team) have repeatedly turned to. She notes that 60 million to 100 million people have been infected with HIV, and 25 million to 50 million have died—a scale of suffering comparable to past world wars. “HIV has left a wound of deepest sorrow across humanity,” she says. “It is part of the human experience. We need to understand it.”

  That wouldn’t be possible, Worobey added, without the work of the Congolese pathologists who collected the relevant tissue samples decades ago. Their names are unknown too, and even their modern-day counterparts can go unnoticed. “They’re often unappreciated,” Worobey said. “They not only help the doctors you interact with directly but also play a crucial role in preserving these collections of tissues, which are now helping us to figure out the true history of this important virus.”

• DragonflyBSD Blog dhcpcd and DragonFly, continued

  Roy Marples, the ‘upstream‘ for dhcpcd(8), noticed that DragonFly was working with it as a dhclient/rtsold replacement, but the process wasn’t complete.  So … welcome new committer!

• Roger Rivester - Astronomy sketches and notes Neglected Deep-Sky Objects: By Guest Host James Mullaney

  The following link is to one of my older S&T articles, FYI.  It’s the original Word Document as submitted to the magazine.  Enjoy!  Jim Mullaney 

  S&T Neglected Deep-Sky Wonders

• Loren Grush Why stowaway creatures on the Moon confound international space law
  Illustration by William Joel / The Verge

  Who gets to decide what gets blasted into space?

  Continue reading…

• Bruce Schneier Software Vulnerabilities in the Boeing 787

  Boeing left its software unprotected, and researchers have analyzed it for vulnerabilities:

  At the Black Hat security conference today in Las Vegas, Santamarta, a researcher for security firm IOActive, plans to present his findings, including the details of multiple serious security flaws in the code for a component of the 787 known as a Crew Information Service/Maintenance System. The CIS/MS is responsible for applications like maintenance systems and the so-called electronic flight bag, a collection of navigation documents and manuals used by pilots. Santamarta says he found a slew of memory corruption vulnerabilities in that CIS/MS, and he claims that a hacker could use those flaws as a foothold inside a restricted part of a plane's network. An attacker could potentially pivot, Santamarta says, from the in-flight entertainment system to the CIS/MS to send commands to far more sensitive components that control the plane's safety-critical systems, including its engine, brakes, and sensors. Boeing maintains that other security barriers in the 787's network architecture would make that progression impossible.

  Santamarta admits that he doesn't have enough visibility into the 787's internals to know if those security barriers are circumventable. But he says his research nonetheless represents a significant step toward showing the possibility of an actual plane-hacking technique. "We don't have a 787 to test, so we can't assess the impact," Santamarta says. "We're not saying it's doomsday, or that we can take a plane down. But we can say: This shouldn't happen."

  Boeing denies that there's any problem:

  In a statement, Boeing said it had investigated IOActive's claims and concluded that they don't represent any real threat of a cyberattack. "IOActive's scenarios cannot affect any critical or essential airplane system and do not describe a way for remote attackers to access important 787 systems like the avionics system," the company's statement reads. "IOActive reviewed only one part of the 787 network using rudimentary tools, and had no access to the larger system or working environments. IOActive chose to ignore our verified results and limitations in its research, and instead made provocative statements as if they had access to and analyzed the working system. While we appreciate responsible engagement from independent cybersecurity researchers, we're disappointed in IOActive's irresponsible presentation."

  This being Black Hat and Las Vegas, I'll say it this way: I would bet money that Boeing is wrong. I don't have an opinion about whether or not it's lying.

• The Atlantic: In Focus Photos of the Week: Sky Glider, Ice Swimmer, Cave Basketball (35 photos)

  A “Grand Tattoo” in Berlin, a trapped raccoon in Florida, pole vaulting in Peru, scuffles in Hong Kong, a baby hippo in Taipei, mutton bustin' in Iowa, a Diplodocus in Germany, Eid Al-Adha in Mauritania, a baptism in Mexico, wildfires in Greece, spear fishing in Maine, stars over Wadi Rum, Oktoberfest prep in Berlin, and much more.

  

  
• VE7SAR (Surrey Amateur Radio Club) A Simple Touch 'Code' Keyer
  
  

  An Inexpensive Circuit With An IC And A Few Parts

  Imagine tapping the table to generate Morse Code! This simple code practice oscillator is for those who want to practice Morse Code in a different way, without the Morse key. It can be also used as a touch operated door bell.
  
  The popular timer IC555 is wired as astable multi-vibrator. The frequency (tone) can be changed by varying the 100 K variable resistor between pin 7 and 6 of timer IC555. The volume can be changed by varying the 10 K variable resistor and the sensitivity of touch plate can be controlled by adjusting the 1 K Ohms preset at pin 4 of IC555.
  
  

  

  
  

  The touch plate is connected to the base of transistor BC147B. In this circuit the length of wire between the base of the transistor and the touch plate is not critical. Typical is a 9 cm wire and a 3 x 6 cm 3mm thick aluminum plate. The addition of a relay or additional circuitry could key your transceiver.
  
  
  
  

  
  
• XKCD Serena Versus the Drones
  
• Space and stuff idk gimbal–lock: The crews of Gemini III through VII holding their...
  
  
  

  gimbal–lock:

  The crews of Gemini III through VII holding their respective mission’s emblem. (1966)
  

• Basic Instructions How to Explain Why Star Wars Is Much Better Than Star Trek
  

  If the analogy in the third panel had held, The Last Jedi would have ended with Luke selling the force texts in the tree to Rey for a hefty profit. Some of the fanboys might have preferred that.

  As always, thanks for using my Amazon Affiliate links (US, UK, Canada).

• Major Hayden Posts
• Major Hayden Get faster GitLab runners with a ramdisk

  

  When you build tons of kernels every day like my team does, you look for speed improvements anywhere you can. Caching repositories, artifacts, and compiled objects makes kernel builds faster and it reduces infrastructure costs.

  Need for speed

  We use GitLab CI in plenty of places, and that means we have a lot of gitlab-runner configurations for OpenShift (using the kubernetes executor) and AWS (using the docker-machine executor). The runner’s built-in caching makes it easy to upload and download cached items from object storage repositories like Google Cloud Storage or Amazon S3.

  However, there’s an often overlooked feature hiding in the configuration for the docker executor that provides a great performance boost: mounting tmpfs inside your container. Not familiar with tmpfs? Arch Linux has a great wiki page for tmpfs and James Coyle has a well-written blog post about what makes it unique from the older ramfs.

  RAM is much faster than your average cloud provider’s block storage. It also has incredibly low latency relative to most storage media. There’s a great interactive latency page that allows you to use a slider to travel back in time to 1990 and compare all kinds of storage performance numbers. (It’s really fun! Go drag the slider and be amazed.)

  Better yet, many cloud providers give you lots of RAM per CPU on their instances, so if your work isn’t terribly memory intensive, you can use a lot of this RAM for faster storage.

  Enabling tmpfs in Docker containers

  ⹠️ Beware of the dangers of tmpfs before adjusting your runner configuration! See the warnings at the end of this post.

  This configuration is buried in the middle of the docker executor documentation. You will need to add some extra configuration to your [runners.docker] section to make it work:

  [runners.docker]
    [runners.docker.tmpfs]
        "/ramdisk" = "rw,noexec"

  This configuration mounts a tmpfs volume underneath /ramdisk inside the container. By default, this directory will be mounted with noexec, but if you need to execute scripts from that directory, change noexec to exec:

  [runners.docker]
    [runners.docker.tmpfs]
        "/ramdisk" = "rw,exec"

  In our case, compiling kernels requires executing scripts, so we use exec for our tmpfs mounts.

  You must be specific for exec! As an example, this tmpfs volume will be mounted with noexec since that is the default:

  [runners.docker]
    [runners.docker.tmpfs]
        "/ramdisk" = "rw"

  Extra speed

  For even more speed, we moved the objects generated by ccache to the ramdisk. The seek times are much lower and this allows ccache to look for its cached objects much more quickly.

  Git repositories are also great things to stash on tmpfs. Big kernel repositories are usually 1.5GB to 2GB in size with tons of files. Checkouts are really fast when they’re done in tmpfs.

  Dangers are lurking

  ⹠️ As mentioned earlier, beware of the dangers of tmpfs.

  • All of the containers on the machine will share the same amount of RAM for their tmpfs volumes. Be sure to account for how much each container will use and how many containers could be present on the same machine.

  • Be aware of how much memory your tests will use when they run. In our case, kernel compiles can consume 2-4GB of RAM, depending on configuration, so we try our best to leave some memory free.

  • These volumes also have no limits on how much data can go into the volume. However, if you put too much data into the tmpfs volume and your system runs critically low on available RAM, you could see a huge drop in performance, system instability, or even a crash. đŸ”Ľ

  Photo credit

August 15, 2019

• Idle Words A Walk In Hong Kong

  

  My mom fainted the first time she set foot in an American supermarket. It was 1981 and we were freshly arrived in America, and some combination of the culture shock and smell and sensory overload of a Safeway was too much for her, not normally a fainting woman.

  I didn’t faint, but I stood transfixed in the cereal aisle. After six long years on Earth, here was a place that understood me. These were cartoon characters, made of pure sugar, that you could eat as a meal. Every box had a toy inside. How could I possibly choose just one?

  Houston in that era was not an earthly paradise. But try telling that to visitors like us, dazzled by the sheer abundance of American capitalism. There were superhighways in the center city! Everyone had a giant car! You could drive that car up to a restaurant with a yellow “M” on it, and a teenager would hand you a bucket of pink ice cream through the window! According to the sign on the restaurant, this had happened billions of times. It was overwhelming.

  All that prelude is to say, coming in to the Hong Kong protests from a less developed country like the United States is disorienting. If you have never visited one of the Zeroth World cities of Asia, like Taipei or Singapore, it can be hard to convey their mix of high density, mazelike design, utterly reliable public services, and high social cohesion, any more than it was possible for me or my parents to imagine a real American city, no matter how many movies we saw. And then to have to write about protests on top of it!

  It’s hard to write articulately about the Five Demands when one keeps getting brought up short by basic things, like the existence of clean public bathrooms.

  The time and location of protests are set via social media alchemy; once you get notified about one, you descend through a spotless mall onto a bright and clean train platform, get whisked away by a train that arrives almost immediately, step out into another mall, then finally walk outside into overwhelming heat and a gathering group of demonstrators.

  When it’s over, whether the demonstrators have dispersed of their own will, or are running from rubber bullets and tear gas, you duck into another mall, and another train, and within minutes are back in a land of infinite hypercommerce, tiny alleys and posh hotels with their lobby on the 40th floor of a skyscraper.

  Not everyone lives in a luxury hotel, man! I get it. But my eyes are like saucers. I ask forgiveness of Hong Kongers if at times I am still that six year old kid, dazzled by what to you is ordinary. You live in a kind of city we Americans can only aspire to, and it’s no wonder you love your home so much you will take any risk to save it.

  Saturday, August 10

  Word spreads that there will be a protest in Tai Po, a residential district in the New Territories, close to the border. The protesters have been cycling events through different neighborhoods, as a way of building sympathy with the people, who can look out from their windows and watch the police reaction firsthand. At this point, the police reaction almost inevitably means tear gas, and people have been gassed in their own apartments, on high floors. This is a particular hardship for the sick and elderly, already struggling in the heat.

  One of the deeper causes of the present crisis of legitimacy is the housing crisis in Hong Kong, another way in which the government has failed the people it is meant to represent, and you can see it in the extraordinary density of apartment buildings, each unit pock-marked with an air conditioner, tiny living spaces with some of the highest rents in the world.

  Tai Po is easily reachable by MTR, the city’s commuter train system. Everywhere except the islands is easily reachable by MTR. The MTR is the one technology the Hong Kong protests could not do without, an autonomous fiefdom that the police mostly stay out of. It is neutral territory. The train ride is uneventful until we get off at Tai Po station, where there are an unusual number of people in black, the color of the protests (lucky is the Hong Konger who started the summer as a goth or metal fan, and has some wardrobe options!)

  The arriving protesters stream out of the station in groups, consolidating as they approach the rallying point in a local park. Volunteers along the way pass out flyers and hold directional signs. There is a mix of ages, though they trend young. The typical Hong Kong protester, researchers tell us, is a college educated professional in their twenties. There is a roughly equal gender balance.

  The streets around the park are almost free of traffic. After a brief false start in the wrong direction, the crowd turns itself around with hand signals and begins to march. The atmosphere is festive, with lots of chanting of “ga yao” (add oil), the idiomatic phrase that is now finding its way into English.

  Once every few minutes a stray vehicle wanders into our path, and demonstrators take pains to let it through, with self-selected volunteers parting the crowd. If the taxi honks in support, a cheer goes up from the marchers.

  The road takes us past lush parkland, where skinny white birds observe us from the treetops, and then through a business district with no police, few pedestrians, and almost no traffic. Many stores along the route have been shuttered in anticipation of the march, but the second-floor restaurant windows are full of curious faces. People are photographing us, and we photograph them back. When someone waves or shouts support, whether from the street or from a passing vehicle, the same cheer goes up.

  In the windows, we can see couples on dates, curious children with their hands pressed to the glass, and store keepers looking out with an appraising eye. Up in the high rises, old men in undershirts lean down to watch.

  A Thai restaurant has stayed open. The hand-lettered sign in its window invites demonstrators in for free refreshments. There is nothing you can pay for in a protest - volunteers hand out gas masks, water, tea, and endless flyers, designed and printed with astonishing alacrity in response to each day’s events. Anything you may need, people have donated.

  Across the street, a man is sticking post-its to the shuttered storefront of a 7-11, creating another one of the post-it walls that are all over Hong Kong. The airport protest on Friday even had a guy styling himself Memo Man, dressed in a black body suit you could paste notes to, until he looked like a paper hedgehog.

  The level of heat and humidity is almost comical. My slavic body is shutting down, in a process so unsettling to fellow marchers that concerned people start offering me water or tiny, single use tissues. These turn into wet confetti the second they touch my face. You might as well try to stop Niagara with a hand towel.

  “It’s okay,” I tell them. “This is normal. I’m not dying—I’m Polish.” They edge away.

  Our group at this point numbers in the thousands. We pass through another neighborhood of residential high-rises and find ourselves at a large, empty intersection. In the distance on the left there is a pedestrian overpass full of journalists (we can tell because they’ve set up antenna tripods). Beyond the overpass stands a line of cops, their plastic shields glinting in the sun.

  With the police visible, there is a little bit of a hush in the crowd. The march continues in a direction parallel to the police line, to another major intersection. There, volunteers are yelling to offer marchers a choice. We can turn right and walk to a nearby train station. Or we can go left and confront the police. Most people choose to go left, and are handed surgical masks (to hide their faces) if they don’t already have them.

  The police station is just ahead, a five-story building with large Eiffel tower-style antennas on the roof. Another line of riot police has blocked the road leading to it, and journalists rush to get pictures. The demonstrators stop and confer.

  I should say a few words here about the curious way the protests are organized. The protesters learned in 2014 that having leaders was a weakness. Once the leadership was arrested, the heart went out of the occupy movement, and it lost momentum. So in 2019, there is no leadership at all. The protests are intentionally decentralized, using a jury-rigged combination of a popular message board, the group chat app Telegram, and in-person huddles at the protests.

  This sounds like it shouldn’t possibly work, but the protesters are too young to know that it can’t work, so it works.

  The protesters divide themselves into groups based on how much they can risk being arrested. The issue is not jail time, but the prospect of losing a job or being kicked out of school, now that China has shown it will crack down ferociously on companies that employ demonstrators.

  The frontmost group are the people who actually come into contact with the police, and put themselves at greatest risk of arrest. Behind them there is a supply group, who passes water and other essentials forward, and helps those in front if they are hurt. And behind that is the great body of demonstrators. Those who will be up front are given leeway to make decisions, including telling the crowd to move back and make room, or deciding to disperse and reassemble elsewhere.

  Now these frontline protesters have formed a huddle to discuss the tactical situation. Protesters around them shield the group from surveillance with umbrellas. The police watch, and the rest of us wait.

  Journalists are all over these protests. Members of the local press wear yellow vests marked PRESS, and put on headgear if things start to get spicy. Some of the foreign correspondents elect to dress more elaborately, looking like they’re about to explore the lunar surface rather than interview a tiny retiree. You can spot key events or celebrities in the protests by looking for the circle of yellow vests, and pyramid of selfie sticks raised above whatever is happening.

  The protesters, like beavers, have a strong building instinct. They want to make barricades. The preliminary huddles have expressed concern that we are not on favorable terrain. The police is dead ahead, the street is bordered by a culvert and stream, and it would be too easy to cut the protesters off from behind. So a new set of huddles forms, screened by umbrellas, and after a few minutes we see that they have reassembled steel barricades into triangle shapes, held together by plastic ties, which they will assemble and tie together to block the side roads.

  A great hurrah goes up as a group of masked protesters runs one of these triangles down the road, the crowd zippering open in front of them. As they run, the umbrella holders run alongside to keep them screened. Another triangle platoon runs its barricade down to the intersection.. And then - disaster! A third triangle is rushed down the street, but the squad misses their turn, and races off into the distance. The crowd roars for them to stop. Far down the road, they skid to a halt, re-form, and rush back. More cheers.

  The rest of us stand and watch this business unfold. It is four o’clock and the heat is cooking me from within. A breeze is blowing towards the police line, and there is speculation that this is why the police have not fired tear gas. The foreign journalists in their body armor are all up at the front of the protest, so there is a disorienting dynamic where people further back can follow a Bloomberg live stream what is happening two hundred meters to their front. Flummoxed by the wind, the police have instead brought out pump tanks of pepper spray, like giant hot sauce dispensers, and are brandishing them at the front of the crowd.

  More time passes. Finally, the decision surfaces that the position is too unfavorable. This has been another development in the protesters’ tactics since the start of the summer. Rather than standing their ground, they have found it more effective to melt away and reassemble somewhere else. The tactic is a classic one, but I am impressed with the ability of a decentralized group to adopt it so effectively.

  And so, everyone makes their way back to the train station, where again things transition to normal, as if a street protest with thousands of participants hasn’t just happened. The trains absorb the extra passengers easily (the New York subway would be in flames), and we return to the heart of the city.

  Sunday, August 11

  The next day there is an authorized protest in Victoria Park, where a dour Queen Victoria in the late years of her reign sits sweltering on a metal throne.

  These authorized protests are becoming rare, even though Hong Kongers are supposed to enjoy freedom of assembly. In June and July, the police would routinely grant the permits that the leaderless protests always found a way to apply for. More recently, the police have switched tactics and are now refusing permits, then tear-gassing the inevitable illegal assembly.

  But today’s rally is official. Demonstrators line the edges of the big open basketball courts and soccer fields, wherever there is a scrap of shade. A first aid station has been set up by the medical volunteers, and free water and electrolyte drinks are available to everyone. The air is still, making the heat worse, and for hours nothing really happens, just a crowd standing and half-listening to speakers rallying the crowd from the stage. A small group of Buddhists has set up incense and performs a ceremony in the frame of a soccer goal.

  Anticipating where the real protest will happen feels just like hoping you’re one of the people cool enough to be told about the afterparty. You keep one eye on the cool kids, in this case the fully masked protesters. As long as they are still around, we know we haven’t missed out on anything.

  Finally, around six o’clock, two lines of people form up and start to move. We are on the march.

  The crowd shifts and reconfigures to start making its way out of the park. We file past groups of Indonesian women in hijab, sitting on flattened cardboard and having their picnic in the park. No amount of politics is going to deprive them of their precious day off. Queen Victoria looks down at us with disapproval, and then, just like that, we a re an illegal assembly. Speakers at the edge of the park blare out an awful, saccharine anthem as we reach the main road. I put on my hard hat.

  It is hard to believe this is the tenth week of protests. The energy and numbers are just astonishing. In spite of the relentlessness of the police, in spite of the beatings from thugs who the authorities have allowed to rough up people with impunity, every weekend Hong Kongers come out to march.

  We move in the direction of City Hall, down a thoroughfare lined with Times Square-like animated advertising. The crowd boos and shines lasers on a large animated sign belonging to a mainland Chinese newspaper. Then there is a sudden stop and a sea of hand gestures, thumb and pinky out, hands twisting rapidly. Someone up in the vanguard needs an Allen wrench! This is procured and passed, and then the gesture turns to a “C” shape. They need a monkey wrench!

  Finally, whatever barricade full of hex nuts that is impeding our progress gets dismantled, and the crowd flows on through.

  The march is entering the administrative heart of the city. It parts for a while to let through some trapped buses and taxis, and then re-forms again, moving toward Central. We are getting close to police headquarters, and soon a decision will be necessary. As we get closer, all motion stops, more consultative huddles form, and twenty or so aimless minutes go by.

  Then, a hand gesture. Retreat. The police are too strong here. The crowd heads back in the general direction of the park.

  A woman standing on a concrete planter by the MTR station is yelling “go to Tsim Sha Tsui!”. People are looking at their phones, checking the latest news. Some of the Telegram groups around the protests have tens of thousands of participants, and information gets amplified quickly. We decide to follow the woman’s advice and take the train to Kowloon.

  Down in the MTR, it’s a different world. Though we have just left a huge protest march, here we are in the midst of families, couples on dates, elderly people, women in saris, white expats in business clothes. The helmets come off and we again join the ranks of the lawfully assembled, the train system effortlessly absorbing a surging crowd that would turn BART into a mass tomb.

  At Tsim Sha Tsui station we meet an arriving train full of demonstrators, some already wearing pink-capped respirators. We follow them up and out onto the street, emerging somewhat unexpectedly outside a mosque, where a South Asian woman on the steps is yelling “no photos!”. She doesn’t mean not to photograph the mosque. Rather, she’s yelling at people who are taking photos of the demonstrators from its steps.

  We are now in the heart of the tourist district, with hotels and fancy restaurants all around us. If I came here during the day, I would be stopped and asked a dozen times if I wanted my clothes tailored. Tonight, the tailors have stayed home. The street is a sea of black-clad people in masks and hard hats. Word goes around that tear gas has already been fired two blocks away, and I fumble to get my equipment on.

  The Persian poets say the nose is the outpost of the face. I am normally proud of mine. Its great bulk has preceded me into every difficult situation in my life, sniffing out both danger and opportunity.

  But the mask I bought here is designed for more delicate faces than mine. When I put it on, it somehow channels the air I exhale directly into my goggles, which fog up instantly. I can only see for a few seconds at a time before the world turns into a white mist. But, I reason, not being able to see from condensation will be much better than not being able to see from tear gas. I hang goggles and mask around my neck and await developments.

  The crowd has begun to move in the direction of the police. Up ahead, someone is waving a big black flag with the Hong Kong emblem on it. They are silhouetted against a pale cloud of smoke, and as I watch I see streams of more smoke falling in arcs around the flag waver. That is the tear gas.

  The people around me are filling bottles with water. Tear gas is kind of a misnomer - it’s a solid dispersion that gets deliverd through a burning smoke bomb. You can extinguish it by dousing it in water The kids have a well-practiced assembly line going, delivering water to the front line, and I try to stay out of everybody’s way.

  Supply volunteers are handing out wet wipes (to get the chemical residue off your skin) and single-use plastic sticks of saline solution for an eye rinse. I am just moving up to get a better view of the flag waver when a tear gas canister lands at my feet, and I suddenly remember an important engagement elsewhere.

  When you are in a foreign land with strangers, it is good to have shared interests. They bring people together across cultural and linguistic barriers. Right now, the crowd and I are all deeply interested in moving back a bit. As we go, medical volunteers approach people who have been affected by the tear gas and help them rinse their eyes. “Don’t rub.” Everybody is tended to. Hong Kong protests have better medical care than any place in America, I think, in another of those little culture shock moments that keep lifting me out of the situation.

  For a while, the situation is static. I notice the flag waver has never stopped, defiantly waving right in front of the police line. Word comes that the police have now raised an orange warning flag, which means they will use rubber bullets.

  The front line asks for people to move further back, and we comply. It is dangerous to look directly back into the crowd because of the dozens and dozens of green lasers being beamed in the direction of the police (who have taped foil to their visors as a defense).

  At one point, I hear a tremendous cheer go up. A group of protesters rushes past with their prize, a tall section of scaffolding they have detached from a nearby work site. The lasers dance over it in celebration. It is rushed forward for barricade duty on the front line. I see other people forming a bucket brigade to pass up water bottles.

  Then, for no reason I can see, there is panic. People are running flat out, and I worry about being knocked down in the surge. I catch the briefest glimpse of a woman with no protective gear, dressed normally, who is weaving her way upstream through the escaping demonstrators with a placid smile on her face.

  When the running subsides, I duck behind a tree in the median. I don’t know what’s going on, only that people ran and now have stopped running. Someone says that the police line has pushed forward. Then there is a new sound from up front, the pop-pop-pop of rubber bullets being fired, and people start to run again. “When in Rome,” I think to myself, and our little group legs it into the first side street we can find. And there we come across an open snack stall.

  “Snacks!” I cry, taking off my helmet.

  With tear gas, adrenaline, and the advancing riot police behind us, an appetizing line of skewers is displayed in neat rows ahead of us, in front of vats of steaming broth. The choice is obvious.

  I select skewers of indeterminate seafood and wait for them to be heated by the completely unfazed proprietor. We are in little side street full of boutiques, stores and restaurants, many of them still open, the owners standing outside to assess the situation. Other demonstrators are filing past in their headgear deciding which way to go to avoid the police.

  I put my mask and goggles in the backpack, and return to the role of ordinary tourist. In this respect, I am far more fortunate than Hong Kongers, who will have to worry about being stopped at random by police on their way home, and being caught with masks and helmets on their person.

  I can’t get over the oddness of the situation. In one direction is bedlam, in the other complete normalcy, separated by a few hundred meters. Some actual tourists are weaving about, worried, and demonstrators turn them around if they accidentally head towards the tear gas. “

  Skewers eaten, we elect to call it a night, and find our way to the nearby MTR train station. The escalator at the entrance is not working, the first time I’ve seen anything fail to function in this indomitable train system. Underground, the station is packed with demonstrators, and illuminated signs above our heads apologize for the slight disruption in service. Trains are now running every seven minutes, instead of every two, and MTR regrets the inconvenience.

  Sympathetic subway workers have opened the gates to the platform, so people can get to the platform without a potentially trackable swipe of their Octopus card (the magic rechargeable card with which you can buy almost anything in t he city).

  And then, just as we are descending the escalator to the train tracks, a group of demonstrators rushes in behind us and calling for everyone to run—the police are coming.

  This is the scariest moment of the night, as a quick stampede starts in the very confined space of the escalator. I am terrified that someone will trip and get trampled. On the train, people are holding the doors open, and yellow-shirted MTR personnel appear to restore order. Protests are protests, but the MTR must run!

  Later that night, we will learn that in another subway station, police fired tear gas canisters directly at people, a terrible thing to do in a confined space. There is video of police beating unarmed protesters savagely on an MTR escalator. And the whole city sees the pictures of a young medic who lost the vision in her eye after police shot her in the face with a bean bag round. The outrage from those acts of violence will provoke the massive protests that shut down the airport on Monday and Tuesday.

  But that news is still a few hours away, and again the MTR performs its alchemy of taking us into a world apart, the skyscrapers and hotels around Central, where the view is of tankers and brightly lit junks drifting through the harbor, and there is no sign at all of the turmoil we have just witnessed.

  That is the Hong Kong I saw last weekend. I don’t know - I suspect no one knows - what will happen tomorrow. The only sure thing is that people will march. There are many Hong Kongers and other smart people writing online who can explain the political context of the protests, the likelihood of intervention, and what this means in a deeper way. I am just a visitor who perhaps thinks too much about fish cakes when being tear gassed.

  But I hope everyone stays safe, that the inevitable protests this weekend are allowed to proceed peacefully, and that those in a position to escalate the crisis instead recognize the fundamental reasonableness of what Hong Kongers are asking for—to be ruled by the agreed laws, applied fairly to all. Above all, I hope no one is hurt.

  To the many, many Hong Kongers who have shown kindness and gone out of their way to welcome visitors to their city even in these difficult times, I want to offer my deepest gratitude. What to me is something to observe and write about, to you has become a question of survival.

  Thank you for letting me join you in your city, and see what you are experiencing at first hand. I know that in America, all our hearts will remain with you, and with Hong Kong, whatever comes next.

• USENIX Blog Facebook awards $100,000 to 2019 Internet Defense Prize winners

  Cross-posted at the Facebook Research blog.

  The Internet Defense Prize is a partnership between USENIX and Facebook that aims to reward security research that meaningfully makes the internet more secure.

• The Atlantic: In Focus Photos: The Statue of Liberty, Mother of Exiles (25 photos)

  The 151-foot-tall Statue of Liberty, officially Liberty Enlightening the World, designed by Frédéric Auguste Bartholdi and Gustave Eiffel, was a gift to the United States from the people of France in 1886. With a tablet inscribed with the date of America’s independence, a broken chain beside one foot symbolizing the abolition of slavery, and a guiding light held up for the world to see, the structure is loaded with symbolism. The sonnet “The New Colossus,” written by Emma Lazarus for the statue, reads in part: “Here at our sea-washed, sunset gates shall stand / a mighty woman with a torch, whose flame / is the imprisoned lightning, and her name / Mother of Exiles.” The statue has stood watch over New York Harbor for more than 130 years, as the nearby city skyline evolved and grew dramatically. Gathered below, images of the Statue of Liberty, inside and out, from her birth in Paris to the present day.

  

  
• Centauri Dreams Modeling Early JWST Work on TRAPPIST-1

  So much rides on the successful launch and deployment of the James Webb Space Telescope that I never want to take its capabilities for granted. But assuming that we do see JWST safely orbiting the L2 Lagrange point, the massive instrument will stay in alignment with Earth as it moves around the Sun. allowing its sunshield to protect it from sunlight and solar heating.

  Thus deployed, JWST may be able to give us information more quickly than we had thought possible about the intriguing system at TRAPPIST-1. In fact, according to new work out of the University of Washington’s Virtual Planetary Laboratory, we might within a single year be able to detect the presence of atmospheres for all seven of the TRAPPIST-1 planets in 10 or fewer transits, if their atmospheres turn out to be cloud-free. Right now, we have no way of knowing whether any of these worlds have atmospheres at all. A thick, global cloud pattern like that of Venus would take longer, perhaps 30 transits, to detect, but is definitely in range.

  “There is a big question in the field right now whether these planets even have atmospheres, especially the innermost planets,” says Jacob Lustig-Yaeger, a UW doctoral student who is lead author of the paper on this work. “Once we have confirmed that there are atmospheres, then what can we learn about each planet’s atmosphere — the molecules that make it up?”

  

  Image: New research from UW astronomers models how telescopes such as the James Webb Space Telescope will be able to study the planets of the intriguing TRAPPIST-1 system. Credit: NASA.

  Working with Lustig-Yaeger are UW’s Victoria Meadows, principal investigator for the Virtual Planetary Laboratory, and doctoral student Andrew Lincowski. The latter should be a familiar name if you’ve been following TRAPPIST-1 studies, because back in November of 2018 he was lead author on a paper on climate models for this fascinating system (see Modeling Climates at TRAPPIST-1).

  We’ll now be hoping to follow up that work with early JWST data. Briefly, Lincowski and team pointed to the extremely hot and bright early history of TRAPPIST-1, a tiny M-dwarf 39 light years out with a radius not much bigger than Jupiter (although with considerably more mass — the star is about 9 percent the mass of the Sun). These early conditions could produce planetary evolution much like Venus, with evaporating oceans and dense, uninhabitable atmospheres. The Lincowski paper, though, did point to TRAPPIST-1 e as a potential ocean world.

  These findings were in the context of a system among whose seven transiting worlds are three — e, f and g — that are positioned near or in the habitable zone, where liquid water might exist on the surface. Now we have Lustig-Yaeger and company modeling our early JWST capabilities. The paper finds that beyond the presence of an atmosphere, we may be able to draw further conclusions, particularly with regard to the evolution of what gas envelopes we find.

  Although oxygen as a biosignature may not be detectable for the potentially habitable TRAPPIST-1 planets, oxygen as a remnant of pre-main-sequence water loss may be easily detected or ruled out… the 1.06 and 1.27 µm O₂-O₂ CIA [collisionally-induced absorption] features are key discriminants of a planet that has an oxygen abundance greatly exceeding biogenic oxygen production on Earth and may therefore indicate a planet that has undergone vigorous water photolysis and subsequent loss during the protracted super-luminous pre-main-sequence phase faced by late M dwarfs,,,

  Such features could be detected fairly quickly:

  … in as few as 7-9, 15, 8, 49-67, 55-82, 79-100, and 62-89 transits of TRAPPIST-1b, c, d, e, f, g, and h, respectively, should they possess such an atmosphere. These quoted number of transits may be sufficient to rule out the existence of oxygen-dominated atmospheres in the TRAPPIST-1 system. Additional evidence of ocean loss could be provided by detection of isotope fractionation, which may also be possible in as few as 11 transits with JWST.

  Moreover, the authors find that water detection could help to pare down various evolutionary scenarios on these worlds, particularly for TRAPPIST-1 b, c and d, assuming atmospheres high in oxygen content that have not been completely desiccated by the star’s early history. Thus we are probing planetary evolution, but assessments of habitability are going to be tricky, and it seems clear that we will need to turn such analysis over to future direct-imaging missions.

  On balance, we are talking about getting useful results with a fairly low number of transits. JWST’s onboard Near-Infrared Spectrograph will use transmission spectroscopy — where the star’s light passes through a planet’s atmosphere to reveal its spectral ‘fingerprint’ — to detect the presence of an atmosphere via the absorption of CO₂. Such analysis can likewise either detect or rule out oxygen-dominated atmospheres, while constraining the extent of water loss through measurements of H₂O abundance. All of this provides fodder for other, still evolving observing strategies using the JWST instrument package that can begin the characterization of these compelling worlds.

  The paper is Lustig-Yaeger et al., “The Detectability and Characterization of the TRAPPIST-1 Exoplanet Atmospheres with JWST,” Astronomical Journal Vol. 158, No. 1 (21 June 2019). Abstract / preprint. The Lincowski paper referenced above is “Evolved Climates and Observational Discriminants for the TRAPPIST-1 Planetary System,” Astrophysical Journal Vol. 867, No. 1 (1 November 2018). Abstract / Preprint.

  

  

  
• Station Project Learn About Ham Radio at HamXposition @ Boxboro
  

  Remote HF GOTA Station at HamXpositon

  The Nashua Area Radio Society will be hosting several activities and displays at HamXposition this year. Our planned activities include:

  • NEW! Ham Bootcamp Program – a hands-on activity to help folks get on the air and build their stations
  • Our Ham Expo Display featuring information and hands-on activities you can do with Amateur Radio
  • A Kit Building Activity featuring a choice of two different kits
  • Multiple Get On The Air Stations including an HF Remote GOTA station and an on-site Satellite GOTA station
  • A Special Event Station using the N1T Callsign
  • NEW! Radio Programming Station – Get your FM HT programmed with a custom repeater list for your location
  • Two Forum Presentations by Nashua Area Radio Society Members

  The ARRL and the HamXposition team have been helping us to promote our activities. You can see what the ARRL is saying about our plans in their recent posting – Dayton Hamvention Radio Club of the Year to Hold Ham Bootcamp at New England Convention.

  You can learn more about HamXposition and our activities there at the HamXpostion website.

  Ham Bootcamp

  

  We have created a program that we call Ham Bootcamp. Bootcamp to helps recently licensed and upgraded hams to get on the air. We are making this program available to up to 100 HamXpostion attendees on a first-come-first-served basis.

  Our Bootcamp program will run from 9 am to noon on Saturday, September 7th in the Federal Room. Bootcamp will feature tracks for both Technician and General class license holders. It is also a great place for folks who are not yet licensed to learn more about Amateur Radio and how to get on the air.

  Our Bootcamp program will include:

  • How to make a contact and join a repeater net
  • Putting together an HF station
  • Radio, antenna, and feed line choices
  • Getting started with FT8 and digital modes
  • Exchanging QSL cards
  • Learning Morse code
  • Tips on upgrading
  • Introduction to ham radio kit building
  • Handheld radio programming tutorials

  Ham Bootcamp is free.  Participants will receive discount certificates for a kit build at the show and for purchase of Ham Radio Gear from Ham Radio Outlet.

  You can learn more about Ham Bootcamp on the HamXposition website and on our website.

  …

  Source: Interest and Excitement Around HamXposition Is Building

  I wanted to share our plans for several hands-on activities at HamXposition @ Boxboro in September. We hope that Ham Bootcamp will be of particular interest to folks getting into Amateur Radio. You can learn more about Ham Bootcamp and all of our planned activities via the link above. We hope to see some of our readers at HamXpostion next month!

  Fred, AB1OC

• Mozilla Hacks (watch for Iodide articles) Using WebThings Gateway notifications as a warning system for your home

  Ever wonder if that leaky pipe you fixed is holding up? With a trip to the hardware store and a Mozilla WebThings Gateway you can set up a cheap leak sensor to keep an eye on the situation, whether you’re home or away. Although you can look up detector status easily on the web-based dashboard, it would be better to not need to pay attention unless a leak actually occurs. In the WebThings Gateway 0.9 release, a number of different notification mechanisms can be set up, including emails, apps, and text messages.

  Leak Sensor Demo

           

  In this post I’ll show you how to set up gateway notifications to warn you of changes in your home that you care about. You can set each notification to one of three levels of severity–low, normal, and high–so that you can identify which are informational changes and which alerts should be addressed immediately (fire! intruder! leak!). First, we’ll choose a device to worry about. Next, we’ll decide how we want our gateway to contact us. Finally, we’ll set up a rule to tell the gateway when it should contact us.

  Choosing a device

  First, make sure the device you want to monitor is connected to your gateway. If you haven’t added the device yet, visit the Gateway User Guide for information about getting started.

  Now it’s time to figure out which things’ properties will lead to interesting notifications. For each thing you want to investigate, click on its splat icon to get a full view of all its properties.

  

  You may also want to log properties of various analog devices over time to see what values are “normal”. For example, you can monitor the refrigerator temperature for a couple of days to help determine what qualifies as an abnormal temperature. In this graph, you can see the difference between baseline power draw (around 20 watts) and charging (up to 90 watts).

  

  Charger Power Consumption Graph

  In my case, I’ve selected a leak sensor so I won’t need to log data in advance. It’s pretty clear that I want to be notified when the leak property of my sensor becomes true (i.e., when a leak is detected). If instead you want to monitor a smart plug, you can look at voltage, power, or on/off state. Note that the notification rules you create will let you combine multiple inputs using “and” or “or” logic. For example, you might want to be alerted if indoor motion is detected “and” all of the family smartphone “presence” states are “inactive” (i.e., no one in your family is home, so what caused motion?). Whatever your choice, keep the logical states of your various sensors in mind while you set up your notifier.

  Setting up your notifier

  The 0.9 WebThings Gateway release added support for notifiers as a specific form of add-on. Thanks to the efforts of the community and a bit of our own work, your gateway can already send you notifications over email, SMS, Telegram, or specialized push notification apps with new add-ons released every week. You can find several notification add-on options by clicking “+” on the Settings > Add-ons page.

  

  The easiest-to-use notifiers are email and SMS since there are fewer moving parts, but feel free to choose whichever approach you prefer. Follow the configuration instructions in your chosen notifier’s README file. You can get to the README for your notifier by clicking on the author’s name in the add-on list then scrolling down.

  You’ll find a complete guide to the email notifier here: https://github.com/mozilla-iot/email-sender-adapter#email-sender-adapter.

  Creating a rule

  Finally, let’s teach our gateway how and when it should yell for attention. We can set this up in a simple drag-and-drop rule. First, drag your device to the left as a trigger and select the “Leak” property.

  

  Next, drag your notification channel to the right as an effect and configure its title, body, and level as desired.

  

  Your rule is now set up and ready to go!

  

  The finished rule!

  You can now manually test it out. For a leak sensor you can just spill a little water on it to make sure you get a text, email, or other notification warning you about a possible scary flood. This is also a perfect time to start experimenting. Can you set up a second, louder notification for when you’re asleep? What about only notifying when you’re at home so you can deal with the leak immediately?

  

  A more advanced rule

  Notifications are just one small piece of the WebThings Gateway ecosystem. We’re trying to build a future where the convenience of a connected life doesn’t require giving up your security and privacy. If you have ideas about how the WebThings Gateway can better orchestrate your home, please comment on Discourse or contribute on GitHub. If your preferred notification channel is missing and you can code, we love community add-ons! Check out the source code of the email add-on for inspiration. Coming up next, we’ll be talking about how you can have a natural spoken dialogue with the WebThings Gateway without sending your voice data to the cloud.

  The post Using WebThings Gateway notifications as a warning system for your home appeared first on Mozilla Hacks - the Web developer blog.

• Planet Labs Blog Planet Analytics No Longer in Beta, Achieve Global Scale

  Today, Planet Analytics Feeds are moving out of beta, and our three flagship Analytics Feeds—Road Detection, Building Detection, and Vessel Detection—can now scale globally and are offered off-the-shelf. This means that customers can leverage these feeds on top of Planet imagery products and get automated road, building, and vessel detections over their areas of interest, with no custom builds required.

  Planet’s customers manage large volumes of imagery, but are often interested in tracking specific objects or features. This kind of analysis can be costly, time consuming and labor-intensive when done manually, sometimes leading organizations to use resources inefficiently or expose themselves to risk.

  But with Planet Analytics, machine learning and cloud computing do the heavy lifting. Rather than spending their time manually annotating imagery or building bespoke models—users can select an area to monitor and automatically get detections for vessels on a particular day, or road and building detections for a particular month, all computed in a matter of minutes.

  “One of the biggest challenges our users face is becoming overwhelmed by the amount of data collected for analysis,” says Justin Davis, product manager at Planet. “Our analytics reduce stresses on customer time and energy to help prioritize resources so customers can make faster, more effective decisions.”

  Imagine you’re interested in tracking and locating ships that have their automatic identification system (AIS) signals turned off, and could be carrying illegal cargo. The Vessel Detection Feed can pinpoint ships, revealing when they arrived and departed in a port or off a coastline.

  Similarly, if you’re an organization monitoring new infrastructure or construction, you can choose an area you want to survey, then leverage Road Detection and Building Detection to track new developments on a monthly basis.

  “The high temporal cadence of Planet Analytics allows customers to establish baselines of infrastructure and activity, and get an early signal that something has changed, so they can prepare for and mitigate risks,” Davis says.

  Every pixel tells a story, it just requires some work to make the story come alive. At Planet, we’re focused on making it easier to find those insights and stories, so our customers have to do less of the heavy lifting.

  Be the first to hear about new product releases, including Planet Analytics, by registering for our first-ever user conference, Planet Explore 2019, on October 15 and 16 in San Francisco.

• Arxiv Review A hotter planet will make solar power less efficient
  Photovoltaic cells are notoriously sensitive to temperature. Now a new study reveals how global warming will reduce output across the globe by 2100.
• W2LJ Uncharted Territory
  As we come closer and closer to the NJQRP Skeeter Hunt this Sunday, I'd like to report that we are in "Uncharted Territory". And by that, I mean that I just handed out Skeeter # 186 to WB4AEG.
  
  186 Skeeters so far! Wow, if memory serves me correctly, the highest we ever got was somewhere in the 170's.
  
  For those of you who read this blog on a regular basis, you all know how much I love Amateur Radio, particularly QRP, CW and portable ops. The Skeeter Hunt is really nothing more than my way of saying "Thanks!" for all of that and paying forward for all the joy this hobby has given me over that past 40 years. It also allows me to share my passion with all of you.
  
  The fact that this hobby (doesn't quite seem like the right word) has also led towards making some awesome friendships is just icing on the cake. There are a lot of you out there who I have never met face-to-face; but yet I have great admiration and fondness for.
  
  The weather for Sunday for Central Jersey is partly cloudy with a high of 90F (32C). I hope to get a lot of you in the log. I never go into any of these Sprints with the intent on winning. Maybe that's the wrong attitude, but that's just the way I am. I'm perfectly happy with getting to make contacts with friends, even if it's just for a few seconds at a time.
  
  So I hope to hear all of you this coming Sunday. Hopefully, propagation will be decent for that short amount of time and we'll all get to fatten up our logbooks - and have a blast in the process - as well as make a few more happy memories. And speaking of memories ...... this year the Skeeter Hunt is being dedicated to the memories of three stalwart Skeeters who are no longer with us - Hank N8XX , Ken WA8REI, and Joe N2CX. Their keys may be silent, but their memories live on in those of us with whom they shared the airwaves.
  
  BTW, Skeeter numbers are still being handed out until Sunday morning. Just e-mail w2lj@arrl.net with your name, call, and state/province.  Come join us and see what the BZZZZZ is all about! If you're iffy because you feel your CW skills are not up to snuff, we'll slow down for you! And bring along your microphone, because SSB is also welcome in the NJQRP Skeeter Hunt.
  
  72 de Larry W2LJ
  QRP - When you care to send the very least!
  
  
  
• Bruce Schneier Bypassing Apple FaceID's Liveness Detection Feature

  Apple's FaceID has a liveness detection feature, which prevents someone from unlocking a victim's phone by putting it in front of his face while he's sleeping. That feature has been hacked:

  Researchers on Wednesday during Black Hat USA 2019 demonstrated an attack that allowed them to bypass a victim's FaceID and log into their phone simply by putting a pair of modified glasses on their face. By merely placing tape carefully over the lenses of a pair glasses and placing them on the victim's face the researchers demonstrated how they could bypass Apple's FaceID in a specific scenario. The attack itself is difficult, given the bad actor would need to figure out how to put the glasses on an unconscious victim without waking them up.

• Zwischenzugs How Long Will It Take For The Leavers To Leave?

  This piece seeks to answer a simple question: how long would it take for enough people to die that the Brexit decision would be reversed?

  This has been informally speculated on before, but I haven’t seen any analysis done on the numbers, so I decided to do it myself.

  The tl;dr is that the turning point is around July/August 2020:

  

  Assumptions

  To arrive at this number I had to make some assumptions:

  • Everyone that voted in June 2016 would vote exactly the same way again (or not vote again)
  • Everyone that comes of age to vote would vote in the same proportions (by age group) as in June 2016

  Obviously, these assumptions don’t make a realistic prediction of the result of any second referendum, not least because the question itself would likely be different.

  The Numbers

  To arrive at the number, I first took the raw votes from June 2016:

  • Leave: 17,410,742
  • Remain: 16,141,241

  Then I got the breakdown of votes by age group, based on the figures from Lord Ashcroft’s site here:

  	Leave	Remain
  18-24	0.27	0.73
  25-34	0.38	0.62
  35-44	0.52	0.48
  45-54	0.56	0.44
  55-64	0.57	0.43
  65+	0.60	0.40

  From here, what we need to work out is:

  • How many people will come ‘of age’ to vote per month
  • How many people will die per month, by age group

  Fortunately the ONS collects data on births and deaths by age group, so we can estimate these values.

  How Many New Remainers Will There Be?

  These are the population figures broken down by age group at the time of the 2016 vote, taken from ‘ukmidyearestimates.xls 2012-2016, UK population counts for mid 2016’.

  0-4	4014300
  5-9	4037500
  10-14	3625100
  15-19	3778900
  20-24	4253800
  25-29	4510600
  30-34	4408200
  35-39	4179500
  40-44	4174100
  45-49	4619100
  50-54	4632000
  55-59	4066700
  60-64	3534200
  65-69	3636500
  70-74	2852100
  75-79	2154500
  80-84	1606700
  85-89	993000
  90 and over	571200
  	65648000

  Unfortunately the age groups do not align with Lord Ashcroft’s figures in the first table, but we can estimate the number of people who get the vote every month by taking the number of people in the 15-19 age group (3778900), and multiplying them by 3/5ths to get the number of people who could not vote in 2016 that can three years later.

  This gives us a number of 2267340. Over the three years, this is 62982 people per month that can vote.

  If we assume that the proportions voting for either side remain the same for the 18-24 age group, then 46% more of these votes will go to remain than leave (73% – 27%).

  This gives us a final figure of 18,754 extra remain votes per month.

  How Many Leavers Die Per Month?

  Deaths by age group vary little over the years, so I took the numbers recorded in 2016, 2017 and 2018:

  2016
  15-44	15128
  45-64	62,679
  65+	442,767

  2017
  15-44	14514
  45-64	62,517
  65+	452,329

  2018
  15-44	15140
  45-64	63,913
  65+	456,731

  Looking at these numbers gives roughly 450,000 people in the 65+ age bracket dying per year. Deaths between 15-64 are relatively speaking negligible, and the voting proportions by age group mean that votes lost and gained roughly cancel one another out (the exact numbers give a few dozen more to remain per month, but this can be ignored).

  Dividing 450,000 by 12 gives a figure of 37,500 deaths per month in the 65% age group.

  Taking the net leave vote in that age group (20%) and multiplying out gives a figure of roughly 7,500 leave votes lost per month.

  Taking the net of the two numbers gives a gain for leave votes of about 26,000 per month, resulting in this graph:

  

  which gives a rough crossover point of mid-2020.

  Conclusion

  I’ve made many crude assumptions here, and one could argue on both sides for tweaks to the numbers here and there. For example, you could argue that those in the 15-18 age bracket in 2016 would be even more likely to vote remain than the 18-24 cohort.

  And of course, this analysis makes assumptions that won’t hold true in reality, such as that everyone would vote the same way as in 2016, and the age group analysis of voting patterns was accurate and uniform within the groups.

  Broadly, though, the demographics point to a majority for remain happening around mid-2020 if nothing else changed from 2016.

  ---

  Sources

  Analysis: https://docs.google.com/spreadsheets/d/1n5r6W951DDBvGhD00Ou2Q19aBbAxtOx-n3Chs6RDeek/edit#gid=13089380

  ONS numbers: https://www.ons.gov.uk/peoplepopulationandcommunity/populationandmigration/populationestimates/datasets/populationestimatesforukenglandandwalesscotlandandnorthernireland

  https://www.ons.gov.uk/peoplepopulationandcommunity/birthsdeathsandmarriages/deaths

  Ashcroft Polls:

  https://www.jrf.org.uk/report/brexit-vote-explained-poverty-low-skills-and-lack-opportunities

August 14, 2019

• Space and stuff idk good-and-colorful: guidanceofficer: starsaretimecapsules: gusgr...
  
  
  

  good-and-colorful:

  guidanceofficer:

  starsaretimecapsules:

  gusgrissom:

  neilarmstrong:

  astronauticalaspirations:

  spaceandstuffidk:

  guidanceofficer:

  nucleartriad:

  meco-official:

  egglybagelface96:

  I’m sorry but you have to be a different type of ill to want this‌. t h i n g‌.. to come back.

  lock me up
  

  have you considered

  

  wormball
  

  The worm and the meatball are both okay, but combining them is NOT! It makes you look like a shitty science museum t-shirt! Both the ball and worm have more dignity than their abomination of a child!

  Hmmmmm coming down decidedly pro wormball howEVER worm solo is still superior.

  I’m strongly pro-meatball but I’ll allow the worm in white on a blue background.

  I don’t know how to feel about this

  This is a pro-worm, pro-meatball, pro-wormball blog. Gimme it all.

  

  đŸ˜‰

  yo i’m feeling chaotic so i’m gonna add rudder markings to the discourse

  

  

  meatball-less meatball is the best NASA logo. prove me wrong
  

  This is the most drama I have ever seen in this group of people

  I raise you: meatball-less wormball

• Astro Bob Nights Of The Barley Moon

  

  Just a reminder that the moon will be full around 8:30 tomorrow morning (Aug. 14) Central Time. That means both tonight and tomorrow night the moon will rise about 99.5 percent full. For most of us it will appear full with the naked eye and only betray a slight out-of-roundness in binoculars or a telescope.

  

  The full moon is by far the worse time to see all the the rough and subtle details that low-slanted sunlight coaxes from the craters and valleys that carve the lunar landscape. The sun shines straight into the moon’s “face” like a bright spotlight on an actor’s face on stage. This type of direct lighting hides all shadows, and without shadows the moon looks flat and pasty. Compare this to half-phase, when the sun shines off to one side (below), highlighting the subtlest of textures.

  

  Point a telescope or binoculars at the moon the next two nights and you’ll see a pastiche of gray and white with only a hint of shading along its left (eastern) edge. Everything is brightly illuminated in shadowless lighting. Craters look like white blotches.

   

  

  Tonight (Aug. 14) the moon rises shortly before sunset for many U.S. locations; tomorrow night, a little after. Click here to find the time of moonrise for your location. The Barley Moon shines in Capricornus, a faint, triangular-shaped constellation to the east (left) of Sagittarius and Saturn. It should be a beautiful sight.

• Ivory Idyll An initial report on the Common Fund Data Ecosystem

  For the past 6 months or so, I've been working with a team of people on a project called the Common Fund Data Ecosystem. This is a targeted effort within the NIH Common Fund (CF) to improve the Findability, Accessibility, Interoperability, and Reusability - a.k.a. "FAIRness" - of the data sets hosted by their Data Coordinating Centers.

  (You can see Dr. Vivien Bonazzi's presentation if you're interested in more details on the background motivation of this project.)

  I'm thrilled to announce that our first report is now available! This is the product of a tremendous data gathering effort (by many people), four interviews, and an ensuing distillation and writing effort with Owen White and Amanda Charbonneau. To quote,

  This assessment was generated from a combination of systematic review of online materials, in-person site visits to the Genotype Tissue Expression (GTEx) DCC and Kids First, and online interviews with Library of Integrated Network-Based Cellular Signatures (LINCS) and Human Microbiome Project (HMP) DCCs. Comprehensive reports of the site visits and online interviews are available in the appendices. We summarize the results within the body of the report.

  The executive summary is just under four pages, and the full report is about 30 - the bulk of the report document (another 100 pages or so) consists of appendices to the main report.

  I wanted to highlight a few things about the report in particular.

  1. Putting your data in the cloud ...is just the start.

  This may be obvious to those of us in the weeds, but supporting long-term availability of data through the use of cloud hosting is only one of many steps. Indexing of (meta)data, auth and access, and a host of other issues are all important to spur actual data reuse.

  2. Just, like, talking with people is, y'know, really useful!

  We did a lot of interviewing and found out some surprising things! In partial reaction to our experience with the Data Commons, we are taking a much lower key and more ethnographic approach to understanding the opportunities and challenges that actually exist on the ground. A lot of the good stuff in the report emerged from these interviews.

  3. Interoperability is contingent on the data sets (and processing pipelines) you're talking about.

  The I in FAIR stands for "Interoperability", and (at least in the context of the CFDE) this is probably the trickiest to measure and evaluate. Why?

  Suppose, not-so-hypothetically, that you want to take some data from the GTEx human tissue RNAseq collection, and compare the expression of genes in that data with some data from the Kids First datasets.

  At some basic level, you might think "RNAseq is RNAseq, surely you just grab both data sets and go for it", right?

  Not so fast!

  First, you need to make sure that the raw data is comparable - not all RNAseq can be compared, at least not without removing technical biases. (And I'm honestly not sure what the state of the art is around comparing different protocols, e.g. strand-specific RNAseq to generic RNAseq.)

  Second, the processing pipeline used to analyze the RNAseq data needs to be the same. Practically speaking this means that you may need to reanalyze all of the raw data.

  Third, you need to deal with batch effects. I'm again not actually sure how you do this on data from a variety of different studies.

  Fourth, and more fundamental, you need to connect your sample metadata across the various studies so that you are comparing apples to apples. (Spoiler alert: this turns out to be really hard, and seems to be the main conceptual barrier to actual widespread reuse of data across multiple studies.)

  There are some techniques and perspectives being developed by various Common Fund DCCs that may help with this, and I hope to talk about them in a future blog post. But it's just hard.

  4. Computational training is second on everybody's list.

  This is something that I first saw when a group of us were talking with a bunch of NSF Science and Technology Centers (STCs): when asked what their challenges were, everyone said "in addition to our primary mission, computational training is really critical." (This broad realization by the STCs led to two funded NSF supplements that are part of Data Carpentry's back story!)

  We saw the same thing here - a surprising result of our interviews was the extent to which the Common Fund Data Coordinating Centers felt that computational training could help foster data use and reuse. I say "surprising" not in the sense that it surprised me that training could be important - I've been banging that drum for well over a decade! - but that it was so high on everybody's list. We only had to mention it - "so, what role do you see for training?" - to have people at the DCCs jump on it enthusiastically!

  There are many challenges with building training programs with the CF DCCs, but it seems likely that training will be a focus of the CFDE moving forward.

  What's next?

  This is only an interim report, and we've only interviewed four DCCs - we have another five to go. Expect to hear more!

  --titus

  Brown, C. T., Charbonneau, A., & White, O.. (2019, August 13). 2019-July_CFDE_AssessmentReport.pdf (Version 1). figshare. doi: 10.6084/m9.figshare.9588374.v1

• The Atlantic: In Focus Photos of Woodstock 1969, on Its 50th Anniversary (32 photos)

  Fifty years ago, more than 400,000 people descended on Bethel, New York, headed to a dairy farm owned by Max and Miriam Yasgur, where the Woodstock Music & Art Fair was being held. Planners had told the Yasgurs and town officials that they expected no more than 50,000 attendees, and were overwhelmed by the huge crowds. Over three days, 32 acts performed onstage, including Joan Baez, Santana, the Grateful Dead, Creedence Clearwater Revival, Janis Joplin, Sly and the Family Stone, The Who, Jefferson Airplane, The Band, Crosby, Stills, Nash & Young, and Jimi Hendrix. Woodstock became a major cultural event, amplified by news coverage, a popular documentary film, and the music that became symbolic of an era.

  

  
• Centauri Dreams Nautilus: New Lens Concept for Space-based Array

  As we’ve been talking about the limitations of giant telescopes in recent days — and a possible solution in David Kipping’s idea of a ‘terrascope’ — it pays to keep in mind how our ability to collect light has changed over the years. Thus the figure below, which is drawn from a new paper from Daniel Apai and Tom Milster (both at the University of Arizona) and colleagues. Here we see four centuries of evolution for light-collecting power through refracting and reflecting telescopes, with the introduction of segmented mirrors making larger apertures possible.

  

  Image: This is Figure 1 from the paper (click to enlarge). Caption: Evolution of light-collecting area of ground-based (blue, green) and space-based (red) telescopes. The evolution is characterized by alternating stages of slow growth (when existing technology is scalable) and pauses (when existing technology cannot be scaled up). The data points represent the installation of the largest telescopes in their era and are connected to highlight general trends. Gray regions mark the approximate stages in the evolution when lenses, monolithic mirrors, and then segmented mirrors become to massive to be viable with existing technology. Telescopes used multiple different technological solutions to collect light. Large jumps in diameter are due to change in technology due to technological breakthroughs. Credit: Daniel Apai / Tom Milster / UA.

  Anticipated designs for space telescopes take us from Hubble’s 2.4-meter mirror up to the segmented mirrors of the James Webb Space Telescope (6.5 meters) and future concepts like the Large UV/Optical/IR Surveyor (LUVOIR), with a 15-m primary telescope. The gradual growth of aperture sizes is, Apai and Milster argue in their paper, a bottleneck in the design of astronomical telescopes, and one we’ll have to overcome to study Earth-like planets and their potential biosignatures.

  What the scientists are offering is a telescope concept in which the primary mirror is replaced by what the authors describe as multiorder diffractive engineered (MODE) material lens technology. Here we move from refraction, which involves light changing direction as it moves from one medium to another, to diffraction, where the waves of light change direction as they encounter barriers and openings in their path — think Fresnel lenses, where waves can interact constructively or destructively depending on wavelength. The MODE lens developed at UA by the authors is in effect a hybrid between refractive and diffractive lens technologies.

  In their paper, Apai and Milster propose a space telescope called Nautilus, which would operate as a fleet of 35 14-meter wide spherical telescopes, each of them more powerful than the Hubble instrument. Within each Nautilus unit, an 8.5-meter diameter MODE lens would be used for high-precision transit spectroscopy, along with a 2.5 meter lens optimized for wide-field imaging and transit searches. The combined array would be powerful enough to characterize 1,000 exoplanets from a distance as far as 1,000 light years. The light-collecting power Nautilus achieves, by the authors’ calculations, is the equivalent of a 50-meter diameter telescope.

  

  Image: Each individual Nautilus lens is 8.5 meters in diameter, larger than the mirrors of the Hubble Space Telescope and James Webb Space Telescope. Credit: Daniel Apai.

  The authors argue that “…the concept described here offers a pathway to break away from the cost and risk growth curves defined currently by mirror technology and has the potential to enable very large and very lightweight, replicable technology for space telescopes.” Such lenses are less sensitive to misalignments and deformations than conventional refractive lenses and are readily replicated through processes of optical molding. Says Apai:

  “Telescope mirrors collect light – the larger the surface, the more starlight they can catch. But no one can build a 50-meter mirror. So we came up with Nautilus, which relies on lenses, and instead of building an impossibly huge 50-meter mirror, we plan on building a whole bunch of identical smaller lenses to collect the same amount of light.”

  These lenses work via a design the authors have patented, one that allows them to be both large and far lighter than monolithic mirrors. Large aperture lenses using diffractive methods can be produced without the mass and volume of material required by refractive designs. They are much thinner, formed around a series of separate sections mounted in a frame. The easiest analogy is with lighthouse lenses, which are built around concentric annular sections.

  That makes them less expensive to launch, but the design also takes into account the practicalities of the space launch business, with the capability of stacking individual modules on top of each other. The lenses are 10 times lighter in areal density and 100 times less sensitive to misalignments. Thus the potential is here to sharply reduce launch costs as well as the cost of initial fabrication through a series of instruments using replicated components and identical telescopes — with a fleet of 35 in play, Nautilus collects light efficiently and distributes risk among multiple instruments. That latter point resonates given how much rides on a successful launch and deployment of missions like the James Webb Space Telescope.

  “Currently, mirrors are expensive because it takes years to grind, polish, coat and test,” adds Apai. “Their weight also makes them expensive to launch. But our Nautilus technology starts with a mold, and often it takes just hours to make a lens. We also have more control over the process, so if we make a mistake, we don’t need to start all over again like you may need to with a mirror.”

  

  Image: A labeled illustration of an individual Nautilus unit. It is designed to stack many units on top of each other in a rocket before inflating in space. Credit: Daniel Apai.

  The paper takes note of the scalability of the concept:

  Due to its relatively low production and launch costs and the identical multispacecraft model that is relatively new to astrophysical space telescopes, the general Nautilus system proposed here provides an easily scalable approach. Such multispacecraft models (multiple identical units) are used commercially (Iridium system) and for geo- and planetary sciences (Voyagers, Mariners, Mars exploration rovers, etc.) to reduce per-unit costs and risks and to extend capabilities. Furthermore, telescopes utilizing similar architecture but increasing in size could demonstrate feasibility and mitigate risks, while producing scientific data.

  If the Nautilus model works, the prospect of low-cost space telescopes far more powerful than anything now in space or planned for it opens up, bringing such capabilities to the level of individual universities, who could launch their own small instruments. That would be quite a switch from the current model of having to compete for time on overbooked space observatories like Hubble. And Nautilus itself gives us the potential for observing 1,000 Earth-like planets within the 1,000 light years the light-collecting power of Nautilus is designed to investigate.

  The paper is Apai et al., “A Thousand Earths: A Very Large Aperture, Ultralight Space Telescope Array for Atmospheric Biosignature Surveys,” Astronomical Journal Vol. 158, No. 2 (29 July 2019). Abstract.

  

  

  
• Loren Grush Sierra Nevada picks the future Vulcan rocket to fly its mini-spaceplane to orbit
  A rendering of SNC’s Dream Chaser vehicle in space | Image: SNC

  Private space company Sierra Nevada Corporation announced today that its mini-spaceplane, the Dream Chaser, will launch into orbit on top of the United Launch Alliance’s future Vulcan Centaur rocket. The Dream Chaser has yet to see space, but once it’s operational, it will help ferry cargo and science experiments to the astronauts on board the International Space Station between 2021 and 2024.

  The Sierra Nevada Corporation (SNC) is one of three companies tasked by NASA to periodically launch to the ISS to make sure the station is fully stocked with supplies. The cargo missions are all part of NASA’s Commercial Resupply Services Program, one of a few initiatives at the space agency that’s meant to offload space transportation to the...

  Continue reading…

• Bruce Schneier Side-Channel Attack against Electronic Locks

  Several high-security electronic locks are vulnerable to side-channel attacks involving power monitoring.
  

• DragonflyBSD Blog tap/tun device changes

  DragonFly’s tap(4)/tun(4) devices have been historically precreated – tap0, tap1, tap2, tap3.  They are now auto-cloned, which might surprise any software counting on the prior behavior.  I don’t know of any specific packages that are affected by this, though.  DragonFly version 5.6 is unaffected by this; it’s in -current only.

• Ed Yong One Giant Leap for Maggotkind

  After placing a dozen maggots in a petri dish, Michael Wise was surprised to see that only two were still there. The rest had made a break for it, and were jumping all over his lab.

  Wise, a botanist at Roanoke College, had been studying gall midges—flies that lay their eggs inside silverrod and goldenrod plants. Once the eggs hatch, the developing larvae create abnormal swellings called galls. Wise would dissect these and collect the orange, rice-size maggots within. And he noted that they’d often start jumping: out of the galls, out of his hands, out of petri dishes. How, he wondered, could a legless animal jump at all, let alone so far or so quickly?

  Fortunately, he knew exactly whom to call. Wise had gone to graduate school with Sheila Patek, a biologist at Duke University, who has studied the record-breaking punch of the mantis shrimp and the ballistic jaws of the trap-jaw ant. “A lot of people know that I study small, fast things, so I get a lot of requests to film random stuff,” Patek says. “I’m almost always up for it.”

  [Read: Mantis shrimps avoid deadly fights by pummeling each other]

  But many animal movements that people think are really fast “are not actually that fast,” she says. To film a fish’s strike or a grasshopper’s leap, you can get away with a high-speed camera that shoots at a paltry 1,000 frames per second. To film the gall-midge maggots, Patek had to break out her 20,000-frame-per-second hardware. “They jump at the same speed as fleas—insects that are using legs,” she says. “They’re really good.”

  Despite the maggots’ speed, “I don’t think they have any aiming capability,” says Patek’s colleague Grace Farley. To film them, Farley placed one larva at a time in a petri dish and looked for the moment when it drew its head and tail together in preparation for takeoff. When that happened, Farley rotated the dish so the larva was at least pointing in the right direction. (It didn’t always work, but since high-speed video files are very large, and bad footage is usually discarded, to my great disappointment, Farley has no maggot blooper reel.)

  The maggot’s technique, as revealed by the footage, is surprisingly complicated. When it loops its body, it unites two patches of microscopic hairs—one just behind its head and one on its tail. When these touch, they stick. The maggot then pumps its own internal fluids into the back third of its body, turning it into a swollen strut that Farley calls a “transient leg.” The pressure builds in the leg until it overcomes the sticky forces holding the head and tail together. The maggot releases itself, the leg pushes downward, and the whole animal explodes upward. “It shows how even squishy forms can effectively act as rigid limbs,” says Talia Moore from the University of Michigan, who wasn’t involved in the study.

  

  The team showed that the maggots can jump as much as five inches. That’s more than 36 times their body length, and akin to a human leaping more than 200 feet. They’re extremely efficient too: It would take 28 times as much energy to crawl across the distance that they can cover in a single jump. In the wild, this prodigious leaping ability is a lifesaver. If the gall is breached, the larvae can bounce to safety. And many species deliberately leave the galls once they’re old enough; they fall to the ground and leap around randomly until they land on dark, moist soil where they can transform into adults.

  Many other animals can jump without legs. Springtails—tiny relatives of insects—push a special appendage underneath their tails against the ground. Click beetles jump by lying on their backs and violently snapping their heads against a surface. Some snakes, such as the jumping pit viper and brown sipo, can fully launch themselves off the ground. One fictional mammal transforms its tail into a spring.

  In all these cases, a hard body part acts as an erstwhile limb. By comparison, “the lack of a complex musculoskeletal system in the midge larvae makes jumping quite impressive,” says Moore. Other soft-bodied, wormlike animals can also take to the air in the same way: They curl into a loop, latch themselves in place, pressurize part of their own bodies, and take off. Other fly larvae do this, as do nematode worms. The latter are so small that they don’t even need sticky hairs; they can latch their heads and tails together through the surface tension of the water that covers their bodies.

  [Read: What a beetle’s genital worms reveal about the concept of individuality]

  Many of these legless jumpers belong to groups that are incredibly rich in species, so this style of movement may actually be more common than the limb-propelled hops of locusts or kangaroos. “It could be a way of locomotion that’s even more fundamental than grasshopper legs,” says Patek. “I think it’s widespread, and we just haven’t been looking.”

  The secrets of these squishy jumpers might help engineers develop more durable robots for, say, search-and-rescue missions. “One thing engineering is really not good at is making small, extremely high-acceleration devices that don’t self-destruct and can be used over and over again,” says Patek. Abandoning hard materials for soft ones might solve that problem, provided that said soft robots could be made to move in useful ways.

  “Robots with soft bodies can be more difficult to destroy, which would give us a great advantage if we want these robots to work in unstructured environments like an earthquake zone,” says Zeynep Temel from Carnegie Mellon University, who develops robots inspired by biology. And as the gall-midge maggots show, you don’t have to sacrifice mobility or efficiency for the sake of a little softness.

• Krebs on Security Meet Bluetana, the Scourge of Pump Skimmers

  “Bluetana,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous.

  The new app, now being used by agencies in several states, is the brainchild of computer scientists from the University of California San Diego and the University of Illinois Urbana-Champaign, who say they developed the software in tandem with technical input from the U.S. Secret Service (the federal agency most commonly called in to investigate pump skimming rings).

  

  The Bluetooth pump skimmer scanner app ‘Bluetana’ in action.

  Gas pumps are a perennial target of skimmer thieves for several reasons. They are usually unattended, and in too many cases a handful of master keys will open a great many pumps at a variety of filling stations.

  The skimming devices can then be attached to electronics inside the pumps in a matter of seconds, and because they’re also wired to the pump’s internal power supply the skimmers can operate indefinitely without the need of short-lived batteries.

  And increasingly, these pump skimmers are fashioned to relay stolen card data and PINs via Bluetooth wireless technology, meaning the thieves who install them can periodically download stolen card data just by pulling up to a compromised pump and remotely connecting to it from a Bluetooth-enabled mobile device or laptop.

  According to the study, some 44 volunteers  — mostly law enforcement officials and state employees — were equipped with Bluetana over a year-long experiment to test the effectiveness of the scanning app.

  The researchers said their volunteers collected Bluetooth scans at 1,185 gas stations across six states, and that Bluetana detected a total of 64 skimmers across four of those states. All of the skimmers were later collected by law enforcement, including two that were reportedly missed in manual safety inspections of the pumps six months earlier.

  While several other Android-based apps designed to find pump skimmers are already available, the researchers said Bluetana was developed with an eye toward eliminating false-positives that some of these other apps can fail to distinguish.

  “Bluetooth technology used in these skimmers are also used for legitimate products commonly seen at and near gas stations such as speed-limit signs, weather sensors and fleet tracking systems,” said Nishant Bhaskar, UC San Diego Ph.D. student and principal author of the study. “These products can be mistaken for skimmers by existing detection apps.”

  BLACK MARKET VALUE

  The fuel skimmer study also helps explain how quickly these hidden devices can generate huge profits for the organized gangs that typically deploy them. The researchers found the skimmers their app found collected data from roughly 20 -25 payment cards each day — evenly distributed between debit and credit cards (although they note estimates from payment fraud prevention companies and the Secret Service that put the average figure closer to 50-100 cards daily per compromised machine).

  The academics also studied court documents which revealed that skimmer scammers often are only able to “cashout” stolen cards — either through selling them on the black market or using them for fraudulent purchases — a little less than half of the time. This can result from the skimmers sometimes incorrectly reading card data, daily withdrawal limits, or fraud alerts at the issuing bank.

  “Based on the prior figures, we estimate the range of per-day revenue from a skimmer is $4,253 (25 cards per day, cashout of $362 per card, and 47% cashout success rate), and our high end estimate is $63,638 (100 cards per day per day, $1,354 cashout per card, and cashout success rate of 47%),” the study notes.

  Not a bad haul either way, considering these skimmers typically cost about $25 to produce.

  Those earnings estimates assume an even distribution of credit and debit card use among customers of a compromised pump: The more customers pay with a debit card, the more profitable the whole criminal scheme may become. Armed with your PIN and debit card data, skimmer thieves or those who purchase stolen cards can clone your card and pull money out of your account at an ATM.

  “Availability of a PIN code with a stolen debit card in particular, can increase its value five-fold on the black market,” the researchers wrote.

  This highlights a warning that KrebsOnSecurity has relayed to readers in many previous stories on pump skimming attacks: Using a debit card at the pump can be way riskier than paying with cash or a credit card.

  

  The black market value, impact to consumers and banks, and liability associated with different types of card fraud.

  And as the above graphic from the report illustrates, there are different legal protections for fraudulent transactions on debit vs. credit cards. With a credit card, your maximum loss on any transactions you report as fraud is $50; with a debit card, that protection only extends for within two days of the unauthorized transaction. After that, the maximum consumer liability can increase to $500 within 60 days, and to an unlimited amount after 60 days.

  In practice, your bank or debit card issuer may still waive additional liabilities, and many do. But even then, having your checking account emptied of cash while your bank sorts out the situation can still be a huge hassle and create secondary problems (bounced checks, for instance).

  Interestingly, this advice against using debit cards at the pump often runs counter to the messaging pushed by fuel station owners themselves, many of whom offer lower prices for cash or debit card transactions. That’s because credit card transactions typically are more expensive to process.

  For all its skimmer-skewering prowess, Bluetana will not be released to the public. The researchers said the primary reason for this is highlighted in the core findings of the study.

  “There are many legitimate devices near gas stations that look exactly like skimmers do in Bluetooth scans,” said UCSD Assistant Professor Aaron Schulman, in an email to KrebsOnSecurity. “Flagging suspicious devices in Bluetana is a only a way of notifying inspectors that they need to gather more data around the gas station to determine if the Bluetooth transmissions appear to be emanating from a device inside of of the pumps. If it does, they can then open the pump door and confirm that the signal strength rises, and begin their visual inspection for the skimmer.”

  One of the best tips for avoiding fuel card skimmers is to favor filling stations that have updated security features, such as custom keys for each pump, better compartmentalization of individual components within the machine, and tamper protections that physically shut down a pump if the machine is improperly accessed.

  How can you spot a gas station with these updated features, you ask? As noted in last summer’s story, How to Avoid Card Skimmers at the Pumps, these newer-model machines typically feature a horizontal card acceptance slot along with a raised metallic keypad. In contrast, older, less secure pumps usually have a vertical card reader a flat, membrane-based keypad.

  

  Newer, more tamper-resistant fuel pumps include pump-specific key locks, raised metallic keypads, and horizontal card readers.

  The researchers will present their work on Bluetana later today at the USENIX Security 2019 conference in Santa Clara, Calif. A copy of their paper is available here (PDF).

  If you enjoyed this story, check out my series on all things skimmer-related: All About Skimmers. Looking for more information on fuel pump skimming? Have a look at some of these stories.

• Bruce Schneier Exploiting GDPR to Get Private Information

  A researcher abused the GDPR to get information on his fiancee:

  It is one of the first tests of its kind to exploit the EU's General Data Protection Regulation (GDPR), which came into force in May 2018. The law shortened the time organisations had to respond to data requests, added new types of information they have to provide, and increased the potential penalty for non-compliance.

  "Generally if it was an extremely large company -- especially tech ones -- they tended to do really well," he told the BBC.

  "Small companies tended to ignore me.

  "But the kind of mid-sized businesses that knew about GDPR, but maybe didn't have much of a specialised process [to handle requests], failed."

  He declined to identify the organisations that had mishandled the requests, but said they had included:

  • a UK hotel chain that shared a complete record of his partner's overnight stays

  • two UK rail companies that provided records of all the journeys she had taken with them over several years

  • a US-based educational company that handed over her high school grades, mother's maiden name and the results of a criminal background check survey.

• Bruce Schneier Attorney General Barr and Encryption

  Last month, Attorney General William Barr gave a major speech on encryption policy足what is commonly known as "going dark." Speaking at Fordham University in New York, he admitted that adding backdoors decreases security but that it is worth it.

  Some hold this view dogmatically, claiming that it is technologically impossible to provide lawful access without weakening security against unlawful access. But, in the world of cybersecurity, we do not deal in absolute guarantees but in relative risks. All systems fall short of optimality and have some residual risk of vulnerability -- a point which the tech community acknowledges when they propose that law enforcement can satisfy its requirements by exploiting vulnerabilities in their products. The real question is whether the residual risk of vulnerability resulting from incorporating a lawful access mechanism is materially greater than those already in the unmodified product. The Department does not believe this can be demonstrated.

  Moreover, even if there was, in theory, a slight risk differential, its significance should not be judged solely by the extent to which it falls short of theoretical optimality. Particularly with respect to encryption marketed to consumers, the significance of the risk should be assessed based on its practical effect on consumer cybersecurity, as well as its relation to the net risks that offering the product poses for society. After all, we are not talking about protecting the Nation's nuclear launch codes. Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations. We are talking about consumer products and services such as messaging, smart phones, e-mail, and voice and data applications. If one already has an effective level of security say, by way of illustration, one that protects against 99 percent of foreseeable threats -- is it reasonable to incur massive further costs to move slightly closer to optimality and attain a 99.5 percent level of protection? A company would not make that expenditure; nor should society. Here, some argue that, to achieve at best a slight incremental improvement in security, it is worth imposing a massive cost on society in the form of degraded safety. This is untenable. If the choice is between a world where we can achieve a 99 percent assurance against cyber threats to consumers, while still providing law enforcement 80 percent of the access it might seek; or a world, on the other hand, where we have boosted our cybersecurity to 99.5 percent but at a cost reducing law enforcements [sic] access to zero percent the choice for society is clear.

  I think this is a major change in government position. Previously, the FBI, the Justice Department and so on had claimed that backdoors for law enforcement could be added without any loss of security. They maintained that technologists just need to figure out how足 -- an approach we have derisively named "nerd harder."

  With this change, we can finally have a sensible policy conversation. Yes, adding a backdoor increases our collective security because it allows law enforcement to eavesdrop on the bad guys. But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone. This is exactly the policy debate we should be having -- not the fake one about whether or not we can have both security and surveillance.

  Barr makes the point that this is about "consumer cybersecurity" and not "nuclear launch codes." This is true, but it ignores the huge amount of national security-related communications between those two poles. The same consumer communications and computing devices are used by our lawmakers, CEOs, legislators, law enforcement officers, nuclear power plant operators, election officials and so on. There's no longer a difference between consumer tech and government tech -- it's all the same tech.

  Barr also says:

  Further, the burden is not as onerous as some make it out to be. I served for many years as the general counsel of a large telecommunications concern. During my tenure, we dealt with these issues and lived through the passage and implementation of CALEA the Communications Assistance for Law Enforcement Act. CALEA imposes a statutory duty on telecommunications carriers to maintain the capability to provide lawful access to communications over their facilities. Companies bear the cost of compliance but have some flexibility in how they achieve it, and the system has by and large worked. I therefore reserve a heavy dose of skepticism for those who claim that maintaining a mechanism for lawful access would impose an unreasonable burden on tech firms especially the big ones. It is absurd to think that we would preserve lawful access by mandating that physical telecommunications facilities be accessible to law enforcement for the purpose of obtaining content, while allowing tech providers to block law enforcement from obtaining that very content.

  That telecommunications company was GTE -- which became Verizon. Barr conveniently ignores that CALEA-enabled phone switches were used to spy on government officials in Greece in 2003 -- which seems to have been a National Security Agency operation -- and on a variety of people in Italy in 2006. Moreover, in 2012 every CALEA-enabled switch sold to the Defense Department had security vulnerabilities. (I wrote about all this, and more, in 2013.)

  The final thing I noticed about the speech is that it is not about iPhones and data at rest. It is about communications足 -- data in transit. The "going dark" debate has bounced back and forth between those two aspects for decades. It seems to be bouncing once again.

  I hope that Barr's latest speech signals that we can finally move on from the fake security vs. privacy debate, and to the real security vs. security debate. I know where I stand on that: As computers continue to permeate every aspect of our lives, society, and critical infrastructure, it is much more important to ensure that they are secure from everybody -- even at the cost of law enforcement access足 -- than it is to allow access at the cost of security. Barr is wrong, it kind of is like these systems are protecting nuclear launch codes.

  This essay previously appeared on Lawfare.com.

• XKCD Old Game Worlds
  
• Space and stuff idk guidanceofficer: nucleartriad: meco-official: egglybagelface96:...
  
  
  

  guidanceofficer:

  nucleartriad:

  meco-official:

  egglybagelface96:

  I’m sorry but you have to be a different type of ill to want this…. t h i n g….. to come back.

  lock me up
  

  have you considered

  

  wormball
  

  The worm and the meatball are both okay, but combining them is NOT! It makes you look like a shitty science museum t-shirt! Both the ball and worm have more dignity than their abomination of a child!

  Hmmmmm coming down decidedly pro wormball howEVER worm solo is still superior.

• Basic Instructions How to Explain Why Star Trek Is Much Better Than Star Wars
  

  “Good enough is good enough” would be a great first needlepoint or cross-stitch project, because any imperfections in the workmanship would support the idea being expressed.

   

  Note from Missy: is it weird that this is giving me the urge to try out needlepoint?

  As always, thanks for using my Amazon Affiliate links (US, UK, Canada).

August 13, 2019

• Bruce Schneier Phone Pharming for Ad Fraud

  Interesting article on people using banks of smartphones to commit ad fraud for profit.

  No one knows how prevalent ad fraud is on the Internet. I believe it is surprisingly high -- here's an article that places losses between $6.5 and $19 billion annually -- and something companies like Google and Facebook would prefer remain unresearched.
  

• Krebs on Security Patch Tuesday, August 2019 Edition

  Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out. Fortunately, this month’s patch batch from Redmond is mercifully light, at least compared to last month.

  Okay, maybe a trip to the dentist’s office is still preferable. In any case, today is the second Tuesday of the month, which means it’s once again Patch Tuesday (or — depending on your setup and when you’re reading this post — Reboot Wednesday). Microsoft today released patches to fix some 93 vulnerabilities in Windows and related software, 35 of which affect various Server versions of Windows, and another 70 that apply to the Windows 10 operating system.

  Although there don’t appear to be any zero-day vulnerabilities fixed this month — i.e. those that get exploited by cybercriminals before an official patch is available — there are several issues that merit attention.

  Chief among those are patches to address four moderately terrifying flaws in Microsoft’s Remote Desktop Service, a feature which allows users to remotely access and administer a Windows computer as if they were actually seated in front of the remote computer. Security vendor Qualys says two of these weaknesses can be exploited remotely without any authentication or user interaction.

  “According to Microsoft, at least two of these vulnerabilities (CVE-2019-1181 and CVE-2019-1182) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak. “It is highly likely that at least one of these vulnerabilities will be quickly weaponized, and patching should be prioritized for all Windows systems.”

  Fortunately, Remote Desktop is disabled by default in Windows 10, and as such these flaws are more likely to be a threat for enterprises that have enabled the application for various purposes. For those keeping score, this is the fourth time in 2019 Microsoft has had to fix critical security issues with its Remote Desktop service.

  For all you Microsoft Edge and Internet Exploiter Explorer users, Microsoft has issued the usual panoply of updates for flaws that could be exploited to install malware after a user merely visits a hacked or booby-trapped Web site. Other equally serious flaws patched in Windows this month could be used to compromise the operating system just by convincing the user to open a malicious file (regardless of which browser the user is running).

  As crazy as it may seem, this is the second month in a row that Adobe hasn’t issued a security update for its Flash Player browser plugin, which is bundled in IE/Edge and Chrome (although now hobbled by default in Chrome). However, Adobe did release important updates for its Acrobat and free PDF reader products.

  If the tone of this post sounds a wee bit cantankerous, it might be because at least one of the updates I installed last month totally hosed my Windows 10 machine. I consider myself an equal OS abuser, and maintain multiple computers powered by a variety of operating systems, including Windows, Linux and MacOS.

  Nevertheless, it is frustrating when being diligent about applying patches introduces so many unfixable problems that you’re forced to completely reinstall the OS and all of the programs that ride on top of it. On the bright side, my newly-refreshed Windows computer is a bit more responsive than it was before crash hell.

  So, three words of advice. First off, don’t let Microsoft decide when to apply patches and reboot your computer. On the one hand, it’s nice Microsoft gives us a predictable schedule when it’s going to release patches. On the other, Windows 10 will by default download and install patches whenever it pleases, and then reboot the computer.

  Unless you change that setting. Here’s a tutorial on how to do that. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

  Secondly, it doesn’t hurt to wait a few days to apply updates.  Very often fixes released on Patch Tuesday have glitches that cause problems for an indeterminate number of Windows systems. When this happens, Microsoft then patches their patches to minimize the same problems for users who haven’t yet applied the updates, but it sometimes takes a few days for Redmond to iron out the kinks.

  Finally, please have some kind of system for backing up your files before applying any updates. You can use third-party software for this, or just the options built into Windows 10. At some level, it doesn’t matter. Just make sure you’re backing up your files, preferably following the 3-2-1 backup rule. Thankfully, I’m vigilant about backing up my files.

  And, as ever, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.

• Astro Bob Amateur Discovers ‘Churymoon’ Orbiting Rosetta’s Comet

  

  Sometimes a pile of data and an eye for detail are all you need to make an amazing discovery.  Several months back, Spanish astrophotographer Jacint Roger spotted an object orbiting comet 67P/Churyumov-Gerasimenko while mining the Rosetta image archive. In case you forgot, Rosetta was the European mission that rendezvoused with the comet in August 2014 and remained in orbit for closeup studies until September 2016.

  

  He found the comet moon in a sequence of images taken by Rosetta on Oct. 21, 2015 when the spacecraft hovered 248 miles (400 km) from the comet’s center. After processing the images he assembled them into a short video and posted it on his Twitter. Scientists at the European Space Agency and spacecraft camera team are now studying this chunk of cometary debris in greater detail. They’ve even given it a name — Churymoon. Spanning just under 13 feet (4 meters) you’d hardly consider it a moon, but because it orbits the 4-kilometer-wide “mothership” it’s as much a moon as some of the tiny moons that orbit a modest number of asteroids.

  Modelling done using the images indicate that after it broke away from the comet, Churymoon spent its first 12 hours orbiting at a distance of just 1.5 to 2.4 miles (2.4-3.9 km) from 67P/C-G’s center. Later, the chunk crossed a portion of the coma — that’s the fluffy cloud of gas and dust surrounding the comet’s icy nucleus — and appeared on the opposite side of the comet, confirming its orbit at least through Oct. 23.

  Scientists have been studying and tracking debris around 67P/C-G since Rosetta’s arrival in 2014. The object pictured in this view is likely the largest chunk detected around the comet, and is still being investigated.

  

  Like many comets, 67P/C-G’s ices are embedded with dust. The closer a comet gets to the sun, the more ice is vaporized and the more dust released. As it neared its closest approach to the Sun in late July and August 2015, instruments on Rosetta recorded a huge amount of dust enshrouding the comet, much of it spat into space by geyser-like jets. This disturbed, ejected material forms the coma, a temporary atmosphere of gas and dust that envelopes the comet’s nucleus. Often, some of that material is pushed back by sunlight to form a beautiful tail, a comet’s defining characteristic in the public eye.

  Comet 67P/C-G is currently in the outer solar system between the orbits of Mars and Jupiter. Orbiting the sun every 6.5 years, its next closest approach is in 2021.

• Space and stuff idk gusgrissom:worldinmywindow:I really like that they always ignored the rule of “tallest in the...

  gusgrissom:

  worldinmywindow:

  I really like that they always ignored the rule of “tallest in the middle, fan out” and just slapped Gus in the middle in every photo— did he PUT himself there? As in “if I have to be short I’m not hiding at the edges,” did he GET put there as in “Gus, you have the best smile go stand in the middle?” Did he just naturally end up there because he was always in the center of the group making everyone laugh? I need answers!

  

  It’s the Napoleon complex

  

• DragonflyBSD Blog pkg and pkg-static

  If you upgrade DragonFly and one of the shared libraries used by pkg gets updated, you can’t run pkg until you get files, but pkg is the program you use to bring in new files.  This chicken-and-egg problem is solved with pkg-static, a version of pkg built without shared libraries.

  You may have noticed some format flip-flopping between pkg and pkg-static if you had to run it after the most recent DragonFly upgrade; that is fixed.  There’s a larger issue of certificate installation identified there; I don’t know a solution to it, but I do want to mention this for next time pkg breaks for someone – pkg-static will work as backup, including to bring in a new version of pkg.

• Freedom to Tinker Should we regulate the makers or users of insecure IoTs?

  By Matheus V. X. Ferreira, Danny Yuxing Huang, Tithi Chattopadhyay, Nick Feamster, and S. Matthew Weinberg

  Recent years have seen a proliferation of “smart-home” or IoT devices, many of which are known to contain security vulnerabilities that have been exploited to launch high-profile attacks and disrupt Internet-wide services such as Twitter and Reddit. 

  The sellers (e.g., manufacturers) and buyers (e.g., consumers) of such devices could improve their security, but there is little incentive to do so. For the sellers, implementing security features on IoT devices, such as using encryption or having no default passwords, could introduce extra engineering cost. Similarly, security practices, such as regularly updating the firmware or using complex and difficult-to-remember passwords, may be a costly endeavor for many buyers.

  As a result, sellers and buyers security practices are less than optimal, and this ends up increasing vulnerabilities that ultimately impact other buyers. In other words, their actions cause a negative externality to other buyers. This scenario where individuals act according to their own self-interest on detrimental to the common good is referred to as the tragedy of the commons.

  One approach to incentivize agents to adopt optimal practices is through external regulations. In this blog post, we discuss two potential approaches that a regulator may adopt in the case of IoT security:

  • Regulating the seller – requiring minimum security standards on sellers of IoT devices;
  • Regulating the buyer – and/or encouraging IoT device buyers to adopt security practices through rewards (e.g., ISP discounts for buyers without signs of malicious network traffic) or penalties (e.g., fines for buyers of devices that engaged in DDoS attacks).

  The goal of this hypothetical regulator is to minimize the negative externality due to compromised devices while maximizing the profitability of device manufacturers. We show that in some cases if buyers are rewarded for security practices (or penalized for the lack thereof), sellers can potentially earn higher profits if they implement extra security features on their devices.

  Challenges in regulation

  The hypothetical regulator’s ability to achieve the goal of minimizing negative externality depends on whether buyers can secure their devices more efficiently than sellers. 

  If, for instance, buyers regularly update their devices’ firmware or set strong passwords, then regulating the sellers alone can be costly — i.e., inefficient. On the other hand, rewarding buyers for security practices (or penalizing them for the lack thereof) can still be inefficient if there is little buyers can do to improve security, or if they cannot distinguish good vs bad security practices. 

  These challenges lead us to explore the impact the efficiency of buyers in improving their security has on regulatory effectiveness.

  Modeling the efficiency of buyers’ security practices

  A stochastic model captures the uncertainty of the efficiency of the buyer’s security practices when incentivized through regulation. A buyer has low efficiency when improving their effort towards security has a low impact in actually reducing security risks than if the same effort came from sellers. On the other hand, a buyer has high efficiency if improving their effort towards higher security translates in high improvements in security.

  As an example, consider the buyer’s efficiency in a system where users (i.e., buyers) log into a website using passwords. Let’s first make two assumptions:

  1. We first assume that the website is secure. The probability of a user’s account being compromised depends on, for instance, how strong the password is. A weak password or a reused password is likely correlated with a high chance of the account being stolen; on the other hand, a strong, random password is correlated with the opposite. We say that the users/buyers are highly efficient in providing security with respect to the website operator (i.e., seller); in this case, efficiency > 1. Figure 1-a shows an example of the distribution of the buyers’ efficiency.
  2. We next assume that the website is not secure — e.g., running outdated server software. The probability of a buyer’s account being compromised depends less on password strength, for instance, but rather more on how insecure the website server is; in this case, efficiency < 1. Figure 1-b shows an example of the distribution of the buyers’ efficiency.

  In reality, Assumptions (1) and (2) rarely exist in isolation but rather coexist in various degrees. We show an example of such in Figure 1-c.

  

  The same model can be used to study scenarios where the actions of different agents cause externalities to common goods such as clean air.

  Regulatory policies in a market of polluting cars often focus on regulating the production of vehicles (i.e., sellers). Once a car is purchased, there is little the buyer can do to lower pollution besides regular maintenance of the vehicle. In this case, the buyer’s efficiency would resemble Figure 1-b.

  In the other extreme, in government (i.e., sellers) auctions of oil exploration licenses, firms (i.e., buyers) are regulated and fined for potential environmental impacts. When comparing the efficiency of the government vs. the efficiency of firms, firms are in a better position in adopting better practices and controlling the environmental impacts of their activities. The firms’ efficiency would resemble Figure 1-a.

  Regulatory Impact on Manufacturer Profit

  Another consideration for any regulator is the impact these regulations have on the profitability of a manufacturer.

  Any regulation will directly (through higher production cost) or indirectly impact the sellers’ profit. By creating economic incentives for buyers to adopt better practices through fines (or taxes), we indirectly affect the prices a buyer is willing to pay for a product.

  In Figure 2, we plot the maximum profit a seller can acquire in expectation from a population of buyers such that:

  • buyer’s value for the IoT device is drawn uniformly between $0 and $20; efficiency is uniform [0,1], [0,3] and [2, 3]; 
  • a regulator imposes on buyers a fine ranging from $0 to $10 and/or impose on sellers minimum production cost ranging from $0 to $5 (e.g., for investing in extra security/safety features). 

  If buyers have low efficiency (Figure 2-a) and they are liable for the externalities caused by their devices, regulating the sellers can, in fact, increase the manufacturer’s profit since the regulation reduces the chance buyers are compromised. As buyers become more efficient (Figure 2-b and then 2-c), regulating the sellers can only lower profit since they prefer to provide security themselves.

  

  Selecting the Best Regulation

  To select the optimal regulatory strategy when constrained by minimum profit impact on sellers, we must understand the distribution of efficiency of buyers.

  We show that in homogeneous markets where buyer’s ability to follow security practices is always high or always low (Figure 1-a and 1-b) — the optimal regulatory policy would be to regulate only the buyers or the sellers.

  In arbitrary markets where buyer’s ability to follow security practices can have high variance (Figure 1-c), by contrast, we show that while the optimal policy may require regulating both buyers and sellers, there is always an approximately optimal policy which regulates just one. In other words, although an efficient regulation might be required to regulate both buyers and sellers, considering policies that either only creates incentives for buyers or only regulate the seller can approximate the optimal policy that potentially intervenes on both buyers and sellers.

  In practice, it is challenging to completely infer all the features that can affect the efficiency of buyers — that is, precisely measure efficiency distributions Figure 1-a to 1-c. Our theoretical results provide a tool for security researchers to infer an approximately optimal regulation from an inaccurate model of the efficiency distribution.

  By estimating that most of the population that purchase a device is highly efficient, we have shown that regulating only the buyer is approximately optimal. On the other hand, by estimating that the population that purchases a device is highly inefficient, regulating only the seller approximates the optimal regulation.

  At the end of the day, by better understanding the efficiency of buyer’s security practices, we will be in a better position to make a decision about regulatory strategies for different information technology markets such as for the market of IoT devices without the need for complex regulation.

  For more details, the full paper can be accessed at https://arxiv.org/abs/1902.10008 which was presented at The Web Conference 2019.
  

• Loren Grush How Blue Origin is trying to rework the rules of the Air Force’s coveted rocket competition
  An animation of Blue Origin’s New Glenn launch vehicle, which is supposed to fly for the first time in 2021 | Image: Blue Origin

  On Monday, August 12th, aerospace company Blue Origin filed a protest with the Government Accountability Office (GAO), arguing that the Air Force is running a “flawed” competition to pick the agency’s next round of launch providers for national security missions. There’s a good chance this last-ditch protest could change the terms of the competition before final selections are made, but shifting the rules in favor of Blue Origin won’t guarantee that the company is chosen in the end.

  The day that Blue Origin filed the protest was the same day that proposals were due for the Air Force’s Launch Service Procurement program. The initiative aims to select two rocket companies that will launch all of the Air Force’s missions to space from 2022...

  Continue reading…

• Centauri Dreams The Terrascope: Challenges Going Forward

  Yesterday I renewed our acquaintance with the idea that large natural objects can stand in for technologies we have previously been engineering into existence. The progression is a natural one. The early telescope work of Hans Lippershey and Galileo Galilei began with small instruments, but both refractor and later reflector designs would grow to enormous size, so that today, even with the best adaptive optics and segmented mirrors working together, we are pushing hard on what can be done. Not to mention the fact that controversies over land use can come into play with gigantic observatory installations, as we’ve seen recently in Hawaii.

  The fascination is that there is nothing in physical law to preclude ever increasing segmented mirror instruments, but we have to question their economic realities and their practicality. I think it’s a nod to the sheer ingenuity involved in linking seemingly disparate phenomena that David Kipping could turn work on the ‘green flash’ seen at sunrise and sunset into, first, the realization that the refractive flash would be a globe-circling ring as seen from space when the Earth occulted the Sun, and second, into the idea that it marked a potentially usable lensing phenomenon.

  Here we’re letting nature do the work. Using the Earth as a lens would allow us to extend our powers remarkably, and at comparatively low cost. Working with a one-meter detector of the sort we already know how to fly (Hubble uses a 2.4-meter mirror), we could achieve results we would expect from a 150-meter space telescope. Assuming, of course, that Kipping’s recent analysis is correct, or more accurately, that the issues he identifies in the paper are solvable and our imaging technologies are up to the task.

  For we start digging into the challenging bits almost as soon as the concept is explained. What Kipping wants to exploit is the fact that light from a star behind the Earth would undergo refractive lensing as it entered and then exited the atmosphere. Crucially, the focal point this would create as light rays bent around the Earth and converged on the other side would vary in distance depending on the altitude in the atmosphere that the light passed. This would give us a focal line, so that as we moved further away from the Earth, we would be experiencing the lensing of light at higher and higher altitudes.

  The Perils of Extinction

  I hope by now the point is clear that because we are talking about light in the atmosphere, we have to be aware of all the extinction events — loss of light — that could occur, from low-level light being obscured by topographical features to much higher weather causing disruption in our seeing. Extinction is dependent on the color, or wavelength, of light in question, and we also have to take scattering effects into consideration.

  But Kipping believes that light lensed from about 14 kilometers would be relatively free of these effects, allowing a robust image to be potentially acquired. The focal line sampled at roughly the distance of the Hill Sphere (about four times Earth-Moon distance) is thus what we’re after. Moreover, the alignment doesn’t have to be exact. It could be offset by about an Earth diameter.

  Have a look at the figure below, drawn from Kipping’s paper, which shows the extinction expected at various distances from the Earth, and you’ll see that the most robust acquisition of signal is going to be at the Hill sphere distance.

  

  Image: This is Figure 11 from the paper. Caption: Amplification after extinction expected for a 1 metre diameter telescope at the Earth’s Hill radius (top), half the Hill radius (middle) and the Moon’s separation (bottom). Six atmosphere models are shown… [the color coding is provided in the paper, q.v.], which control temperature-pressure profiles (and thus refractivity profile) as well as the extinction computed using lowtran7 [a propagation model and computer code for predicting atmospheric transmittance and sky thermal and scattered radiance]. All models assume no clouds. Standard photometric filters highlighted in gray, except for L, M and N which are slightly offset to encompass the optimal regions. Credit: David Kipping.

  As you see, these models assume no clouds, but we must take into effect the fact that at any given time, clouds cover approximately three-quarters of the Earth, meaning they can block out the desired signal. The Hill sphere distance is, in Kipping’s estimation, sufficient to bypass the bulk of these. His calculations show that light passing through the atmosphere at an altitude of 14 kilometers should display a net loss of about eight percent, small enough to make the concept of the Terrascope viable.

  

  Image: This is Figure 13 from the paper. Estimated transmission through the Earth’s atmosphere due to clouds for a Terrascope detector at a distance L. At one Hill radius (1,500,000 km), lensed rays travel no deeper than 13.7 km and thus largely avoid clouds, thereby losing less than 10% of the lensed light. Credit: David Kipping.

  Parts of the Earth which are illuminated are a problem, because they insert a background component to the desired signal. The author notes that “background suppression strategies, such as leveraging polarization, wavelength information, and temporal light curve variations” may be of value in reducing some of this loss, but he proceeds to account for the loss with a conservative halving of this original amplification figure to 22,500. An actual Terrascope may able to make this figure climb, though the paper does not explore the idea further.

  On the matter of extinction and its problems due to clouds, it’s interesting to consider the Terrascope in other wavelengths. Kipping’s primary thrust here is in optical and infrared light, but the paper moves on to consider the interesting possibility of moving outside this range. From the paper:

  Moving further out into the radio offers two major advantages… First, extinction due to clouds can be largely ignored, allowing for detectors much closer including on the lunar surface. Second, Solar scattering is far less problematic in the radio and indeed it is typical for radio telescopes to operate during daylight phases. The simple refraction model of this work was extended to the radio and indeed the amplification was estimated to be largely achromatic beyond a micron. Nevertheless, the model did not correctly account for the radio refractivity as a function of humidity, nor the impact of the ionosphere on lensed rays. Accordingly, a radio terrascope may be an excellent topic for further investigation.

  A Path for Research

  Limited by working with only those targets that are behind the Earth as seen from the spacecraft, we seem to be boxed in, but consider the possibility, which Kipping discusses in his video on the Terrascope, of creating a fleet of small detectors around the Hill sphere. Now the target list widens as we gain pointing control, and as we build out such a fleet, we can choose our early targets while anticipating the next high-priority items to be served by future detectors. The important first step is to find out whether a working Terrascope delivers on its promise.

  Those with a long memory may recall my Centauri Dreams articles on Claudio Maccone’s FOCAL ideas in relation to creating not just a telescope but a radio bridge between distant targets for interstellar exploration [see, for example, The Gravitational Lens and Communications]. Could we do something similar to create a radio Terrascope? The paper gives a nod to the notion, and I asked Kipping if he could expand upon the idea, which he was kind enough to do yesterday.

  “Any system like this can also be used in reverse, we can switch out the detector for a transmitter and suddenly we have an antenna with an amplification of 45,000 instead,” he wrote in an email. “In fact, it’s even easier because you don’t need an Earth-shade anymore. To realize this in the radio, there would need to be some further work on how the ionosphere affects the lensing but certainly the optical and infrared are already viable according to my study. One could imagine using this as the bedrock for an interplanetary high speed internet, enabling missions like Cassini and Juno to send back very high fidelity data.”

  Given current limitations on data return from deep in the Solar System, the term ‘interplanetary high-speed internet’ seizes the imagination, which is why I’m going to make sure that Vinton Cerf, inventor of the TCP/IP protocols and a man who has done extensive work on extending these methods into forms adapted for Solar System distances, sees the Terrascope idea. Looking down the road, I can only imagine the effect on public support for robotic exploration of the outer system if we were able to offer high-speed data and virtual reality capabilities for our targets.

  The benefit of exploring David Kipping’s ideas plays hand in glove with research into gravitational lensing. We’re talking in both cases about placing a detector at the right position to acquire data while minimizing background contamination, developing the needed occulter and creating the software to untangle what does get through from the lensed photons we want. But with the Terrascope, we are working close to home, and can experiment at relatively low cost with strategies for maximizing the acquisition of our imagery and the untangling of it. Much of this work would play directly into the development of the longer-term FOCAL mission.

  We need to investigate these ideas. The collecting power of a 150-meter telescope, if it can be achieved as per this concept, takes us into the possibility of detecting topography on exoplanets, not to mention its potential for biosignatures as well as deep space astronomy. Moving further along will involve looking deeper into the question of atmospheric effects and occulter design, which is where Kipping believes the next research effort should be mounted.

  The paper is Kipping, “The “Terrascope”: On the Possibility of Using the Earth as an Atmospheric Lens,” accepted at Proceedings of the Astronomical Society of the Pacific (abstract).

  

  

  
• Station Project A Raspberry Pi Video Player for Ham Expo Displays

  

  Dave, K1DLM recently prototyped a simple Raspberry Pi Video Player for use in our Ham Exposition Displays. We’ve built a number of these players to play video content at our upcoming Ham Expo Display at HamXposition at Boxboro in September. The article below shares information on the hardware and software we used to put these players together. The information should provide a useful start for many other Raspberry Pi projects.

  Source: A Raspberry Pi Video Player for Expo Displays – Nashua Area Radio Society

  Simple Raspberry Pi Computers have many useful applications in Amateur Radio. They can also be used to create a nice general purpose computing platform for many applications.

  The hardest part of using the Raspberry Pi is getting the basic hardware and software components together to create a working system. This article explains these basic steps for a simple video player application that we use as part of our Ham Radio Expo Displays. I hope that this information is useful to others who might want to use the Raspberry Pi.

  Fred, AB1OC

• Arxiv Review Having mastered Space Invaders, chess, and Go, AI tackles video soccer
  Google’s artificial-intelligence researchers have created a football simulator for training the next generation of machine-learning algorithms.
• Planet Labs Blog Planet Experts Discuss Future of Analysis Ready Data at 2019 ARD Workshop

  Last week Planet engineers helped organize the Analysis Ready Data (ARD) Research Workshop in Menlo Park, California, an event where great minds met to tackle the burning topic of how to make ARD operational in 2019. The event’s purpose was to educate and create collaborations across various industries, including data analytics providers, researchers, EO data providers, NGOs, and government agencies like USGS, ESA and NASA.

  Gopal Erinjippurath, Planet’s senior director of analytics engineering, moderated a panel on ML-ready ARD. The panel was an effort to better understand what constitutes readiness of ARD  for ML-based applications and get various experts to weigh in, as Erinjippurath explains in a recent article.

  “Historically, there was insufficient cross-pollination between computer vision practitioners and remote sensing scientists,” Erinjippurath says. “But in recent years they’ve been coming together to drive massive growth in scaled deep-learning powered computer vision capabilities, which is vital to innovation in analytics for remote sensing data.”

  ARD is a loose term to define a type of imagery that is pre-processed so that users can do analysis on it; it should not require a lot of work from users on the back-end to process the imagery themselves, says Chris Holmes in his explanatory piece from 2018.  These processing steps include everything from searching and downloading to seeking out different provider portals to “clipping” data to pinpoint the specific areas they want to analyze, etc.

  “The typical satellite imagery expert looking to do any sort of time-series analysis has a number of preparatory steps they must take before beginning,” Holmes writes. “The idea behind Analysis Ready Data is that providers of satellite imagery are in a better position to undertake these routine steps than the average user.”

  Different approaches to harmonization of data were presented by experts at the workshop, coupled with suggestions on electing standards for how to approach ARD moving forward.

  Here at Planet, we have been focusing on championing ARD within the wider community and pushing for standardization of operations and data representation for wider interoperability of public and commercial earth observation datasets.

  As I explained in last year’s ARD Workshop recap, the lack of standardization is a critical issue that demands immediate attention.

  Despite the incredible power of satellite imagery, true interoperability remains elusive because of the difficulty in turning raw pixels from different sources into comparable insights. Even the most seasoned users of satellite data are forced to search for data across different locations and massage the imagery in order to perform analysis. There’s no widely adopted, standardized definition of “analysis-ready data,” or ARD, to which all practitioners adhere.

  At the workshop, I helped chair the technical program with the help of colleagues from the industry. In particular I led a working group to help define an open-source effort to capture (in code) a proposed product level specification that can be computer readable.

  If you are interested in geospatial analysis and in how we unleash the power of our EO payloads by leveraging community standardization efforts, contact me at ignacio@planet.com with inquiries.

• DragonflyBSD Blog BSD Now 310: My New Free NAS

  I’m posting this late cause I was traveling when it went up: BSD Now 310 is a nice cross-BSD roundup this week.  I might miss the next BSD Now too, so don’t wait for me to link to it.

• The Mars Chronicler Sols 2495-2496: A slight change of plans

  

  Today’s planning began with a bit of a shuffle as we learned that the sample cup that was used for SAM preconditioning over the weekend didn’t seal as well as desired. This preconditioning step is required before we can perform SAM Evolved Gas Analysis (EGA) on the ‘Glen Etive’ drill sample. In response, we elected to redo the SAM preconditioning activity using another cup, in addition to running another CheMin analysis. These changes freed up additional time for remote sensing observations in this 2 sol plan.

  We planned a variety of ChemCam observations, including a retargeting of the Glen Etive drill hole in order to better adjust the focus parameters. We identified a rock called ‘Scone’ with nicely exposed layers that we will sample with a vertical raster, and will also target another bedrock target called ‘Crannog.’ There was also time to take a long distance RMI mosaic of the sulfate unit to image sedimentary structures in these distant rocks. Supporting Mastcam documentation images were planned for each of these observations, as well as Navcam movies designed for determining cloud height. If all goes well with the redo of the SAM preconditioning, we’ll be continuing along the drill sol path in no time!

  ---

  Written by Vivian Sun, Planetary Geologist at NASA’s Jet Propulsion Laboratory

  The post Sols 2495-2496: A slight change of plans appeared first on Martian Chronicles.

• Station Project Video About Growing and Modernizing Your Amateur Radio Club
  

  Jamey, AC1DC Presenting in the ARRL Forum at Dayton 2019

  The ARRL gave the Nashua Area Radio Society a Forum at the Dayton Hamvention(R)this past year to talk about how we approached Growing and Modernizing our club. The ARRL has produced a video of our Dayton Forum presentation. You can view the Video along with a copy of the presentation via the link which follows…

  Dayton Hamvention(R) 2019 ARRL Forum – Growing and Modernizing Your Amateur Radio Club

  The Nashua Area Radio Society has grown from about 35 members to over 225 members in less than 4 years. The presentation contains ideas and programs that have worked for the Nashua Area Radio Society’s (NARS) as part of our efforts to modernize and grow our club.

  We have been sharing this presentation via the Internet with other Amateur Radio Clubs. All that is required is an Internet connection capable of streaming video and an associated computer with a projector and speakers. We would like to invite our readers who might want us to do a similar presentation at one of your club meetings to reach out to us via an email to ab1oc@arrl.net.

  Fred, AB1OC

• Bruce Schneier More on Backdooring (or Not) WhatsApp

  Yesterday, I blogged about a Facebook plan to backdoor WhatsApp by adding client-side scanning and filtering. It seems that I was wrong, and there are no such plans.

  The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video presentation from a Facebook developers conference.

  Leetaru extrapolated a lot out of very little. I watched the video (the relevant section is at the 23:00 mark), and it doesn't talk about client-side scanning of messages. It doesn't talk about messaging apps at all. It discusses using AI techniques to find bad content on Facebook, and the difficulties that arise from dynamic content:

  So far, we have been keeping this fight [against bad actors and harmful content] on familiar grounds. And that is, we have been training our AI models on the server and making inferences on the server when all the data are flooding into our data centers.

  While this works for most scenarios, it is not the ideal setup for some unique integrity challenges. URL masking is one such problem which is very hard to do. We have the traditional way of server-side inference. What is URL masking? Let us imagine that a user sees a link on the app and decides to click on it. When they click on it, Facebook actually logs the URL to crawl it at a later date. But...the publisher can dynamically change the content of the webpage to make it look more legitimate [to Facebook]. But then our users click on the same link, they see something completely different -- oftentimes it is disturbing; oftentimes it violates our policy standards. Of course, this creates a bad experience for our community that we would like to avoid. This and similar integrity problems are best solved with AI on the device.

  That might be true, but it also would hand whatever secret-AI sauce Facebook has to every one of its users to reverse engineer -- which means it's probably not going to happen. And it is a dumb idea, for reasons Steve Bellovin has pointed out.

  Facebook's first published response was a comment on the Hacker News website from a user named "wcathcart," which Cardozo assures me is Will Cathcart, the vice president of WhatsApp. (I have no reason to doubt his identity, but surely there is a more official news channel that Facebook could have chosen to use if they wanted to.) Cathcart wrote:

  We haven't added a backdoor to WhatsApp. The Forbes contributor referred to a technical talk about client side AI in general to conclude that we might do client side scanning of content on WhatsApp for anti-abuse purposes.

  To be crystal clear, we have not done this, have zero plans to do so, and if we ever did it would be quite obvious and detectable that we had done it. We understand the serious concerns this type of approach would raise which is why we are opposed to it.

  Facebook's second published response was a comment on my original blog post, which has been confirmed to me by the WhatsApp people as authentic. It's more of the same.

  So, this was a false alarm. And, to be fair, Alec Muffet called foul on the first Forbes piece:

  So, here's my pre-emptive finger wag: Civil Society's pack mentality can make us our own worst enemies. If we go around repeating one man's Germanic conspiracy theory, we may doom ourselves to precisely what we fear. Instead, we should ­ we must ­ take steps to constructively demand what we actually want: End to End Encryption which is worthy of the name.

  Blame accepted. But in general, this is the sort of thing we need to watch for. End-to-end encryption only secures data in transit. The data has to be in the clear on the device where it is created, and it has to be in the clear on the device where it is consumed. Those are the obvious places for an eavesdropper to get a copy.

  This has been a long process. Facebook desperately wanted to convince me to correct the record, while at the same time not wanting to write something on their own letterhead (just a couple of comments, so far). I spoke at length with Privacy Policy Manager Nate Cardozo, whom Facebook hired last December from EFF. (Back then, I remember thinking of him -- and the two other new privacy hires -- as basically human warrant canaries. If they ever leave Facebook under non-obvious circumstances, we know that things are bad.) He basically leveraged his historical reputation to assure me that WhatsApp, and Facebook in general, would never do something like this. I am trusting him, while also reminding everyone that Facebook has broken so many privacy promises that they really can't be trusted.

  Final note: If they want to be trusted, Adam Shostack and I gave them a road map.

  Hacker News thread.

  EDITED TO ADD (8/4): Slashdot covered my retraction.

• Ed Yong A New Clue to How Life Originated

  When Caitlin Cornell looked down her microscope, she saw large bright spots against a black background. They resembled miniature suns, blazing against the backdrop of space. And when Cornell showed the spots to her supervisor, Sarah Keller, a chemist at the University of Washington, “we got really excited,” she recalls. “It was a bit of an ‘Aha!’ moment.” Those spots, she realized, might help address a long-standing puzzle about the origin of life itself.

  The cells that make up all living things, despite their endless variations, contain three fundamental elements. There are molecules that encode information and can be copied—DNA and its simpler relative, RNA. There are proteins—workhorse molecules that perform important tasks. And encapsulating them all, there’s a membrane made from fatty acids. Go back far enough in time, before animals and plants and even bacteria existed, and you’d find that the precursor of all life—what scientists call a “protocell”—likely had this same trinity of parts: RNA and proteins, in a membrane. As the physicist Freeman Dyson once said, “Life began with little bags of garbage.”

  The bags—the membranes—were crucial. Without something to corral the other molecules, they would all just float away, diffusing into the world and achieving nothing. By concentrating them, membranes transformed an inanimate world of disordered chemicals into one teeming with redwoods and redstarts, elephants and E. coli, humans and hagfish. Life, at its core, is about creating compartments. And that’s much easier and much harder than it might seem.

  [Read: A break in the search for the origin of complex life]

  First, the easy bit. Early cell membranes were built from fatty acids—molecules that look like lollipops, with round heads and long tails. The heads enjoy the company of water; the tails despise it. So, when placed in water, fatty acids self-assemble into hollow spheres, with the water-hating tails pointing inward and the water-loving heads on the surface. These spheres can enclose RNA and proteins, making protocells. Fatty acids, then, can automatically create the compartments that were necessary for life to emerge. It almost seems too good to be true.

  And it is, for two reasons. Life first arose in salty oceans, and salt catastrophically destabilizes the fatty-acid spheres. Also, certain ions, including magnesium and iron, cause the spheres to collapse, which is problematic since RNA—another key component of early protocells—requires these ions. How, then, could life possibly have arisen, when the compartments it needs are destroyed by the conditions in which it first emerged, and by the very ingredients it needs to thrive?

  Caitlin Cornell and Sarah Keller have an answer to this paradox. They’ve shown that the spheres can withstand both salt and magnesium ions, as long as they’re in the presence of amino acids—the simple molecules that are the building blocks of proteins. The little suns that Cornell saw under her microscope were mixtures of amino acids and fatty acids, holding their spherical shape in the presence of salt.

  I find that utterly magical. It means that two of the essential components of life, a protocell’s membrane and its proteins, provided the conditions for each other to exist. By sticking to the fatty acids, the amino acids gave them stability. In turn, the fatty acids concentrated the amino acids, perhaps encouraging them to coalesce into proteins. From the very beginning, these partners were locked in a two-step dance that continued for 3.5 billion years, and helped create all the richness of biology from a starting place of mere chemistry. “I agree completely,” Keller tells me. “It’s completely magical. You need those two parts together.”

  “It’s fantastic work,” says Neal Devaraj, of UC San Diego. “Their suggestion that membranes could promote the synthesis of [proteins] is really fascinating.”

  This discovery happened almost by accident. Originally, Keller set out to address a different problem, posed to her by her colleague Roy Black. He noted that no one had good ideas about how exactly the protocell trinity—RNA, proteins, and membranes—actually assembled in the first place. It seemed that people were just waving their hands and attributing this crucial convergence to some random event. Black, instead, suggested that the membranes themselves were key. If fatty acids can stick to the constituents of both proteins and RNA, they could have gathered these building blocks together as they themselves assembled.

  Cornell tested that idea by incubating a fatty acid with three different amino acids, all of which are thought to have existed on the primordial Earth. Sure enough, as Black had suspected, the molecules interacted with one another. But when she looked under the microscope, Cornell realized something special was happening.

  On their own, the fatty acids predictably self-assembled into hollow spheres. “They looked like jellyfish: clear insides with opaque edges, floating around,” she says. If she added salt or magnesium ions, these jellyfish disintegrated. But if she did that after adding amino acids, they held their shape. What’s more, they transformed into shapes that Cornell likens to glowing onions. Their once-hollow centers were filled with another layer of fatty acids—spheres within spheres. Not coincidentally, that’s what our actual cells are like, with membranes that comprise two fatty layers instead of one.

  So, the presence of amino acids not only protects the fatty-acid spheres, but also turns them into something more obviously biological. Why? “We have no idea, and we wouldn’t have predicted it,” Keller says, laughing. “We’re in a lovely place that opens the field up to future theory.”

  [Read: Simulating the origins of life]

  “This is great work,” says Kate Adamala of the University of Minnesota. Other studies, she notes, have found interactions between any two of amino acids, fatty-acid membranes, and RNA, but Cornell and Keller’s study effectively ties all three together. Amino acids allow membranes to exist in the presence of magnesium, which RNA needs to function.

  The study of life’s origins is always contentious. Scientists often disagree furiously about things that are happening right now, let alone events that occurred more than 3.5 billion years ago. Some researchers, for example, think that life began in shallow volcanic pools, while others argue that it must have arisen in underwater vents. Keller’s ideas, mercifully, work in both environments. “I’m agnostic,” she says. “I’m excited that [our study] makes the idea of protocells more plausible independent of the location.”

  She’s now looking into what happens after the protocells assemble. Sure, there’s a compartment that contains the building blocks for making proteins and RNA. “But how do those individual building blocks bond to form the larger molecules?” she says. “It’s a very hard question.”