Friday, June 6, 2014

Apropos of nothing

I'm just all over the place recently, a real medley of randomness.

Perhaps it's because the World Cup is LESS THAN ONE WEEK AWAY!!!!

  • Explore Every 2014 World Cup Stadium With Google Street View
    Unidade Gestora do Projeto Copa, the Brazilian organization in charge of building the stadiums, built 7 new stadiums, and renovated 5 more to create a wide palette of futebol experiences. You can see all 12 in the gallery above. Each is unique, but the stadiums can start to blur together in the excitement of the tournament, so head over to Google Maps’ World Cup Stadium page to get familiar before the games begin.
  • This Is What a Cursed Soccer Stadium Looks Like
    Then the Uruguayan winger Alcides Ghiggia put them over with a sudden strike. “Only three people have, with just one motion, silenced the Maracan├ú,” he famously said later. “Frank Sinatra, Pope John Paul II and me.”

    The loss, known as the Maracana├žo (since used to refer to any loss by the national team on its home field), became a defining moment for Brazilian soccer.

  • Normal Sex, No Acrobatics: The Variety Of Sexual Restrictions Placed On World Cup Players
    Whether players can or should be allowed to have sex around major sporting events is a common and often funny topic, but sex and sexuality have also been bigger issues around Brazil’s World Cup — and not just when it comes to players.
  • Setting screens is not a lost art
    Flat Screens

    A specialty of the San Antonio Spurs, and especially Mr. Tim Duncan. Timmy's robotic consistency can often hypnotize the viewing public, but his screen-setting is an outstanding combination of good fundamentals and some sneaky techniques. The "Flat Screen" is an excellent example of creating a new screening angle that previously didn't exist on a high pick-and-roll.

  • Colin Kaepernick's contract clause could be the future of negotiations
    Kaepernick will have to purchase an insurance policy that would pay out $20 million to the 49ers in the event of a career-ending injury, according to Albert Breer of the NFL Network.

    That's particularly interesting for a number of reasons. For one, those kinds of things are relatively rare under the new collective bargaining agreement, and we didn't hear about them a whole lot before that either (it is possible that these deals were more commonplace and we simply weren't aware). For two, large portions of Kaepernick's contract are fully guaranteed against injury, so if such a thing were to happen at the right time, both parties would get paid -- Kaepernick by the 49ers and the 49ers by the insurance company.

  • Lion Creek restoration
    The ground where I was standing is mapped at about 8 feet elevation. The other end of the park is approximately where the historic coastal marsh started, so they’re doing the right thing for this location. The culvert is still there to handle floods, but a real creek bed evolves to coexist with floods. So what we have now is sort of a zoo creek. I’ll take it over what was there before.
  • Algorithm as Director
    Just like other members of the board, the algorithm gets to vote on whether the firm makes an investment in a specific company or not. The program will be the sixth member of DKV's board.
  • They Hack Because They Can
    We see a great deal of hand-waving and public discussion about the possibility that foreign cyber attackers may one day use vulnerabilities in our critical infrastructure to cause widespread problems in the United States. But my bet is that if this ever happens in a way that causes death and/or significant destruction, it will not be the result of a carefully-planned and executed cyber warfare manifesto, but rather the work of some moderately skilled and bored cracker who discovered that he could do it.
    Tricking a company like RSA Security into promoting backdoored and sabotaged algorithms for default use in security products is "enabling". Physically sabotaging Cisco routers while they are being shipped out of the US to commercial customers - a serious crime when committed by anyone but the Federal Bureau of Investigation and the NSA - is "enabling".

    Ensuring that communications security encryption chips "used in Virtual Private Networks and Web encryption devices" secretly ship with their security broken open, as specified in the current US "cryptologic capabilities plan", is "enabling". In the coming year, NSA's budget for such Sigint "enabling" is $255m.

  • How I discovered CCS Injection Vulnerability (CVE-2014-0224)
    ChangeCipherSpec MUST be sent at these positions in the handshake. OpenSSL sends CCS in exact timing itself. However, it accepts CCS at other timings when receiving. Attackers can exploit this behavior so that they can decrypt and/or modify data in the communication channel.
  • Early ChangeCipherSpec Attack
    If a ChangeCipherSpec message is injected into the connection after the ServerHello, but before the master secret has been generated, then ssl3_do_change_cipher_spec will generate the keys (2) and the expected Finished hash (3) for the handshake with an empty master secret. This means that both are based only on public information. Additionally, the keys will be latched because of the check at (1) - further ChangeCipherSpec messages will regenerate the expected Finished hash, but not the keys.
  • Why King George III Can Encrypt
    We decided to test whether better metaphors might be able to close this gap between security and usability. Specifically, we wanted metaphors that represented the cryptographic actions a user performs to send secure email and were evocative enough that users could reason about the security properties of PGP without needing to read a lengthy, technical introduction. We settled on four objects: a key, lock, seal and imprint. To send someone a message, secure it with that person’s lock. Only this recipient has the corresponding key, so only they can open it. To prove your identity, stamp the message with your seal. Since everyone knows what your seal’s imprint looks, it’s easy to verify that the message came from you.
  • Why Atom Can’t Replace Vim: Learning the lesson of vi
    Vim, though, is different. Vim only has one command: d, which is “delete.” What does it delete? You name it, literally. The d command gets combined together with those commands for movement: dw deletes to the next word, d$ to the end of the line, dG to the end of the file, and d} to the end of the paragraph.

    This is where Vim’s composability leads to its power. Emacs and Atom don’t have commands for deleting to the end of a file or a paragraph — even when they have commands to move to those places. But in Vim, if you can move to a location, you can delete to that location.

I cannot WAIT to see Michael Bradley, Alejandro Bedoya, Fabian Johnson, Graham Zusi, and Jermaine Jones out on the field together.

Ten more days!

No comments:

Post a Comment