Tags / applications

Tagged with “applications” (49) activity chart

  1. Podcast #56 – Green or Red Curae « Blog – Stack Exchange

    Welcome to the Stack Exchange Podcast #56 recorded on Thursday, March 6th 2014, aka the 4th of Adar II 5774, aka the second day of Lent. Today’s podcast is sponsored by Patent Trolls of America. Today’s guest is Micah Siegel, Senior Patent Advisor at Stack Exchange and Professor Emeritus at Stanford.

    But first, Community Milestones!

    We’ve already talked at length about The Workplace, but it should be noted that the Workplace community has just graduated. They are now a fully-fledged site, so go check out their design!

    Arduino is our newest public beta site. (An Arduino is a tiny little computer board thing, according to Jay.) We’ve tried it in the past and didn’t have enough activity, but this iteration is looking much stronger and we’re excited to see where it will go. Also, March 29th is Arduino Day.

    At long, long last, Personal Finance & Money has graduated. We love money! Longtime beleaguered designer Jin finally has assistance on his design team, so we are working through the backlog of graduated site designs.

    To commemorate Money’s graduation, we’ve made it Community of the Week. Here are some of the cool questions we discussed:

    Best way to start investing for a young person just starting their career?

    In a competitive market, why is movie theater popcorn expensive?

    Why does gold have value?

    This site grew out of an SE 1.0 site on the same topic, and it’s therefore one of our oldest sites. Check it out!

    Next up, we have New Features. Or, we don’t, because we haven’t done anything, and David is demoted. Just kidding: we do!

    We added the ability to customize your list of communities in the top bar switcher.

    We made some tweaks to the close vote review queue on Stack Overflow in an attempt to get it down from approximately nine billion flags. You can also sort by tag (or type of close vote), which you could always do, but now it’s much more visible. Here’s how it works.

    Work is ongoing on our mobile apps, as always. Reminder: you can download our Android app or sign up to alpha test our iOS app.

    Okay! Let’s talk patents! (Jay loves them, but David says they’re the worst.) It’s been a year since we started the Ask Patents project. Joel walks us through why we got into this area in the first place, and we fixed the problem. Done. Solved! (Kinda.) It’s confusing, because code is both copyrightable and patentable. About 7% of the patent applications submitted to the USPTO are what we call problematic. We decided to pick out the ones we are most concerned about and post them on the site for our communities to peruse and choose prior art. Micah talks through how we chose the patent applications to post, and how it’s been going. (Fun fact: we are the first entity to get a YouTube video accepted as prior art!)

    By the way, here’s the Planet Money podcast Joel was talking about.

    We came up with a hack about six months ago to help us make this process scale. Instead of filling out the janky confusing form, we simply started emailing the relevant Ask Patents link directly to the patent examiner. Magic!

    So is it working? We’ve proven as far as we can tell that if we target a bad application and put enough eyes from Stack Overflow on it, we’ll get good prior art. We know how all of the numbers break down: exactly how many people on Stack Overflow have to see the bad software patent in order for us to get enough prior art that enough of it will be good enough prior art to trigger an email to the patent examiner.

    What can people do right now if they want to make a difference? Go find some prior art requests and post prior art to help us destroy some patents. (Also, you can follow Ask Patents on Twitter.)

    Micah is consulting for a few other companies on patent issues, so you can contact him if your company wants to pick his brain. He knows a lot about the current Supreme Court case that might outlaw software patents altogether (but not for a long time).

    Thanks for listening to Stack Exchange Podcast #56, sponsored by the Patent Trolls of America. See you next time!

    Podcast #56: Green or Red Curae [ 1:00:35 ] Download

    Filed under podcasts

    http://blog.stackoverflow.com/2014/03/podcast-56-green-or-red-curae/

    —Huffduffed by wka one month ago

  2. Fast Internet-wide Scanning and its Security Applications

    Internet-wide network scanning has powerful security applications, including exposing new vulnerabilities, tracking their mitigation, and exposing hidden services.

    Unfortunately, probing the entire public address space with standard tools like Nmap requires either months of time or large clusters of machines.

    In this talk, I’ll demonstrate ZMap, an open-source network scanner developed by my research group that is designed from the ground up to perform Internet-wide scans efficiently.

    We’ve used ZMap with a gigabit Ethernet uplink to survey the entire IPv4 address space in under 45 minutes from a single machine, more than 1300 times faster than Nmap.

    I’ll explain how ZMap’s architecture enables such high performance.

    We’ll then work through a series of practical examples that explore the security applications of very fast Internet-scale scanning, both offensive and defensive.

    I’ll talk about results and experiences from conducting more than 300 Internet-wide scans over the past 18 months, including new revelations about the state of the HTTPS CA ecosystem.

    I’ll discuss the reactions our scans have generated—on one occasion we were mistaken for an Iranian attack against U.S. banks and we received a visit from the FBI—and I’ll suggest guidelines and best practices for good Internet citizenship while scanning.

    Internet-scale network surveys collect data by probing large subsets of the public IP address space.

    While such scanning behavior is often associated with botnets and worms, it also has proved to be a powerful methodology for security research.

    Recent studies, beginning with the EFF’s SSL Observatory, have demonstrated that Internet-wide scanning can help reveal new kinds of vulnerabilities, monitor deployment of mitigations, and shed light on previously opaque distributed ecosystems.

    Unfortunately, this methodology has been more accessible to attackers than to researchers without access to botnets or willingness to spread self-replicating code.

    Comprehensively scanning the public address space with off-the-shelf tools like Nmap requires weeks of time or many machines.

    To make Internet-wide scanning more accessible, my research team recently introduced ZMap, an open-source network scanner that is designed from the ground up to perform Internet-scale port scans.

    In our tests using a gigabit Ethernet uplink, ZMap scans the entire IPv4 address space in under 45 minutes from a single machine, more than 1300 times faster than Nmap.

    By the time of the talk, we’ll have switched to a 10 gigE uplink, which should theoretically support scanning the entire address space in under 5 minutes.

    I’ll explain how ZMap’s architecture enables such high performance by taking advantage of fast modern hardware and recent improvements to the Linux kernel.

    We’ll work through a series of practical examples that explore the security applications of very fast Internet-scale scanning, both offensive and defensive, and I’ll share experiences from conducting more than 300 Internet-wide scans over the past 18 months, totaling well over 1 trillion probes.

    I’ll describe how we completed hundreds of scans targeting every public HTTPS server (each scan larger than the entire SSL Observatory) in order to shed light on the growth of HTTPS deployments and expose security problems within the HTTPS ecosystem, such as misissued CA certs and widespread server misconfiguration.

    I’ll show how high-speed scanning can be used to expose vulnerable hosts, using IPMI and UPnP vulnerabilities as recent examples.

    Malicious attackers could abuse this capability to exploit 0day vulnerabilities affecting millions of hosts within hours of a problem’s discovery, and better defenses are badly needed.

    Finally, I’ll discuss applications to Internet freedom, including discovering unadvertised services such as hidden Tor bridges (used for censorship resistance) and Bluecoat devices (used for state-sponsored censorship).

    High-speed scanning can be a powerful tool in the hands of security researchers, but users must be careful not to cause harm by inadvertently overloading networks or causing unnecessary work for network administrators.

    I’ll discuss the complaints and other reactions my group’s scanning has generated—on one occasion we were mistaken for an Iranian DoS attack on U.S. banks, and we received a visit from the FBI—and I’ll suggest several guidelines and best practices for good Internet citizenship while scanning.

    We are living in a unique period in the history of the Internet: widely available networks are becoming fast enough to quickly and exhaustively scan the IPv4 address space, yet IPv6 (with its much larger address space) has not yet been widely deployed.

    I hope this talk will help researchers make the most of this window of opportunity.

    http://events.ccc.de/congress/2013/Fahrplan/events/5533.html

    Day: 2013-12-28 Start time: 12:45 Duration: 01:00 Room: Saal 2 Track: Security & Safety Language: en

    —Huffduffed by Jonny007MKD 3 months ago

  3. Android DDI

    As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique.

    As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique.

    Outline: - General Introduction - Background - Introduction to Android and Dalvik - Applications - Introduction to Dynamic Instrumentation - Basics (Native Code) - Introducing: Android DDI - Details - Tools - Examples - Real World Attack Example - Conclusions

    Take Away: This talk is highly technical, you will learn about new techniques for analyzing and modifying Android applications. You will want to try out what you saw in this talk.

    http://events.ccc.de/congress/2013/Fahrplan/events/5192.html

    Day: 2013-12-29 Start time: 16:00 Duration: 01:00 Room: Saal 1 Track: Security & Safety Language: en

    —Huffduffed by Jonny007MKD 3 months ago

  4. 5by5 | Mac Power Users #32: Pictures and Your Mac

    Just in time for summer vacation Katie and David talk about storing, organizing and managing photos on your Mac. Photography Podcasts Typical Shutterbug This Week in Photography Derek Story’s Digital Story Applications: iPhoto Aperture Lig

    http://5by5.tv/mpu/32

    —Huffduffed by zkanka 5 months ago

  5. The Digital Life - Episode 55 - The Programmable World

    Whether we notice it or not, we’re surrounded by machines and sensors. Our world is networked and made of code. We need new skills and perspectives to take charge of the programmable world we’ve built. Because if we don’t learn to program the world we want, it may very well program us. In this episode of The Digital Life, we discuss the "Programmable World" with Matt Nish-Lapidus, Design Director at Normative.

    http://thedigitalife.com/5_questions/the-programmable-world

    —Huffduffed by Clampants 6 months ago

  6. 5by5 | Mac Power Users #13: Task Management Smackdown

    We’ve gotten a lot of requests for this episode, so here it is, our Task Management Smackdown. In one corner, David and The Omni Group’s Omni Focus. In another, Katie and Cultured Code’s Things. The duo discuss their system for managing tasks and how thei

    http://5by5.tv/mpu/13

    —Huffduffed by KsLimbs 11 months ago

  7. 43F Podcast: Snell & Gruber on iPhone applications | 43 Folders

    Jason Snell and John Gruber on iPhone applications Merlin talks with MacWorld Magazine’s Jason Snell and DaringFireball.net’s John Gruber about the likely future of applications for the recently announced iPhone. Who will be allowed

    http://www.43folders.com/2007/01/10/iphone-applications

    —Huffduffed by pbendersky 11 months ago

  8. Jared Spool – Mobile & UX: Inside the Eye of the Perfect Storm Live! » UIE Brain Sparks

    —Huffduffed by roy 11 months ago

  9. 5by5 | Mac Power Users #42: Contacts and Calendars

    In this episode, Katie and David tackle managing contacts and calendars on your Mac and iOS Devices. Apple Address Book iCal ABContacts Dialvetica Calvetica BusyCal BusySync BusyToDo 37signals Highrise iCalShare iCal Calendars Downlo

    http://5by5.tv/mpu/42

    —Huffduffed by tominian one year ago

  10. 5by5 | Mac Power Users #48: GoodReader

    GoodReader is the iOS App that adds a file management system, open virtually any type of file and read and annotate PDF documents. David and Katie share how they use this app in their workflows and how it adds functionality to iOS devices. Links of Inte

    http://5by5.tv/mpu/48

    —Huffduffed by tominian one year ago

Page 1 of 5