… we know that ubiquitous RFID tags are coming to consumer products. They’ve been coming for years, now, and the applications are endless. More to the point they can be integrated with plastic products and packaging, and printed cheaply enough that they’re on course to replace bar codes.
Embedded microcontrollers are also getting dirt cheap; you can buy them in bulk for under US $0.49 each. Cheap enough to embed in recycling bins, perhaps? Along with a photovoltaic cell for power and a short-range radio transceiver for data. I’ve trampled all over this ground already; the point is, if it’s cheap enough to embed in paving stones, it’s certainly cheap enough to embed in bins, along with a short-range RFID reader and maybe a biosensor that can tell what sort of DNA is contaminating the items dumped in the bins.
The evil business plan of evil (and misery) posits the existence of smart municipality-provided household recycling bins. There’s an inductance device around it (probably a coil) to sense ferrous metals, a DNA sniffer to identify plant or animal biomass and SmartWater tagged items, and an RFID reader to scan any packaging. The bin has a PV powered microcontroller that can talk to a base station in the nearest wifi-enabled street lamp, and thence to the city government’s waste department. The householder sorts their waste into the various recycling bins, and when the bins are full they’re added to a pickup list for the waste truck on the nearest routing — so that rather than being collected at a set interval, they’re only collected when they’re full.
But that’s not all.
Householders are lazy or otherwise noncompliant and sometimes dump stuff in the wrong bin, just as drivers sometimes disobey the speed limit.
The overt value proposition for the municipality (who we are selling these bins and their support infrastructure to) is that the bins can sense the presence of the wrong kind of waste. This increases management costs by requiring hand-sorting, so the individual homeowner can be surcharged (or fined). More reasonably, households can be charged a high annual waste recycling and sorting fee, and given a discount for pre-sorting everything properly, before collection — which they forefeit if they screw up too often.
The covert value proposition … local town governments are under increasing pressure to cut their operating budgets. But by implementing increasingly elaborate waste-sorting requirements and imposing direct fines on households for non-compliance, they can turn the smart recycling bins into a new revenue enhancement channel, much like the speed cameras in Waldo. Churn the recycling criteria just a little bit and rely on tired and over-engaged citizens to accidentally toss a piece of plastic in the metal bin, or some food waste in the packaging bin: it’ll make a fine contribution to your city’s revenue!
Charles Stross, “The Evil Business Plan of Evil (and misery for all)”, Charlie’s Diary, 2015-05-21.
December 7, 2016
QotD: Turning ordinary recycling into a vast revenue enhancement tool
November 27, 2016
QotD: Fabric as technology
In February 1939, Vogue ran a major feature on the fashions of the future. Inspired by the soon-to-open New York World’s Fair, the magazine asked nine industrial designers to imagine what the people of ‘a far Tomorrow’ might wear and why. (The editors deemed fashion designers too of-the-moment for such speculations.) A mock‑up of each outfit was manufactured and photographed for a lavish nine-page colour spread.
You might have seen some of the results online: an evening dress with a see-through net top and strategically placed swirls of gold braid, for instance, or a baggy men’s jumpsuit with a utility belt and halo antenna. Bloggers periodically rediscover a British newsreel of models demonstrating the outfits while a campy narrator (‘Oh, swish!’) makes laboured jokes. The silly get‑ups are always good for self-satisfied smirks. What dopes those old-time prognosticators were!
The ridicule is unfair. Anticipating climate-controlled interiors, greater nudity, more athleticism, more travel and simpler wardrobes, the designers actually got a lot of trends right. Besides, the mock‑ups don’t reveal what really made the predicted fashions futuristic. Looking only at the pictures, you can’t detect the most prominent technological theme.
‘The important improvements and innovations in clothes for the World of Tomorrow will be in the fabrics themselves,’ declared Raymond Loewy, one of the Vogue contributors. His fellow visionaries agreed. Every single one talked about textile advances. Many of their designs specified yet-to-be-invented materials that could adjust to temperature, change colour or be crushed into suitcases without wrinkling. Without exception, everyone foretelling the ‘World of Tomorrow’ believed that an exciting future meant innovative new fabrics.
They all understood something we’ve largely forgotten: that textiles are technology, more ancient than bronze and as contemporary as nanowires. We hairless apes co-evolved with our apparel. But, to reverse Arthur C Clarke’s adage, any sufficiently familiar technology is indistinguishable from nature. It seems intuitive, obvious – so woven into the fabric of our lives that we take it for granted.
Virginia Postrel, “Losing the Thread: Older than bronze and as new as nanowires, textiles are technology — and they have remade our world time and again”, Aeon, 2015-06-05.
November 22, 2016
November 15, 2016
November 13, 2016
QotD: Don’t call it software engineering
The #gotofail episode will become a text book example of not just poor attention to detail, but moreover, the importance of disciplined logic, rigor, elegance, and fundamental coding theory.
A still deeper lesson in all this is the fragility of software. Prof Arie van Deursen nicely describes the iOS7 routine as “brittle”. I want to suggest that all software is tragically fragile. It takes just one line of silly code to bring security to its knees. The sheer non-linearity of software — the ability for one line of software anywhere in a hundred million lines to have unbounded impact on the rest of the system — is what separates development from conventional engineering practice. Software doesn’t obey the laws of physics. No non-trivial software can ever be fully tested, and we have gone too far for the software we live with to be comprehensively proof read. We have yet to build the sorts of software tools and best practice and habits that would merit the title “engineering”.
I’d like to close with a philosophical musing that might have appealed to my old mentors at Telectronics. Post-modernists today can rejoice that the real world has come to pivot precariously on pure text. It is weird and wonderful that technicians are arguing about the layout of source code — as if they are poetry critics.
We have come to depend daily on great obscure texts, drafted not by people we can truthfully call “engineers” but by a largely anarchic community we would be better of calling playwrights.
Stephan Wilson, “gotofail and a defence of purists”, Lockstep, 2014-02-26.
November 9, 2016
November 5, 2016
The Gunpowder Plot: Exploding the Legend
July 10, 2023: Replaced the replacement video with yet another one. Hopefully this one has a bit more staying power.
April 9, 2019: Replaced the original 2016 YouTube link with a current one. After all, the “only man to ever enter Parliament with honest intentions” should be remembered.
Reel Truth History Documentaries
Published on 20 Mar 2019Richard Hammond looks to provide a definite answer to an outstanding mystery of history… Could Guy Fawkes have succeeded with the Gunpowder Plot? 400 years after of the infamous Gunpowder Plot, when Guy Fawkes planned an explosion that would wipe out the King and the entire British Government, the question still remains what impact the blast would have had but this film sets out to discover what would have happened if he’d lit the fuse.
(more…)
November 4, 2016
Blend your own favourite wines right at your kitchen table
In the Economist, a look at a very different kind of wine appliance:
To create a new wine the customer manipulates three sliders on a touch screen attached to the machine. One moves between the extremes of “light” and “full-bodied”. A second runs from “soft”, via “mellow” to “fiery”. The third goes from “sweet” to “dry”. No confusing descriptions like “strawberry notes with a nutty aftertaste” are needed.
The desired glass is then mixed from tanks of each of the four primaries, hidden inside the machine’s plinth. The requisite quantities are pumped into a transparent cone-shaped mixing vessel on top of the plinth. Added air bubbles ensure a good, swirling mix and flashing light-emitting diodes give a suitably theatrical display.
Traditionalists may be appalled by all this, but they should not be. In Mr Wimalaratne’s mind, the function of the Vinfusion system is in principle little different from the blending of grape varieties that goes on in many vineyards, to produce wines more interesting than those based on a single variety. Moreover, if Vinfusion works as intended, it will let people experiment with oenological flavours in a way that is currently impossible and which lets them discover what appeals. A decent sommelier ought then to be able to recommend wines vinified in the conventional way that will taste similar.
In the longer run, recording and collating the requests made to a group of Vinfusion machines might even help restaurants and bars stock bottles that people will like, rather than merely tolerate. And if all this happens, the snobbery and mystique surrounding wine—whether blended in the vineyard or the restaurant—may disappear for good.
The selected “component” wines are chosen for their vintage-to-vintage consistency, so that there’s a lower variability in the wines used to blend your personal selection. This almost certainly wouldn’t work as well with wines from cool climate areas (like Ontario).
November 2, 2016
Online security theatre: “We sell biometric authentication systems to people who need a good password manager”
Joey DeVilla linked to this discussion of the Mirai botnet and the distressing failures of online security … not for the brilliance and sophistication of the attack (it was neither), but the failure to address simple common-sense security issues:
I’ve written about 1988’s Morris worm, and I wanted to dig into the source of the Mirai botnet (helpfully published by the author) to see how far we’ve come along in the past 28 years.
Can you guess how Mirai spreads?
Was there new zeroday in the devices? Hey, maybe there was an old, unpatched vulnerability hanging — who has time to apply software updates to their toaster? Maybe it was HeartBleed 👻?
Nope.
Mirai does one, and only one thing in order to break into new devices: it cycles through a bunch of default username/password combinations over telnet, like “admin/admin” and “root/realtek”. For a laugh, “mother/fucker” is in there too.
Default credentials. Over telnet. That’s how you get hundreds of thousands of devices. The Morris worm from 1988 tried a dictionary password attack too, but only after its buffer overflow and sendmail backdoor exploits failed.
Oh, and Morris’ password dictionary was larger, too.
October 26, 2016
A primer on last week’s IoT DDos attacks
Joey DeVilla provides a convenient layman’s terms description of last Friday’s denial of service attacks on Dyn:
A map of the parts of the internet affected by Friday’s attack. The redder an area is, the more heavily it was affected.
If you’ve been reading about the cyberattack that took place last Friday and are confused by the jargon and technobabble, this primer was written for you! By the end of this article, you’ll have a better understanding of what happened, what caused it, and what can be done to prevent similar problems in the future.
[…]
Hackread’s animation of what happened last Friday. Click the image to see the source.
On Friday, October 21, 2016 at around 6:00 a.m. EDT, a botnet made up of what could be up to tens of millions of machines — a large number of which were IoT devices — mounted a denial-of-service attack on Dyn, disrupting DNS over a large part of the internet in the U.S.. This in turn led to a large internet outage on the U.S. east coast, slowing down the internet for many users and rendered a number of big sites inaccessible, including Amazon, Netflix, Reddit, Spotify, Tumblr, and Twitter.
Flashpoint, a firm that detects and mitigates online threats, was the first to announce that the attack was carried out by a botnet of compromised IoT devices controlled by Mirai malware. Dyn later corroborated Flashpoint’s claim, stating that their servers were under attack from devices located at millions of IP addresses.
The animation above is a visualization of the attack based on the devices’ IP addresses and IP geolocation (a means of approximating the geographic location of an IP address; for more, see this explanation on Stack Overflow). Note that the majority of the devices were at IP addresses (and therefore, geographic locations) outside the United States.
October 18, 2016
This is really what the Internet of Things will be like
October 14, 2016
QotD: You can’t fix network security by changing the users
Every few years, a researcher replicates a security study by littering USB sticks around an organization’s grounds and waiting to see how many people pick them up and plug them in, causing the autorun function to install innocuous malware on their computers. These studies are great for making security professionals feel superior. The researchers get to demonstrate their security expertise and use the results as “teachable moments” for others. “If only everyone was more security aware and had more security training,” they say, “the Internet would be a much safer place.”
Enough of that. The problem isn’t the users: it’s that we’ve designed our computer systems’ security so badly that we demand the user do all of these counterintuitive things. Why can’t users choose easy-to-remember passwords? Why can’t they click on links in emails with wild abandon? Why can’t they plug a USB stick into a computer without facing a myriad of viruses? Why are we trying to fix the user instead of solving the underlying security problem?
Bruce Schneier, “Security Design: Stop Trying to Fix the User”, Schneier on Security, 2016-10-03.
October 4, 2016
September 17, 2016
A contrarian view of the introduction of the tank
At Samizdata, Patrick Crozier gets all contrarian about the tank in a post he titles “Haig’s greatest mistake”:
On 15 September 1916 tanks made their debut at Flers-Courcelette, one of the many engagements which took place during the Battle of the Somme.
The battle marked the beginning of a sorry chapter in British military history because the truth – a truth that to this day few seem prepared to acknowledge – is that the First World War tank was useless.
The list of its failings is lengthy. It was slow, it was unreliable, it had no suspension and it was horrible to operate. The temperature inside was typically over 100°F and as exhaust gases built up so crew effectiveness collapsed. It was also highly vulnerable. Field artillery could take it out easily. Even rifle ammunition could be effective against it. While normal bullets might not be able to penetrate the armour they could knock off small pieces of metal from the inside – known as spall – which then whizzed round the interior wounding all and sundry.
That the tank was the brainchild of Winston Churchill from his days as head of the Admiralty should have alerted senior commanders to the possibility that it was yet another of his crackpot schemes. But they persisted. For his part, Haig being a technophile put a huge amount of faith in the new invention. His diary is littered with references to the tank and he seems to have made great efforts to secure ever more of them. In consequence, huge amounts of effort went into a technological dead end when it would have been far better spent on guns, shells and fuzes.
Not that such efforts were ever likely to satisfy the snake-oil salesmen who made up the ranks of the tank enthusiasts. In the face of tank failure after tank failure they simply claimed that their beloved weapon just wasn’t being used properly.
