A web developer who also spends a lot of time behind a camera.
78 stories
·
3 followers

XOXO 2024 Conference Videos

1 Comment and 2 Shares

Well, add XOXO to the list of conferences I was never able to attend. The final edition occurred this year and it looked pretty special.

Happily, if you — as I — were unable to attend in person, Andy Baio has begun uploading videos of this year’s talks. I have watched those from Cabel Sasser, Dan Olson, Molly White, and Sarah Jeong. These are all worth your time — and so are, I am sure, the ones I have not yet seen.

Update: Be sure to watch Sasser’s talk before exploring an amazing archive he is assembling. Seriously — watch first, then click.

⌥ Permalink

Read the whole story
davenelson
37 days ago
reply
# TODO: Watch a bunch of these
Atlanta, Georgia
Share this story
Delete

Okay okay we all know Johnny cash did his cover of Hurt and we were all like “ok he owns that now”…

2 Comments and 5 Shares

sophiamcdougall:

feuervogel:

atlinmerrick:

anais-ninja-bitch:

wrenchinator-central:

fullmetalfisting:

fullmetalfisting:

Okay okay we all know Johnny cash did his cover of Hurt and we were all like “ok he owns that now” but I watched the music video he made and I’m like “oh he OWNS it owns it”

It’s totally wild to me because most people agree that Trent Reznor is a master of his craft and Hurt is considered one of NIN’s best songs. Imagine having this great hit and 8 years later a musical legend who hasn’t done anything great in a long time and is ostensibly dying takes your song and fucking. Just fucking obliterates you

Taken from the Wikipedia page. Even Trent Reznor said it’s not his song anymore.

in case you hadn’t seen

Holy hell that’s video is…painful and stunning. If you grew up listening to Johnny Cash I think it’ll hit even harder. And June Carter Cash is in the video, which takes hard and doubles it.

#i remember my friend vali saying#why is anyone trying to make songvids to this song?#the most emotionally gutting video has already been made#by johnny cash himself (@bossymarmalade)

I’m glad people who didn’t know who are discovering it’s a cover, not just because Trent Reznor deserves that much, but because I think the fact that Cash did not write it is crucial to the power of his version. This is a young man’s song about suffering, about addiction and self-destruction in youth. And Cash is, in the most majestic possible way, taking that and going “oh kid, you have no idea”, and changes the meaning without changing the lyrics (except for a single word). In his voice, on his face, in his aged hands on the guitar and piano, it becomes about the agonising brevity of life, the irretrievability of mistakes, and the inevitable loss of everything, including a recognisable self. But the creativity of repurposing only shows if you can still see what was originally there.

Read the whole story
davenelson
44 days ago
reply
Hurt by Johnny Cash always breaks me up and leaves me broken for a while. Knowing some of what Reznor went through that lead to its creation, then what Cash went through to put him in that place, and then what I have been through and what I have not had to live through...
Atlanta, Georgia
Share this story
Delete

Internet picks “werewolf clawing off its own shirt” as new Michigan “I Voted” sticker

2 Comments
A picture of the winning sticker.

Voting really feels good to this werewolf. (credit: State of Michigan)

You can't just ask the Internet to vote on something and assume you'll get a "normal" result.

The town of Fort Wayne, Indiana, learned this the hard way in 2011, when an online vote to name a new government center in town went with "Harry Baals." Though Mr. Baals was in fact a respected former mayor of the town back in the 1930s, contemporary officials weren't convinced that his name was chosen out of merely historical interest.

Or there was the time in 2015 when the British Columbia Ferry Service asked Internet users to name its newest ships and perhaps win a $500 prize. Contest entries included:

  • Spirit of The WalletSucker
  • The Floating Crapsickle
  • Royal Docksitter
  • The Coastal Corruption
  • HMS Cantafford
  • Queen of the Damned

Or again—and perhaps most famously—there was the UK government's gloriously naive decision in 2016 to let the Internet pick a new name for a £200 million polar research vessel. And 124,109 members of the general public chose... Boaty McBoatface. (This was later overridden by the government, which named the ship the RRS Sir David Attenborough instead, but one of the boat's remotely operated underwater vehicles was named Boaty McBoatface as a consolation prize.)

Even the not-quite-bleeding-edge-of-tech New York Times recognized in its headline on the story that this is "What You Get When You Let the Internet Decide."

So, despite many years of cautionary tales, the state of Michigan this year launched a contest to design some new "I Voted" sticker designs. (NB: For our non-American readers, these stickers are often given out when you vote in elections so that you can shame any nonvoting friends, family, and colleagues with your civic virtue.)

The state commissioned designs from local school kids, no doubt anticipating that said designs would feature things like heartwarming drawings of the Michigan mitten. And they let the Internet weigh in on the results.

More than 57,000 people did so—and that's why voters across the state, once they cast a ballot in this year's presidential election, might be handed a round sticker featuring a werewolf ripping its own shirt to shreds as it throws its head back and howls like a maniac in front of an American flag. And it is glorious.

Why not?

This piece of inspired artwork came from the mind and pen of 12-year-old Jane Hynous of Grosse Pointe Farms. Though the contest selected nine winners, Hynous' design beat every other entry by a wide margin. (See all winners here.)

The New York Times called Hynous to talk about the sticker and received this terrific quote:

"I didn't want to do something that usually you think of when you think of Michigan," she said. "I was like, 'Why not make a wolf pulling his shirt off?'"

Why not, indeed? Clearly, the Internet has delivered on this one.

Michigan plans to print a million stickers, which will feature all nine winning designs, and local election clerks will need to order specific designs from the state. (They can also order the original, boring American flag "I Voted" stickers.)

So if you live in Michigan, and if this November you want your shirt adorned with an insane werewolf celebrating the vote you just cast, now is the time to let your local clerk know.

Still, despite these great designs, I can't help but feel that an opportunity was lost. No "Votey McVoteface"? Perhaps in 2028.

Read Comments

Read the whole story
davenelson
72 days ago
reply
I will be printing out a bunch of these!
Atlanta, Georgia
Share this story
Delete
1 public comment
fxer
75 days ago
reply
> The town of Fort Wayne, Indiana, learned this the hard way in 2011, when an online vote to name a new government center in town went with "Harry Baals." Though Mr. Baals was in fact a respected former mayor of the town back in the 1930s

Hey he was a former mayor, SHIP IT
Bend, Oregon
fancycwabs
75 days ago
I was gonna vote anyway, but I'd vote twice if I could get a sweet sticker like that.
ReadLots
74 days ago
I like everything about this sticker. Best decision ever!

Why Your Wi-Fi Router Doubles as an Apple AirTag

1 Comment and 2 Shares

Image: Shutterstock.

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems — and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

At issue is the way that Apple collects and publicly shares information about the precise location of all Wi-Fi access points seen by its devices. Apple collects this location data to give Apple devices a crowdsourced, low-power alternative to constantly requesting global positioning system (GPS) coordinates.

Both Apple and Google operate their own Wi-Fi-based Positioning Systems (WPS) that obtain certain hardware identifiers from all wireless access points that come within range of their mobile devices. Both record the Media Access Control (MAC) address that a Wi-FI access point uses, known as a Basic Service Set Identifier or BSSID.

Periodically, Apple and Google mobile devices will forward their locations — by querying GPS and/or by using cellular towers as landmarks — along with any nearby BSSIDs. This combination of data allows Apple and Google devices to figure out where they are within a few feet or meters, and it’s what allows your mobile phone to continue displaying your planned route even when the device can’t get a fix on GPS.

With Google’s WPS, a wireless device submits a list of nearby Wi-Fi access point BSSIDs and their signal strengths — via an application programming interface (API) request to Google — whose WPS responds with the device’s computed position. Google’s WPS requires at least two BSSIDs to calculate a device’s approximate position.

Apple’s WPS also accepts a list of nearby BSSIDs, but instead of computing the device’s location based off the set of observed access points and their received signal strengths and then reporting that result to the user, Apple’s API will return return the geolocations of up to 400 hundred more BSSIDs that are nearby the one requested. It then uses approximately eight of those BSSIDs to work out the user’s location based on known landmarks.

In essence, Google’s WPS computes the user’s location and shares it with the device. Apple’s WPS gives its devices a large enough amount of data about the location of known access points in the area that the devices can do that estimation on their own.

That’s according to two researchers at the University of Maryland, who said they theorized they could use the verbosity of Apple’s API to map the movement of individual devices into and out of virtually any defined area of the world. The UMD pair said they spent a month early in their research continuously querying the API, asking it for the location of more than a billion BSSIDs generated at random.

They learned that while only about three million of those randomly generated BSSIDs were known to Apple’s Wi-Fi geolocation API, Apple also returned an additional 488 million BSSID locations already stored in its WPS from other lookups.

UMD Associate Professor David Levin and Ph.D student Erik Rye found they could mostly avoid requesting unallocated BSSIDs by consulting the list of BSSID ranges assigned to specific device manufacturers. That list is maintained by the Institute of Electrical and Electronics Engineers (IEEE), which is also sponsoring the privacy and security conference where Rye is slated to present the UMD research later today.

Plotting the locations returned by Apple’s WPS between November 2022 and November 2023, Levin and Rye saw they had a near global view of the locations tied to more than two billion Wi-Fi access points. The map showed geolocated access points in nearly every corner of the globe, apart from almost the entirety of China, vast stretches of desert wilderness in central Australia and Africa, and deep in the rainforests of South America.

A “heatmap” of BSSIDs the UMD team said they discovered by guessing randomly at BSSIDs.

The researchers said that by zeroing in on or “geofencing” other smaller regions indexed by Apple’s location API, they could monitor how Wi-Fi access points moved over time. Why might that be a big deal? They found that by geofencing active conflict zones in Ukraine, they were able to determine the location and movement of Starlink devices used by both Ukrainian and Russian forces.

The reason they were able to do that is that each Starlink terminal — the dish and associated hardware that allows a Starlink customer to receive Internet service from a constellation of orbiting Starlink satellites — includes its own Wi-Fi access point, whose location is going to be automatically indexed by any nearby Apple devices that have location services enabled.

A heatmap of Starlink routers in Ukraine. Image: UMD.

The University of Maryland team geo-fenced various conflict zones in Ukraine, and identified at least 3,722 Starlink terminals geolocated in Ukraine.

“We find what appear to be personal devices being brought by military personnel into war zones, exposing pre-deployment sites and military positions,” the researchers wrote. “Our results also show individuals who have left Ukraine to a wide range of countries, validating public reports of where Ukrainian refugees have resettled.”

In an interview with KrebsOnSecurity, the UMD team said they found that in addition to exposing Russian troop pre-deployment sites, the location data made it easy to see where devices in contested regions originated from.

“This includes residential addresses throughout the world,” Levin said. “We even believe we can identify people who have joined the Ukraine Foreign Legion.”

A simplified map of where BSSIDs that enter the Donbas and Crimea regions of Ukraine originate. Image: UMD.

Levin and Rye said they shared their findings with Starlink in March 2024, which said it began shipping software updates in 2023 that force Starlink access points to randomize their BSSIDs.

Starlink’s parent SpaceX did not respond to requests for comment. But the researchers shared a graphic they said was created from their Starlink BSSID monitoring data, which shows that just in the past month there was a substantial drop in the number of Starlink devices that were geo-locatable using Apple’s API.

UMD researchers shared this graphic, which shows their ability to monitor the location and movement of Starlink devices by BSSID dropped precipitously in the past month.

They also shared a written statement they received from Starlink, which acknowledged that Starlink User Terminal routers originally used a static BSSID/MAC:

“In early 2023 a software update was released that randomized the main router BSSID,” the statement reads. “Subsequent software releases have included randomization of the BSSID of WiFi repeaters associated with the main router. Software updates that include the repeater randomization functionality are currently being deployed fleet-wide on a region-by-region basis. We believe the data outlined in your paper is based on Starlink main routers and or repeaters that were queried prior to receiving these randomization updates.”

The researchers also focused their geofencing on the Israel-Hamas war in Gaza, and were able to track the migration and disappearance of devices throughout the Gaza Strip as Israeli forces cut power to the country and bombing campaigns knocked out key infrastructure.

“As time progressed, the number of Gazan BSSIDs that are geolocatable continued to decline,” they wrote. “By the end of the month, only 28% of the original BSSIDs were still found in the Apple WPS.”

Apple did not respond to requests for comment. But in late March 2024, Apple quietly tweaked its privacy policy, allowing people to opt out of having the location of their wireless access points collected and shared by Apple — by appending “_nomap” to the end of the Wi-Fi access point’s name (SSID).

Apple updated its privacy and location services policy in March 2024 to allow people to opt out of having their Wi-Fi access point indexed by its service, by appending “_nomap” to the network’s name.

Rye said Apple’s response addressed the most depressing aspect of their research: That there was previously no way for anyone to opt out of this data collection.

“You may not have Apple products, but if you have an access point and someone near you owns an Apple device, your BSSID will be in [Apple’s] database,” he said. “What’s important to note here is that every access point is being tracked, without opting in, whether they run an Apple device or not. Only after we disclosed this to Apple have they added the ability for people to opt out.”

The researchers said they hope Apple will consider additional safeguards, such as proactive ways to limit abuses of its location API.

“It’s a good first step,” Levin said of Apple’s privacy update in March. “But this data represents a really serious privacy vulnerability. I would hope Apple would put further restrictions on the use of its API, like rate-limiting these queries to keep people from accumulating massive amounts of data like we did.”

The UMD researchers said they omitted certain details from their research to protect the users they were able to track, noting that the methods they used could present risks for those fleeing abusive relationships or stalkers.

“We observe routers move between cities and countries, potentially representing their owner’s relocation or a business transaction between an old and new owner,” they wrote. “While there is not necessarily a 1-to-1 relationship between Wi-Fi routers and users, home routers typically only have several. If these users are vulnerable populations, such as those fleeing intimate partner violence or a stalker, their router simply being online can disclose their new location.”

The researchers said Wi-Fi access points that can be created using a mobile device’s built-in cellular modem do not create a location privacy risk for their users because mobile phone hotspots will choose a random BSSID when activated.

“Modern Android and iOS devices will choose a random BSSID when you go into hotspot mode,” he said. “Hotspots are already implementing the strongest recommendations for privacy protections. It’s other types of devices that don’t do that.”

For example, they discovered that certain commonly used travel routers compound the potential privacy risks.

“Because travel routers are frequently used on campers or boats, we see a significant number of them move between campgrounds, RV parks, and marinas,” the UMD duo wrote. “They are used by vacationers who move between residential dwellings and hotels. We have evidence of their use by military members as they deploy from their homes and bases to war zones.”

A copy of the UMD research is available here (PDF).

Read the whole story
davenelson
164 days ago
reply
Has no one heard of Wigle.net?
Atlanta, Georgia
Share this story
Delete

fieldbears:thepromiscuousfinger:was tim okay though

2 Comments and 4 Shares

fieldbears:

thepromiscuousfinger:

was tim okay though

Read the whole story
davenelson
178 days ago
reply
Many autistic people anthropomorphize inanimate objects on the regular, not just those with a face.
Atlanta, Georgia
Share this story
Delete
1 public comment
fxer
178 days ago
reply
Tim was survived by his dry erase marker and box of crayons
Bend, Oregon
DMack
177 days ago
I didn't care what happened to Wall-e then, and I want to push ChatGPT off a bridge now

‘Goodbye to Apple’s Smart Keyboard Folio’

2 Comments

Chris Welch, The Verge:

Then there was the fact that the folio keyboard was so damn light. It kept the iPad Pro feeling like an iPad in my bag. That has never, ever been the case with a Magic Keyboard attached. When it goes on, you’ve entered MacBook weight territory. I’m not saying there’s any problem with that, but with the Smart Keyboard Folio, there was something special about toting around such a powerful combo that always stayed so airy on my back.

At best, Apple is being somewhat stubborn in assuming that every iPad Pro buyer wants the tablet to feel like a laptop (and be a similar weight to one) whenever a keyboard is attached, which is what the Magic Keyboard gets you. If you want to view it with more pessimism, the company is intentionally doing away with what was a compelling, more affordable accessory — one that was easy to take anywhere — in hopes that more people will cave and fork over $300 for the only first-party keyboard that’s available for the new Pro.

I suspect if it had been more popular, Apple would have made new ones for the new iPads. But I know Welch is not alone in his affinity for it. The textile-covered keyboard was far from ideal for typing feel, but the whole point of the Smart Keyboard Folio was to be a “good enough” keyboard when you need it — and the nature of that sort of keyboard made it perfect for use in a kitchen, with wet or dirty fingers. It was a keyboard cover you could just leave on your iPad all the time — and the Magic Keyboard isn’t that.

Read the whole story
davenelson
190 days ago
reply
I have a Brydge keyboard that I like a lot. But the iPad will work with any bluetooth keyboard, even the cheap $10 ones, so no need for a $300 keyboard that doubles the weight without adding any battery life.
Atlanta, Georgia
Share this story
Delete
1 public comment
samuel
190 days ago
reply
Goodbye to my preferred keyboard for iPad
Cambridge, Massachusetts
Next Page of Stories