VA Research: Informatics

From "VA Research Fact Sheet: Informatics"

Investigators used data from a national cardiovascular registry to implement a continuous surveillance program to monitor post-surgical outcomes for implantable vascular-closure devices. Researchers from the VA Tennessee Valley Healthcare System and other institutions analyzed 73,124 patients who had received Mynx devices. They found that prospective, active surveillance of a clinical registry could rapidly identify potential safety signals. (N Engl J Med, Feb. 9, 2017)

You can discover more about VA research on informatics and other key topics here.

US-China Tariffs

The US is in the process of imposing several waves of tariffs on China. As of April 2018, the US implemented tariffs on steel and aluminum imports from China. A new wave of tariffs imposed on July 6 targets advanced technology to further limit Chinese imports. A future round is currently undergoing a public comment and review process. China responds:

BEIJING — China will make economic changes at its own pace regardless of U.S. pressure, and their worsening dispute over technology policy can only be solved through negotiations as equals, a Commerce Ministry spokesman said Thursday.

The comments reinforced Beijing's rejection of U.S. demands to scale back technology plans Washington says violate China's free-trade commitments and might erode American industrial leadership.

The spokesman, Gao Feng, gave no indication of plans for more negotiations over the conflict, which threatens to chill global trade and economic growth.

"No matter what measures the United States takes to exert pressure, China will proceed with reform and opening up at its own pace," Gao said.

Unclassified Open Hearing on China’s Economic and Security Strategy

Unclassified Open Hearing on China’s Economic and Security Strategy and China's (Hostile) Acquisition of American Research, Innovation, and Intellectual Property

On July 19, 2018, the House Permanent Select Committee on Intelligence (HPSCI) held an open hearing on “China's Threat to American Government and Private Sector Research and Innovation Leadership”.

The Committee welcomed four leading experts:

• Michael Pillsbury, Director of the Center on Chinese Strategy, Hudson Institute 
• Michael Brown, Former CEO of Symantec Corporation and co-author of a Pentagon study on China’s Technology Transfer Strategy 
• James Phillips, Chairman and CEO of NanoMech, Inc.
• Elsa Kania, Adjunct Fellow at Center for a New American Security

Generative Art

Why Love Generative Art?

Generative art overlays the history of computers and is influenced by the flows of art movements. It is art that uses programming and degrees of randomness -- or to say spontaneity and discoverability -- to explore communication and creative outcomes.

Generative art has a living community of participants and resources. As mentioned by Jason Bailey in the above article, there are communities exploring technology and communication at MIT. There is a software platform called Processing for learning how to code within the context of the visual arts. There are algorithm frameworks, such as GANs (generative adversarial networks) based on the concept of neural networks to do such things as create samples of images to help visualize new designs and more. There are art and technology books such as the "The Laws of Simplicity" and you can even research the history of the first computer art contests.

Here are a few pieces of generative art collected from the article above:

Source: Artnome.com, Untitled - Vera Molnár, 1985

Source: Artnome.com, Schotter (Gravel) - Georg Nees ,1968

Source: Artnome.com, Path - Casey Reas, 2001

Source: Artnome.com, Interruptions - Vera Molnár, 1968/69

Evan You’s Vue.js

Evan You’s Vue.js

A summary of Klint Finley's Wired article "The Solo JavaScript Developer Challenging Google and Facebook"

Evan You worked at Google’s Creative Lab for two and a half years, where among the many things he learned, he picked up AngularJS. AngularJS is Google’s JavaScript front-end web application framework. It is the second most downloaded JavaScript framework after Facebook’s React according to a 2017 npm "State of JavaScript Frameworks" report.

JavaScript runs code primarily in your browser rather than the company’s server and Facebook and Google have built complex browser-based programs with it including Gmail, Google Docs, and Facebook itself.

You picked up some of the features he liked best, and started making his own lightweight version of JS called Vue. You says, "It started out as an experimental little library to solve problems I encountered in my work."

You left Google in 2014, where after he joined Meteor, a startup that was working to build a framework that used JavaScript for both the browser and server sides of an application. He continued to work on Vue on the side during this time. Then he decided to work on it full time in 2016.

Vue had caught the eye of Jinjiang Zhao, a developer at China e-commerce giant Alibaba. Zhao become a strong and vocal advocate for You. He adopted Vue and encouraged his Alibaba colleagues to use Vue in their projects. Zhao used Vue on small internal projects when he could. He also helped translate the documentation into Chinese. Zhao wrote blog posts in Chinese that helped Vue attract the attention of the Chinese JavaScript community.

You got his big break with Vue when the team behind the Lavarel framework offered its official support for Vue. That made Vue visible to thousands of developers using Laravel, a PHP framework. Zhao continued to convert more of his colleagues at Alibaba to the framework, which then spread to other companies.

Vue has been used by Adobe, Baidu, Alibaba, Netflix, Nintendo, and Tencent. As it is open source, You makes some money from the project via consulting, private training sessions, selling ads on the documentation, and donations. Taylor Otwell of Lavarel has offered to help sponsor the project adding, “I was using it for many projects and felt that it deserved to be a paid product.” At end of 2017, Vue was tied with Ember.js for the third most-downloaded JavaScript framework, coming up under Facebook’s React and Google’s AngularJS.

According to Taylor Otwell, Vue is lightweight, simple, and buildable. It has a core foundation that is easy for developers to learn and more advanced features can be added on top. It is easy to get started and grows with your skills as you develop. You’s Twitter page has more of Vue’s recent updates, including the release of Vue CLI 3.0. His Vue.js Github page is here. Wired’s author praises “You has already proven that independent software can still find a place in the era of internet giants.”

Twitter Safety, Algorithms + Congress

Twitter's CEO Jack Dorsey will speak to Congress on September 5, 2018 regarding algorithms and content monitoring. 

On a related note @TwitterSafety published/tweeted a good article about partners they selected to help measure and manage conversational health online, @OxExpPsy and @UniLeiden. From the article:

The project brings together scholars with different backgrounds and expertise, bridging political science, communication, and computer science. The six scholars working together across four universities will combine deep social scientific subject expertise with strong technical expertise to develop and adapt measures of healthy conversations on Twitter.

Plus here is a curious article detailing a Russian Twitter information campaign conducted under the hashtag #VaccinateUS that was meant to sow division on the subject. Observably though, it was an issue that failed to generate much heat. From a review of the tweets on @TwitterSafety, it looks like the platform is getting ever more practiced at protecting the social media community.

15 Upcoming Books to Be Excited About

15 Upcoming or Recently Released Books to Be Excited About, In No Particular Order:

Shaping the Future of the Fourth Industrial Revolution
by Klaus Schwab (Author), Satya Nadella (Foreword)
November 6, 2018

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
by Andy Greenberg
May 7, 2019

Exploding Data: Reclaiming Our Cyber Security in the Digital Age
by Michael Chertoff
Jul 10, 2018

Click Here to Kill Everybody: Security and Survival in a Hyper-connected World
by Bruce Schneier
Sep 4, 2018

AWS Certified Solutions Architect Associate All-in-One Exam Guide (Exam SAA-C01)
by Joyjeet Banerjee
Aug 10, 2018

Setting up an Apache Web Server on a Raspberry Pi

Setting up an Apache Web Server on a Raspberry Pi

Apache HTTP Server, often just simply called Apache, is a free and open-source cross-platform web server. It is currently the most popular web server software with about 45% of the market share. You can install Apache on a Raspberry Pi, a low-cost mini computer, and experiment with it as a testing environment to host a web page or store low-impact files accessible via the World Wide Web.

DevDocs API Documentation

DevDocs API Documentation

Source: DevDocs.io

What is an API?

In computer programming, an application programming interface (API) is a set of subroutine definitions, communication protocols, and tools for building software. In general terms, it is a set of clearly defined methods of communication between various components... An API may be for a web-based system, operating system, database system, computer hardware, or software library... Documentation for the API is usually provided to facilitate usage and implementation.

Additional commentary on DevDocs here.

GAO Report on Artifical Intelligence

According to a June 2018 Government Accountability Office report on artificial intelligence, AI can be understood in the waves that the technology evolved. The first wave describes AI via the use of algorithms and includes programs like those that help prepare taxes or schedule logistics. The second wave of AI is based on machine learning and unlike first wave, second wave systems are designed to perceive and learn. Second wave systems include those such as natural language processing and self-driving vehicles. The third wave of AI combines both the first and second waves and adds greater contextual sophistication. An example is a ship at sea that can navigate without human intervention for a few months at time.

The GAO report further evaluates AI’s impact in four key areas: cybersecurity, automated vehicles, criminal justice, and financial services. Each use case raises questions such as those probing regulatory frameworks, data sharing, safety and privacy, ethical considerations, data accuracy, etc.

The report was part of the testimony provided by GAO chief scientist Dr. Tim Persons for a House Science, Space and Technology Subcommittee Hearing “Artificial Intelligence – With Great Power Comes Great Responsibility” in June 2018. Other witnesses included Dr. Jaime Carbonell of Carnegie Mellon University who was absent due to a medical emergency, Mr. Greg Brockman of OpenAI, and Dr. Fei-Fei Li of AI4ALL.

Cloud Forensics

The “Guide to Computer Forensics and Investigations” textbook recommends several helpful tools for cloud forensics:

Magnet AXIOM Cloud
Can help retrieve info from social media and many other cloud applications.

Forensic Open-Stack Tools (FROST)
Provides forensic capabilities to cloud service providers for OpenStack.

F-Response for the Cloud
F-Response is a remote access tool used for cloud forensics.

Here is a good article from Magnet. And here is more on an actual implementation and the working mechanics of a cloud DFIR differencing engine, Diffy. As of the posting of the article, the project is still under active development and help contributing to the software is welcomed.

Internet Society Facts and Figures

Facts and Figures from the Internet Society (ISOC) 

Who uses the Internet? How is it used? How does it affect us? The Internet is constantly changing, and understanding and measuring it is a challenge. We’ve collected a variety of resources for Internet statistics, trends, and demographics.

Interesting fact: As reported by Internet World Stats, Asia is the home of 48.7% of global internet users, Europe 17%, and North America 8.3%.

Cookies-over-HTTP Bad

"Cookies-over-HTTP Bad"

Cookies sent over plaintext HTTP are visible to anyone on the network. This visibility exposes substantial amounts of data to network attackers (passive or active). We know, for example, that long-lived and stable cookies have enabled pervasive monitoring in the past (see Google's PREF cookie), and we know that HTTPS provides significant confidentiality protections against this kind of attack.

Ideally, browsers would mitigate these monitoring opportunities by making it more difficult to persistently track users via cookies sent over non-secure connections.

The author/developer proposes several potential solutions to avoid the risks of sending cookies over non-secure channels. A primary option is migrating to HTTPS for those that haven't already. According to the author, 70% of browsing activity is done via secure connections.

Another option is setting a cookie's expiration date to a year or so. Chrome collected metrics to determine the age of the oldest cookie sent to a non-secure endpoint. The author provides a breakdown in the posting as of March 2018. Setting an expiration date to a year would impact about 6% of same-site requests and 7% of cross-site requests. Developers could also add a 'Secure' attribute to their cookie if they are already delivering their sites over HTTPS. According to Chrome's data only around 7.5% of cookies use the Secure attribute.

Loading Web Pages Faster

MIT Creates Algorithm That Speeds Up Page Load Time by 34 Percent

The MIT team, which also includes a Harvard professor, created an algorithm that they dubbed Polaris, which is focused on determining the proper time to start network requests for Web resources. [...]

Polaris works by first watching how the website loads and how its objects interact with each other. It then creates a dependency graph for each Wep page, ordering the requests in such a way that only the needed content is loaded first, if it's used on the page.

Promoting Software Component Transparency

Webcast Archive of 07/19/18 Meeting on Promoting Software Component Transparency

All right. I think we know Open Source developers tend to be anti-establishment by definition, which means efforts like SWID are almost guaranteed not to be adopted within that community. SPDX also has been around for a long time, not really adopted within the Open Source community, but what's interesting is almost all of the modern components that we are talking about these days come with a native package manager. Maven, NuGet, NPM, Ruby has one, PiePie [PHONETIC] [INAUDIBLE] Docker. They all have a native coordinate system. 

- From the transcript of NTIA Software Component Transparency Multistakeholder Kickoff (Part 1)

There are a few more videos under the July webcast archive, specifically NTIA Software Component Transparency Multistakeholder Kickoff (Part 2) and Overview of Commerce Department Botnet Report and Roadmap.

UC Berkeley's School of Information

The University of California, Berkeley's School of Information (I School) offers a range of foundation and advanced classes generally grouped under the fields of Information, Data Science, and Cybersecurity.

Some interesting looking classes include Web Architecture, Data Mining and Analytics, and Behind the Data: Humans and Values.

Google's Chief Economist Hal Varian is an emeritus professor in three departments there, including business, economics, and information management.

You may find links to Carol Varian's botanical watercolors and landscape quilts on his web page.

Collecting Notes on Web Services

Web Services: Problems and Future Directions
Journal of Web Semantics First Look
Posted: 06 Jul 2018

Abstract: Recently, Web services have generated great interests in both vendors and researchers. Web services, based on existing Internet protocols and open standards, can provide a flexible solution to the problem of application integration. With the help of WSDL, SOAP, and UDDI, Web services are becoming popular in Web applications. However, the current Web services architectures are confronted with a few stubborn problems, for instance, security. In this paper, we shall give an overview of these problems. We believe that solving these problems will become crucial to success of Web services. In the end, we predict distinct advances in semantic Grid services.

Good Resources

Internet Engineering Task Force (IETF)
https://www.ietf.org/

World Wide Web Consortium (W3C)
https://www.w3.org/

Internet Corporation for Assigned Names and Numbers (ICANN)
https://www.icann.org/

World Intellectual Property Organization (WIPO)
http://www.wipo.int/

Podcasts

Shop Talk Show
http://shoptalkshow.com/
@shoptalkshow

Book: "Web Development & Design Foundations with HTML5"

This is the start of a great friendship, not that I have many friends. However, it is Sunday, and so far, I have spent several hours pouring over the questions at the end of chapter one. They are great questions, well, exercises really. Little challenges. Puzzles. Creative experiments, critical inquiries. They require thought, organization, research, analysis, evaluation, discovery.

The book is "Web Development & Design Foundations with HTML5" It is authored by a brilliant Terry Felke-Morris, though I don't even know yet who that brilliant person is. It's just that their craftsmanship is excellent. Just with the first chapter, I am seduced. There is so much. There is the IETF, ARPAnet, accessibility, programming languages, clients and servers, protocols, and this is just the start!