Any internet users who use or even read about privacy services online will be targeted for surveillance by the NSA, according to a new report from German broadcaster ARD.

According to leaked source-code of the US spy agency’s ‘XKeyscore’ software, individuals who search for information about anonymising services such as Tor have their IP addresses logged by the NSA and can be flagged for further monitoring.


Take Your Medical Equipment On The Go

Engineers have taken another step forward in the quest for wearable, wireless biosensors. This time, a team has assembled miniature sensors, circuits and radios suspended in fluids that act as a wearable, flexible electrocardiogram. 

The device, reported on April 4 in the journal Science, is significantly more than a heart-rate monitor users strap on before a jog. It isn’t much thicker than a quarter or bigger than a stamp, yet it opens the door to wirelessly transmitting hospital-quality data after a patient leaves a clinic.

Read More

People Rely on What They Hear to Know What They’re Saying

You know what you’re going to say before you say it, right? Not necessarily, research suggests. A study from researchers at Lund University in Sweden shows that auditory feedback plays an important role in helping us determine what we’re saying as we speak. The study is published in Psychological Science, a journal of the Association for Psychological Science.

“Our results indicate that speakers listen to their own voices to help specify the meaning of what they are saying,” says researcher Andreas Lind of Lund University, lead author of the study.


Theories about how we produce speech often assume that we start with a clear, preverbal idea of what to say that goes through different levels of encoding to finally become an utterance.

But the findings from this study support an alternative model in which speech is more than just a dutiful translation of this preverbal message:

“These findings suggest that the meaning of an utterance is not entirely internal to the speaker, but that it is also determined by the feedback we receive from our utterances, and from the inferences we draw from the wider conversational context,” Lind explains.

For the study, Lind and colleagues recruited Swedish participants to complete a classic Stroop test, which provided a controlled linguistic setting. During the Stroop test, participants were presented with various color words (e.g., “red” or “green”) one at a time on a screen and were tasked with naming the color of the font that each word was printed in, rather than the color that the word itself signified.

The participants wore headphones that provided real-time auditory feedback as they took the test — unbeknownst to them, the researchers had rigged the feedback using a voice-triggered playback system. This system allowed the researchers to substitute specific phonologically similar but semantically distinct words (“grey”, “green”) in real time, a technique they call “Real-time Speech Exchange” or RSE.

Data from the 78 participants indicated that when the timing of the insertions was right, only about one third of the exchanges were detected.

On many of the non-detected trials, when asked to report what they had said, participants reported the word they had heard through feedback, rather than the word they had actually said. Because accuracy on the task was actually very high, the manipulated feedback effectively led participants to believe that they had made an error and said the wrong word.

Overall, Lind and colleagues found that participants accepted the manipulated feedback as having been self-produced on about 85% of the non-detected trials.

Together, these findings suggest that our understanding of our own utterances, and our sense of agency for those utterances, depend to some degree on inferences we make after we’ve made them.

Most surprising, perhaps, is the fact that while participants received several indications about what they actually said — from their tongue and jaw, from sound conducted through the bone, and from their memory of the correct alternative on the screen — they still treated the manipulated words as though they were self-produced.

This suggests, says Lind, that the effect may be even more pronounced in everyday conversation, which is less constrained and more ambiguous than the context offered by the Stroop test.

“In future studies, we want to apply RSE to situations that are more social and spontaneous — investigating, for example, how exchanged words might influence the way an interview or conversation develops,” says Lind.

“While this is technically challenging to execute, it could potentially tell us a great deal about how meaning and communicative intentions are formed in natural discourse,” he concludes.

A new sampling method for monitoring jaguars through their poop 

The Jaguar, Panthera onca (Felidae) is the largest cat of the Americas, and the only living representative of the genus Panthera found in the New World. Historically it ranged from the southwestern US (where there are still some vagrants close to the Mexican border) through the Amazon basin to the Rio Negro in Argentina.

The Jaguar has been virtually eliminated from much of the drier northern parts of its range, as well as northern Brazil, the pampas scrub grasslands of Argentina and throughout Uruguay. It is now estimated to occupy only about 46% of its historic range, and is considered a Near Threatened species.

Since the global population of jaguars has decreased significantly, and given the scarcity of demographic and biological information, estimating population parameters is critical for the design of conservation measures. However, the jaguar’s elusive behaviour makes it impossible to estimate and monitor populations by direct observation.

Recently it has been proposed a non-invasive genetic sampling approach with potential for large-scale monitoring. This method allows sex identification through faecal samples of jaguars and other felids. Furthermore, it has been optimized a set of 11 microsatellite markers for reliable identification of individuals. 

The effectiveness of faecal sample genotyping was estimated in two distinct Brazilian biomes: the Pantanal and the semi-arid Caatinga. Almost 90% of the samples that were molecularly identified as jaguar (n = 90) were successfully genotyped and were assigned to 30 individuals. 

This proposal shows that non-invasive genetic sampling can be a reliable tool to study population parameters and to monitor the genetic status of jaguar populations in different habitats. It may also be useful for future surveys of jaguars that address ecological, behavioural and conservation issues, and could provide a baseline for non-invasive genetic studies of other wild felid populations. 

References: [1] - [2]

Photo credit: ©Thierry Montford | Locality: French Guiana (2014)

In the not too distant future, we could see a race of cyborg plants that tell us when they need more water, what chemicals they’ve been exposed to, and what parasites are eating at their roots. These half-organic, half-electronic creations may even tell us how much pollution is in the air. And yes, they’ll plug into the network.

"How I monitor my Fitness level"

Found this very handy piece by Mario Schmidt-Wendling on Biestmilchs blog

Coach and triathlete Mario Schmidt-Wendling follows a holistic approach. He loves to push his limits and leads him to walk on the edge of training and overtraining which makes it more important to interpret body signs in the right way.

1. Sleep

  • If I wake up 5 to 10 minutes before I set the alarm, it’s a good sign for my fitness state.
  • I sleep without any interruptions.
  • Craving for sweets means that my training session was too hard or too late in the evening.

2. Muscles

  • Sore muscles after getting up, even if I slept 10 hours, are definitely a sign that my training was too hard and my recovery too short.
  • If I feel almost like fainting after having been squatting for too long, goes always along with a good fitness.
  • Flexibility, a good coordination and an overall optimal control of my movements correlate well with the state of fitness. 
  • If my veins are visible on the stomach and on my legs my weight is perfect and so is my form.

3. Appetite

  • If I sleep too little and recovery is insufficient, then I have an extreme craving for sugar.
  • If my stress level is high, my craving for sugar is high too.

4. Mood

  • Lots of stress is accompanied by bad temper and a lack of motivation to train. But it may as well happen that especially then, I feel highly motivated to train.
  • If the workload and the recovery are well balanced, I don’t mind to train in bad weather at all.
  • If the recovery time has not been long enough, then I don’t feel for training in the rain at all.
10 Things We Forgot to Monitor

There is always a set of standard metrics that are universally monitored (Disk Usage, Memory Usage, Load, Pings, etc). Beyond that, there are a lot of lessons that we’ve learned from operating our production systems that have helped shape the breadth of monitoring that we perform at bitly.

One of my favorite all-time tweets is from @DevOps_Borat

"Law of Murphy for devops: if thing can able go wrong, is mean is already wrong but you not have Nagios alert of it yet."

What follows is a small list of things we monitor at bitly that have grown out of those (sometimes painful!) experiences, and where possible little snippets of the stories behind those instances.

1 - Fork Rate

We once had a problem where IPv6 was intentionally disabled on a box via options ipv6 disable=1 and alias ipv6 off in /etc/modprobe.conf. This caused a large issue for us: each time a new curl object was created, modprobe would spawn, checking net-pf-10 to evaluate IPv6 status. This fork bombed the box, and we eventually tracked it down by noticing that the process counter in /proc/stat was increasing by several hundred a second. Normally you would only expect a fork rate of 1-10/sec on a production box with steady traffic.

2 - flow control packets

TL;DR; If your network configuration honors flow control packets and isn’t configured to disable them, they can temporarily cause dropped traffic. (If this doesn’t sound like an outage, you need your head checked.)

$ /usr/sbin/ethtool -S eth0 | grep flow_control
rx_flow_control_xon: 0
rx_flow_control_xoff: 0
tx_flow_control_xon: 0
tx_flow_control_xoff: 0

Note: Read this to understand how these flow control frames can cascade to switch-wide loss of connectivity if you use certain Broadcom NIC’s. You should also trend these metrics on your switch gear. While at it, watch your dropped frames.

3 - Swap In/Out Rate

It’s common to check for swap usage above a threshold, but even if you have a small quantity of memory swapped, it’s actually the rate it’s swapped in/out that can impact performance, not the quantity. This is a much more direct check for that state.

4 - Server Boot Notification

Unexpected reboots are part of life. Do you know when they happen on your hosts? Most people don’t. We use a simple init script that triggers an ops email on system boot. This is valuable to communicate provisioning of new servers, and helps capture state change even if services handle the failure gracefully without alerting.

5 - NTP Clock Offset

If not monitored, yes, one of your servers is probably off. If you’ve never thought about clock skew you might not even be running ntpd on your servers. Generally there are 3 things to check for. 1) That ntpd is running, 2) Clock skew inside your datacenter, 3) Clock skew from your master time servers to an external source.

We use check_ntp_time for this check

6 - DNS Resolutions

Internal DNS - It’s a hidden part of your infrastructure that you rely on more than you realize. The things to check for are 1) Local resolutions from each server, 2) If you have local DNS servers in your datacenter, you want to check resolution, and quantity of queries, 3) Check availability of each upstream DNS resolver you use.

External DNS - It’s good to verify your external domains resolve correctly against each of your published external nameservers. At bitly we also rely on several CC TLD’s and we monitor those authoritative servers directly as well (yes, it’s happened that all authoritative nameservers for a TLD have been offline).

7 - SSL Expiration

It’s the thing everyone forgets about because it happens so infrequently. The fix is easy, just check it and get alerted with enough timeframe to renew your SSL certificates.

define command{
    command_name    check_ssl_expire
    command_line    $USER1$/check_http --ssl -C 14 -H $ARG1$
define service{
    host_name               virtual
    service_description     bitly_com_ssl_expiration
    use                     generic-service
    check_command           check_ssl_expire!
    contact_groups          email_only
    normal_check_interval   720
    retry_check_interval    10
    notification_interval   720
8 - DELL OpenManage Server Administrator (OMSA)

We run bitly split across two data centers, one is a managed environment with DELL hardware, and the second is Amazon EC2. For our DELL hardware it’s important for us to monitor the outputs from OMSA. This alerts us to RAID status, failed disks (predictive or hard failures), RAM Issues, Power Supply states and more.

9 - Connection Limits

You probably run things like memcached and mysql with connection limits, but do you monitor how close you are to those limits as you scale out application tiers?

Related to this is addressing the issue of processes running into file descriptor limits. We make a regular practice of running services with ulimit -n 65535 in our run scripts to minimize this. We also set Nginx worker_rlimit_nofile.

10 - Load Balancer Status.

We configure our Load Balancers with a health check which we can easily force to fail in order to have any given server removed from rotation.We’ve found it important to have visibility into the health check state, so we monitor and alert based on the same health check. (If you use EC2 Load Balancers you can monitor the ELB state from Amazon API’s).

Various Other things to watch

New entries written to Nginx Error Logs, service restarts (assuming you have something in place to auto-restart them on failure), numa stats, new process core dumps (great if you run any C code).


This scratches the surface of how we keep bitly stable, but if that’s an itch you like scratching, we’re hiring.

by jehiah

OpenTSDB proxy

We use OpenTSDB to store the majority of our time series server and application statistics here at Tumblr. We recently began a project to migrate OpenTSDB from an existing HBase cluster running an older version of HBase to a new cluster with newer hardware and running the latest stable version of Hbase.

We wanted a way to have some historical data in the new cluster before we switched to it. Within Tumblr we have a variety of applications generating these metrics and it was not very practical for us to change all of them to double write this data. Instead, we chose to replace the standard OpenTSDB listeners with a proxy that would do this double writing for us. While we could have used HBase copy table or written our own tool to backfill historical data from the old cluster, double writing for an initial period allowed us to avoid adding additional load on our existing cluster. This strategy also allowed us to move queries for recent data to new cluster earlier than the full cutover.

The tsd_proxy is written in Clojure and relies heavily on the Lamina and Aleph which in turn build on top of Netty. We have been using this in our production infrastructure for over two months now while sustaining writes at or above 175k/s (across the cluster) and it has been working well for us. We are open sourcing this proxy in the hope that others might find a use for this as well.

The tsd proxy listens on a configurable port and can forward the incoming data stream to multiple end points. It also has the ability to filter the incoming stream and reject data points that don’t match a (configurable) set of regular expressions. It also has the ability to queue the incoming stream and re-attempt delivery if one of the end points is down. It is also possible to limit the queue size so you don’t blow through your heap. The README has some more information on how to set this up.

The best BTEC Gradebook is live

The best BTEC Gradebook is live

I’m really pleased to announce the arrival of the best gradebook for BTEC you have ever seen!

Track student progress like never before with intelligent summaries of portfolio progress, insightful graphs covering all aspects of individual and group progress, real time teacher collaboration and time-saving group management tools.

Each class has its own gradebook and one management spreadsheet can…

View On WordPress

"[E]xcessive monitoring can sometimes produce the behaviours it was designed to prevent. If employees perceive surveillance practices as an intensification and extension of control, it is likely that they will try to subvert and manipulate the boundaries of when, where, and how they are measured."

How should employees relate to electronic surveillance in the work environment? Dr. Kirstie S. Ball investigates as part of our weeklong surveillance feature.

Whether it is just merely to get a general idea of what is going on, or perhaps to handle more serious issues, programs are an integral tool for families or organizations. Parents or guardians have legal and moral obligations to monitor and track phones and discover how they are getting used, or misused. Most people are knowledgeable about the issues and risks involving computers and the web. Smartphones are like computers, but include more challenges due to their convenience, advanced communications, and the user’s sense of autonomy. Lots of people use it, however, not everyone knows what exactly is a monitoring tool. These are generally valuable questions to ask since of the popular use of the internet by families and businesses. While a person can be with a computer it isn’t really always easy to know what they’re doing all the time and if they’re undertaking things that may sometimes make them in danger as well as is not always appropriate. Monitoring tools customarily refers to technology that is certainly meant to document the action that is certainly going on with a laptop or computer, and today includes smartphones. There are several varieties, kinds and characteristics of monitoring computer programs. Keylogger, application or perhaps easier terminology, laptop or computer keeping track of software packages are a type of laptop or computer software that lets you take note and responsible for all of anything going on with a number laptop or computer. An elementary keylogger can be only logging most of the key strokes which might be wrote in a laptop or computer. Descriptions hinge on usage and purpose of spyphone programs other than a technological distinction. Monitoring software packages are meant to merely present valuable and valuable tools for your own monitoring work and is actually confirmed to never harm your computer or be included in just about any surreptitious techniques. Malware is malicious software applications often intended to be invasive or damaging. Computer viruses, Trojan horses and worms are common types of malware. Malware can damage your computer, laptop or smartphone and may steal your personal information or just be annoying. Malware is not just an annoyance, it typically damages computers and smartphones while potentially stealing personal data. Bluetooth spyphone software applications really don’t have evident justifiable motivations for cell phones monitoring. Bluetooth spyphone software applications seem to be designed for secret call interception which implies malignant objectives, and not justifiable monitoring. In addition to that Bluetooth spyphone software applications commonly need user permission while calls are being made for activation which means they don’t work as secret spyware, thereby making Bluetooth spyphone software applications are worthless. Bluetooth spyphone software hacks are an all around bad idea. A lot of people might include spy in terms used to describe justifiable monitoring of cell phones. There are many different justifiable motivations to Track Cell Phone and communications content. If the monitoring has grounds then almost certainly the term spy is benign, and does not imply malignant objectives. Applying tools, like, Parental Monitoring Software is not only just allowable, and Workforce Monitoring allowable, they are mandated. If not legally, then morally and ethically; in view of the fact that parents and employers are in a position to mitigate tragedy and liability that are associated with cell phone misuse or the need for protection. With authority comes accountability.