theguardian.com: The secrets of the world’s happiest cities

theguardian.com: The secrets of the world’s happiest cities

If one was to judge by sheer wealth, the last half-century should have been an ecstatically happy time for people in the US and other rich nations such as Canada, Japan and Great Britain. And yet the boom decades of the late 20th century were not accompanied by a boom in wellbeing. The British got richer by more than 40% between 1993 and 2012, but the rate of psychiatric disorders and neuroses grew.

Just before the crash of 2008, a team of Italian economists, led by Stefano Bartolini, tried to account for that seemingly inexplicable gap between rising income and flatlining happiness in the US. The Italians tried removing various components of economic and social data from their models, and found that the only factor powerful enough to hold down people’s self-reported happiness in the face of all that wealth was the country’s declining social capital: the social networks and interactions that keep us connected with others. It was even more corrosive than the income gap between rich and poor.

As much as we complain about other people, there is nothing worse for mental health than a social desert.

There is a clear connection between social deficit and the shape of cities. A Swedish study found that people who endure more than a 45-minute commute were 40% more likely to divorce. People who live in monofunctional, car‑dependent neighbourhoods outside urban centres are much less trusting of other people than people who live in walkable neighbourhoods where housing is mixed with shops, services and places to work.

A couple of University of Zurich economists, Bruno Frey and Alois Stutzer, compared German commuters’ estimation of the time it took them to get to work with their answers to the standard wellbeing question, “How satisfied are you with your life, all things considered?”

Their finding was seemingly straightforward: the longer the drive, the less happy people were. Before you dismiss this as numbingly obvious, keep in mind that they were testing not for drive satisfaction, but for life satisfaction. People were choosing commutes that made their entire lives worse. Stutzer and Frey found that a person with a one-hour commute has to earn 40% more money to be as satisfied with life as someone who walks to the office. On the other hand, for a single person, exchanging a long commute for a short walk to work has the same effect on happiness as finding a new love.

50hertz.com: Sonnenfinsternis am 20. März 2015 stellt elektrisches System in Europa vor große Herausforderung

50hertz.com: Sonnenfinsternis am 20. März 2015 stellt elektrisches System in Europa vor große Herausforderung

Die vier deutschen Stromübertragungsnetzbetreiber 50Hertz, Amprion, TenneT und TransnetBW bereiten sich auf die partielle Sonnenfinsternis am 20. März vor. An diesem Tag werden zwischen 9:30 und 12 Uhr bis zu 82 Prozent der Sonne abgedeckt sein. Aufgrund des hohen Anteils an installierter Photovoltaik-Leistung (PV) in Deutschland – rund 39.000 Megawatt – sowie in Italien und Frankreich stellt die Sonnenfinsternis eine große Herausforderung an das Management des Stromnetzes in Europa dar.

Bei sehr sonnigem Wetter geht in der ersten Hälfte der Sonnenfinsternis die PV-Einspeisung in Deutschland um rund 12 Gigawatt zurück und steigt anschließend – in der zweiten Hälfte der Sonnenfinsternis, wenn die Sonne aufgrund der Mittagszeit noch höher steht – um etwa 19 Gigawatt an. Auch wenn die Prognosen der Wetterdienste für die PV-Einspeisung, wie jede Prognose, eine Restunsicherheit haben, entspricht dies etwa der Leistung von 19 Großkraftwerken. Die Herausforderung für die Übertragungsnetzbetreiber besteht darin, dass der an der Strombörse vermarktete PV-Strom während dieser beiden Phasen durch viele flexible Erzeugungsanlagen vollständig ausgeglichen werden muss. Bei bewölktem Himmel wird der Einfluss der Sonnenfinsternis auf die PV-Einspeisung dagegen vergleichsweise gering sein.

blogspot.no: Nearly All Binary Searches and Mergesorts are Broken

blogspot.no: Nearly All Binary Searches and Mergesorts are Broken

Posted by Joshua Bloch, Software Engineer

In Programming Pearls Bentley says that the analogous line “sets m to the average of l and u, truncated down to the nearest integer.” On the face of it, this assertion might appear correct, but it fails for large values of the int variables low and high. Specifically, it fails if the sum of low and high is greater than the maximum positive int value (231 – 1). The sum overflows to a negative value, and the value stays negative when divided by two. In C this causes an array index out of bounds with unpredictable results. In Java, it throws ArrayIndexOutOfBoundsException.

This bug can manifest itself for arrays whose length (in elements) is 230 or greater (roughly a billion elements). This was inconceivable back in the ’80s, when Programming Pearls was written, but it is common these days at Google and other places. In Programming Pearls, Bentley says “While the first binary search was published in 1946, the first binary search that works correctly for all values of n did not appear until 1962.” The truth is, very few correct versions have ever been published, at least in mainstream programming languages.

mgdm.net: PHP at the speed of C with Recki-CT

mgdm.net: PHP at the speed of C with Recki-CT

Recently, Anthony Ferrara (known throughout the Internet and beyond as @ircmaxell) and Joe Watkins (similarly well-known as @krakjoe) have been working on a new set of toys for solving this problem while staying on the “standard” PHP runtime. Recki-CT is a set of tools that implement a PHP compiler, in PHP. While this might you think of things like PyPy, which implements a Python virtual machine in Python, this is not Recki’s goal – it doesn’t provide a VM, so it can’t run PHP by itself. However, it can parse PHP code and generate other code from it.

Recki uses the well-known PHP-Parser library by Nikita Popov to generate a graph-based representation of the code, and convert it to an intermediate representation. To get here involves a few steps, which are described in Recki’s documentation, but essentially:

  • It generates a tree-based representation of the code called an abstract syntax tree
  • From the AST, it generates a control flow graph
  • It then converts this graph into static single assignment form, where every variable is only assigned once, and all are defined before use. This makes it simpler to optimize.
  • Next, it repeatedly runs optimizations on this graph
php colourmandel.php
Data took 78.744249
Render took 0.631219

hvm mandelbrot.php
Data took 5.852351
Render took 0.236238

php -dextension=./mandelbrot.so mandelbrotWithExtension.php
Data took 2.411557
Render took 0.637504

envisage-project.eu: Proving that Android’s, Java’s and Python’s sorting algorithm is broken (and showing how to fix it)

envisage-project.eu: Python’s and Java’s Sort broken

Tim Peters developed the Timsort hybrid sorting algorithm in 2002. It is a clever combination of ideas from merge sort and insertion sort, and designed to perform well on real world data. TimSort was first developed for Python, but later ported to Java (where it appears as java.util.Collections.sort and java.util.Arrays.sort) by Joshua Bloch (the designer of Java Collections who also pointed out that most binary search algorithms were broken). TimSort is today used as the default sorting algorithm for Android SDK, Sun’s JDK and OpenJDK. Given the popularity of these platforms this means that the number of computers, cloud services and mobile phones that use TimSort for sorting is well into the billions.

Fast forward to 2015. After we had successfully verified Counting and Radix sort implementations in Java (J. Autom. Reasoning 53(2), 129-139) with a formal verification tool called KeY, we were looking for a new challenge. TimSort seemed to fit the bill, as it is rather complex and widely used. Unfortunately, we weren’t able to prove its correctness. A closer analysis showed that this was, quite simply, because TimSort was broken and our theoretical considerations finally led us to a path towards finding the bug (interestingly, that bug appears already in the Python implementation). This blog post shows how we did it.

wired.com: How the NSA’s Firmware Hacking Works and Why It’s So Unsettling

wired.com: How the NSA’s Firmware Hacking Works and Why It’s So Unsettling

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen.

Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems.

Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides.

When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish.

The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computer’s operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system.

Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one.

firstlook.org: The Surrender — Destroyed by the espionage act

firstlook.org: The Surrender — Destroyed by the espionage act

Until the FBI knocked on his door in the fall of 2009, a little more than three months after Rosen’s story was published, Kim was a rising star in the intelligence community and a remarkable immigrant success story. After earning a Ph.D. in history from Yale University, he started his career at the Center for Naval Analyses, followed by four years at Lawrence Livermore National Laboratory, which designs and analyzes nuclear weapons. It didn’t take long for him to attract attention. The intelligence community has a lot of experts on nuclear programs and a lot of experts on North Korea, but few who had Kim’s expertise in both. Kim was even summoned to Washington to give a classified briefing to Vice President Dick Cheney and National Security Adviser Stephen Hadley.

Both children excelled academically. Stephen earned a spot at Fordham Prep, an elite private school, and Yuri attended Bronx Science, one of the most competitive public schools in the city. Yuri went on to earn a law degree from Georgetown University and became a corporate lawyer. Stephen got his undergraduate degree from Georgetown and a master’s degree from Harvard before heading to Yale for his Ph.D.

Kim had the particular misfortune of being a mid-level official. Senior officials tend to have powerful allies who can push back against the Department of Justice. This doesn’t always protect them — Scooter Libby, who was Vice President Cheney’s chief of staff, was convicted in 2007 of obstructing an investigation into the leak of a CIA agent’s name (though his sentence was later commuted by President Bush). But usually it helps. Top officials who have not been prosecuted for leaking include Leon Panetta, the former CIA director who, according to a report by the Defense Department’s inspector general, leaked the name of the SEAL commando who led the raid that killed Osama bin Laden. Another example is Gen. James Cartwright, who reportedly has been investigated as the source for a Times story on Stuxnet, but has not been charged.

And of course there is David Petraeus, the former CIA director and four-star general who is being investigated for leaking classified information to Paula Broadwell, his former lover and authorized biographer. According to recent press reports, lawyers in the Department of Justice have recommended that Petraeus be indicted, but there’s significant resistance because he is a popular figure with influential friends who have taken his side, including Sens. Dianne Feinstein and John McCain. While Kim sits in prison for talking to a reporter about a single classified document, Petraeus has not been charged for allegedly handing over multiple classified documents.