Google developers have confirmed a cryptographic vulnerability in the Android operating system that researchers say could generate serious security glitches on hundreds of thousands of end user apps, many of them used to make Bitcoin transactions.
(via Ars Technica)
The generation of random numbers is too important to be left to chance.
– Robert Coveyou, Studies in Applied Mathematics, III (1970)
Basically, in 2013, it is still exceptionally difficult to send money to a friend and this is leading to a customer revolution.
– Jaron Lukasiewicz, Coinsetter CEO at Inside Bitcoins NYC (via)
Everyone should walk around with 1-2 bitcoins that they can use for small transactions only. If enough people are doing that, then the volality of currency goes down and the value of the currency increases.
– Vinny Lingham, CEO of gyft (via)
BitPay employees pay each other back when someone makes a food run, by pointing their phones at each other and scanning QR codes.
– Jeff Garzik, Bitcoin Core-Developer (recently snatched by BitPay) (via)
I recently noticed that when I log in to two Twitter accounts, one from Google Chrome’s main window and one from an Incognito one, the session would sometimes mysteriously “leak” to the main window. I suspected this may be caused by a faulty extension, and it seems I was right. The faulty extension is, ironically, HTTPS Everywhere by the Electronic Frontier Foundation.
It seems that cookies set in normal browsing mode cannot be seen in Incognito, but that (some?) cookies set in Incognito are visible to normal browsing mode. Unfortunately this means that your incognito sessions can leak data into your normal browsing sessions.
According to a 4 months old HTTPS Everywhere bug report, it’s a Chrome API bug: “We’re getting the onCookieChanged event, and the cookie we get in that event has a storeId of 0 regardless of where it comes from (Incognito or not). We then turn right around and set the secure flag on the cookie and issue a cookies.set(cookie). Since the storeId is still the default store, the cookie leaks to normal mode.“
The only other report I could find was a very minor Google+ post by Todd Vierling (with reproduction instructions) from more than half a year ago, and it seems like nothing was done to mitigate the issue since.
Reproduced in Chrome version: 28.0.1500.72 m, HTTPS Everywhere version: 2013.7.10
I really enjoyed reading Paul Graham‘s essay “Do Things that Don’t Scale” in which he gives counterintuitive advice, encouraging entrepreneurs to invest time in manual labor at the “larval” stage of a their startup’s life.
Here are several highlights I found interesting (could also serve as a tl;dr summary for the lazy, although I recommend reading the essay in full):
Some people, when confronted with a problem, think “I know, I’ll use regular expressions.” Now they have two problems.
However, if you really have to, use Grant Skinner‘s very useful RegExr tool.
New design for my homepage at innerlogics.com. I’m quite happy with the result!
The documentation is somewhat incomplete on how to force Google Analytics to use SSL when working with the ga.js tracker (using asynchronous syntax). When using analytics.js, a simple call to set forceSSL is sufficient.
The correct syntax is
_gaq.push(['_gat._forceSSL']);
One thing humans don’t know how to do is shut down peer to peer networks. We don’t have the technology.
– Peter Vessenes, founder and CEO of Bitcoin exchange CoinLab (via)
My friend and very talented artist Ben Genislaw has finally released the multiple-award winning animation short “Happily Ever After: A Journey to the future of a young couple moving in together for the first time“. It’s happy, sad, depressing, inspiring and above all, amazingly done. Enjoy!
Innerlogics 
Written
on July 31, 2013