MAGNETS on 3d printing the breaking new technology

This is magic, big news, both, or neither. It’s so exciting to see magnets behave in this bizarre and wonderful way that we think it’s hard to forecast where this will go. Shown above is a pair of magnets that have several modes of operation. They attract each other, but repel when less than a centimeter apart. However, give one a twist and the two will strongly attract.

The behavior is thanks to a new process of 3D printing magnets to manipulate where the fields occur. With the behavior just described, they would function well as a cabinet latch which has soft close and positive lock, all built into two magnets.

This comes from one of our favorite YouTube channels, [SmarterEveryDay], who just toured Polymagnet — a company that has figured out how to actually print magnetic fields.

So how the heck does it work? Well, your standard magnet has a north face on one side, and a south face on the other — creating a magnetic loop between the two. But what if you could put north and south on the same side of the magnet, and vary their position and size? It means you can control the magnetic field down to the magnetic pixel, or as Polymagnet calls them — a Maxel.

Here 3dprinted-magnets-thumbyou can see some magnetic film (which reacts visually to magnetic fields) put on top of the two parts of the demo magnet. The printed design is very similar to a mechanical mechanism. We’d explain more, but [Destin] does a great job teaching about the tech in the video found below.

Is this the dawn of magnetic mechanisms? We certainly have never seen anything like it.

The applications for this technology are endless. Controllable, permanent magnetic fields of your own design? From locking magnetic latches, to shock absorbers, component coupling, positional control… this is going to be revolutionary in product design.

 

AML

AML Optimization – Do More with Less

With AML fines and regulator demands growing by the day, the stakes for AML teams have never been higher. All signs of potential AML activity have to be monitored, which puts a massive burden on investigation teams. But traditional approaches to AML transaction modeling are rigid, prone to false alarms and missing true incidents of money laundering. AML optimization efforts tend to be expensive and are often manual service engagements.

Unlike entrenched AML transaction monitoring solutions, our solution was built from the ground up to use the power of unsupervised machine learning to drive superior AML optimization. Rules-based and supervised machine learning systems require constant tuning as fraudsters discover new ways to evade them. Every false positive means wasted investigation cycles. Every false negative is an existential risk to your business. The good news is that we can help.

Unsupervised Machine Learning for AML Optimization

Reduced False Positives
deep visibility into subtle relationships that traditional systems miss in exchange for  better efficiency
Reduced False Negatives
we don’t rely on prior knowledge of specific money laundering patterns, increasing effectiveness.
Easy, Automatic Upgrades
modern deployment means you don’t have to deal with painful 3-5 year upgrade cycles. Get the newest capabilities the minute they are ready.
Standalone or Add-on Deployment
no need to replace an existing AML transaction monitoring solution until you are ready

This is an intervention. Stop storing secrets in your apps.

This is a repost of a submission I made to Reddit’s /r/androiddev subreddit. You can pull up the thread to see the ensuing discussion.


Reading the comments on the cloned app post nearly gave me a nervous breakdown. Fellow devs, please sit down and let’s have a frank conversation about your android app’s security.

It’s time you hear and accept this: Your app doesn’t love you and it will happily betray your trust in the right hands. Don’t believe me? Check out the countless posts from /r/netsec, /r/reverseengineering, /r/pwned about breaking into android apps. A skilled RE (Reverse Engineering) hacker will quickly convince your app to give up all of its closely guarded secrets and do all of those nasty little actions that you took such great pains (and unit tests) to prevent.

Now I know this is hard to hear and I can already anticipate what you’re going to say:

  • But hacking is impossible without access to my apk! Getting access to an apk is simple. Once downloaded to a rooted phone, pulling it via ADB is one adb pull /data/app/[your_apk_name] command away. You can even download an APK from Google Play with the right help.
  • But I used Proguard on my code! Great! Did you include any sensitive URLs, strings, keys, passwords, or other resources in your app? Then you’re still screwed. Proguard only makes your app’s code “harder to reverse engineer”– extracting all of those juicy unprotected strings and resources from your code is still insanely easy. Even modifying a proguard-protected app to bypass a boolean security check is the first thing that you learn to do when patching an app.
  • But I cleverly disguised and encrypted my strings/keys/urls! Do you ever communicate those back to a server? There are plenty of tools that will readily intercept and display any network communication and endpoints- yes, even if it’s SSL/TLS protected. Even if you were careful to never reveal them on the wire, it’s still possible to yank the sensitive bits directly from the memory a running application.
  • But I implemented certificate pinning! That’s a good thing for your users’ security, but it give you no assurances regarding the trustworthiness of your app. Certificate pinning is still easily bypassed if someone intends to do so.

Bottom line: Just like with testing, you should never assume that your mobile app will only operate the way you originally intended it to. Ever. Here are the harsh realities of android development (or any mobile app for that matter):

  • How do I prevent someone from subverting/cloning my app? You can’t. You can make it harder through obfuscation, indirection, etc. In most cases it’ll only provide an annoyance and delay to a determined reverse engineer- a scenario that you absolutely will encounter if your app is at all successful. Also remember that each deterrent you bake makes your app more difficult to manage and is another opportunity to anger an otherwise legitimate user when something goes wrong. Even for companies like Google that do prevent most client-side exploitations, it’s a never ending, incredibly expensive arms race between their vast security teams and individual hackers.
  • How do I perform business-sensitive operations then? If you need to do something that you must be absolutely sure is not subverted, only do them on a server you own and control. This is especially true with any financial transactions, including verification of in-app purchases.
  • But I don’t have the money for a server. Stand up a free AWS instance, heroku dyno, or a $5/month DigitalOcean droplet. If you’re serious enough about your app to try and make money from it, keeping your most sensitive operations on systems you own and control is a simple and cheap safeguard.
  • This all sounds a bit nihilistic. Why do anything then? Realize that there’s two different types of security you should be considering- User Security and Business Security. You should be focused on user security with your mobile apps- it’s about making sure that your users don’t accidentally do anything that would negatively impact them. Things like cert pinning, TLS/SSL, verifying inputs, etc. are all important for user security. But, just like in life, you can’t protect people from hurting themselves or doing bad things. So for your own security, you must always assume that you have malicious users out there (i.e. users of your mobile app) that will lie, cheat, and otherwise ignore all of those virtuous safeguards you put in place for them.

Conclusion – Your app is not your trusted friend. Never included anything in it (e.g. passwords, secret URLs, API keys, etc) that you wouldn’t want someone to see. Securing your app should be about protecting your users’ security and privacy- any sensitive operations or information that you or your business depend on being secret or done absolutely correctly should be handled exclusively on systems you own and control.

Bitcoin / Eth / Cryptocurrency 加密貨幣

什麼是加密貨幣?

加密貨幣是諸如USD的正常貨幣的交換介質,但是設計用於通過由加密的某些原理 使得可能的過程交換數字信息的目的。密碼術用於保護交易並控制新硬幣的創建。要 創建的第一個加密貨幣是2009年的比特幣。今天有數百種其他加密貨幣,通常稱為 Altcoins。換句話說,cryptocurrency是電轉換成具有貨幣價值的代碼行。在最簡單的 形式中,加密貨幣是數字貨幣。與集中式銀行業務不同,例如美聯儲(Fed)系統,政府 通過打印法定貨幣來控制美元等貨幣的價值,但是政府對加密貨幣的控制並不完全 分散。大多數加密貨幣被設計為隨著時間的推移而減少生產,比如比特幣,這就為它 們創㐀了一個市場上限。這不同於法定貨幣,金融機構總是可以創㐀更多,因此通貨 膨脹。比特幣永遠不會有超過2100萬硬幣流通。所有加密貨幣所基於的技術系統是 由Satoshi Nakamoto創建的。

加密貨幣的歷史

雖然存在數百種不同的加密貨幣規範,但大多數是從兩種協議之一導出的;工作證明 或權益證明。所有加密貨幣由加密貨幣礦工社區維護,加密貨幣礦工是一般公眾的成 員,他們已經建立了他們的計算機或ASIC機器參與交易的驗證和處理。 第一個加密貨幣是比特幣。比特幣是由名為Satoshi Nakamoto的假名開發商於2009 年創建的。比特幣使用SHA-256,它是由美國國家安全局設計的一組加密散列函數。 比特幣是一種基於工作證明系統的加密貨幣。

加密貨幣和市值

比特幣是市場資本,數量,接受度和臭名昭著的最大的加密貨幣,但它不是最有價值 的硬幣。 NEMstake,雖然只有1,116,720美元的市值,交易在1,117美元硬幣。看著市 值,Litecoin在比特幣之後位居第二,Ripple緊隨其後。 你更可能熟悉的一個硬幣是Dogecoin。 Dogecoin平均交易量的三分之一,但具有相 對較低的市值 – 在最大的加密貨幣中排名第六。

什麼是加密貨幣哈希(Hash)?

加密貨幣挖掘能力的等級是每秒的哈希值。具有1kH / s的計算能力的鑽機以每秒 1,000個散列的㏿率進行挖掘,1MH / s是每秒一百萬個散列,並且GH / s是每秒十億 散列。每當礦工成功地解決一個塊,就創建一個新的哈希。散列算法將此大量數據轉 換為固定長度的散列。像一個代碼,如果你知道的算法,你可以解決一個哈希,並得 到原始數據,但普通眼睛只是一堆數字擠在一起,幾乎不可能得到原始數據。

SHA vs. Scrypt

雖然Bitcoin和幾個其他硬幣開採使用SHA-256,Litecoin和許多其他硬幣,使用 Scrypt。這是兩個主要的哈希函數,但是存在幾種不同的類型,並且被諸如scrypt-N 和x11的其他隱式貨幣使用。採用不同的散列函數來回答SHA-256的關注。之前,個 人能夠利用他們的GPU挖掘比特幣,這需要大量的能量。但隨著比特幣的普及,ASIC SHA-256機器,使GPU開採過時。為了讓您了解這些機器有多麼強大,運行4 GPU的採礦鑽機將獲得大約3.4 MH / s的 散列㏿率並消耗3600kW / h,而ASIC機器可以挖掘6 TH / s並消耗2200kW / h 。這 有效地殺死了GPU挖掘,並留下了許多擔心網絡安全的人。隨著更少的個人能夠從他 們的家庭計算機中獲利,網絡變得不那麼分散。 Scrypt挖掘實現了由於其引入的內存 問題的ASIC耐性的承諾。

為什麼使用加密貨幣?

加密貨幣是一種專門設計用於利用互聯網架構的貨幣形式。代替依靠標準金融機構 來保證和驗證交易,由貨幣網絡上的用戶的計算機檢查或“確認”加密貨幣交易。驗證 交易的計算機通常會收到少量貨幣作為獎勵。接收獎勵以換取驗證交易的過程被稱 為“挖掘”,並且它是產生新貨幣的主要方式。不同貨幣的採礦工作不同。 因為加密貨幣是完全數字的,它們可以以普通貨幣不能使用的方式使用;主要是使用 它們像數字等價的現金。與銀行發行的信用卡或借記卡不同,您不需要帳戶或信用卡 即可使用加密貨幣,但您可以使用它們從日益多樣化的零售商和個人那裡購買商品 和服務。例如,Overstock.com和Newegg.com接受比特幣作為付款。對於幾乎每個交 易通常都有非常小的費用,但是它通常比信用卡處理費和利息低得多,並且費用支持 網絡。

加密貨幣:尋找什麼

加密貨幣使用許多不同的算法,並以不同的方式交易。這裡是你應該考慮的主要特 點。

1. 市值和日交易量 2. 驗證方法 3. 零售商接受

市值和日交易量

加密貨幣的市值是目前流通的所有硬幣的總價值。高市值可以表示每個硬幣的高價 值或僅僅是大量的可用硬幣。也許比市值更重要的是日交易量:每天交換手的硬幣的 價值。相對於市值的高日交易量表示一個健康的經濟,有很多交易。

驗證方法

加密貨幣之間的主要區別之一是它們的驗證方法。最古老和最常見的方法稱為工作 證明。為了獲得驗證交易的權利,計算機必須花費時間和能量解決困難的數學問題。 這種方法的麻煩是它需要大量的能量來操作。股權證明系統試圖通過讓具有最大份 額的貨幣的用戶驗證交易來解決這個問題。這些系統需要較少的處理能力來操作並 聲明更快的事務㏿度,但是關於安全性意味著很少硬幣使用完全基於證明的系統。

零售商接受

加密貨幣沒有多大用處,如果你不能買它。這就是為什麼在你投資之前知道誰接受一 種貨幣是很重要的。一些加密貨幣被廣泛接受,甚至與主要零售商建立合作夥伴關 係。然而,大多數人接受度有限,有些只能兌換其他加密貨幣。一些硬幣根本不是設 計用於交換貨物的,而是為其他目的而建㐀的。

加密貨幣礦業與比特幣礦業盈利能力 2016 Dec

比特幣挖掘比較

以下列出的加密貨幣正在與比特幣挖掘進行比較,以確定加密貨幣是否比挖礦比特 幣更有利可圖。顯示的加密貨幣利潤率信息基於使用輸入的哈希率值的統計計算,並 且不考慮難度和匯率波動,陳舊/拒絕/孤立利率,池的效率和池費用。您的個人盈利 能力可能會有所不同。

http://www.coinwarz.com/cryptocurrency

价格比特币

哈希率 BitCoin 2016

矿工收入 支付给矿工的coinbase块奖励和交易费用的总值。

散列率和電力消耗

困難 317,688,400,354

市場價 1044.61 USD

要池或不池,這是問題

第一是是否獨立開採或參與採礦池。當比特幣開採時,沒有以穩定,漸進的方式收到付款。相反,當特定的里程碑受到打擊時,他們會被大批量發給那些打中了里程碑的人。如果你沒有運行一堆超級快速的挖掘計算機,可能你永遠不會是一個達到里程碑並收到付款的人。在採礦池中,許多用戶作為一個團體聯合力量進行挖掘,並且根據他們已經貢獻了多少計算能力,所有獎勵支付被分配到組中。這簡化了獎勵結構,使您的付款更可靠。你可以選擇獨奏,但對於任何人只是進入altcoin挖掘,一個游泳池是一個更好的選擇 – 尤其是如果你不開採一個房間充滿強大的電腦。本指南的其餘部分將假設您正在池中開採。每個altcoin有不同的池,雖然一些池根據上升和下降的價值在不同的貨幣之間切換。每個泳池都有利弊,但大部分情況下,你選擇哪一個都沒關係。為了找到一個流行的游泳池,訪問一個社區網站為你感興趣的錢幣。

硬幣錢包

這樣,你可以使用你的GPU,CPU或兩者來挖掘Litecoin或大多數其他山寨幣。當您開始在您的帳戶中累積硬幣時,您可以訪問礦業池的網站並輸入地址以將硬幣發送到您的個人錢包。您可以在先前下載的客戶端的“接收”選項卡中找到您的錢包地址。一旦您開始在您的錢包中保存硬幣,您應該啟用加密它通過點擊設置 – >啟用加密,並選擇一個安全的密碼。然後,請務必定期備份您的錢包,方法是點擊文件 – >備用電子錢包。如果你失去了你的硬盤驅動器,沒有你的錢包備份到某個地方安全,你會失去你的所有硬幣。不幸的是,你可能不能夠賺大量利潤挖礦山幣。新的ASIC板正在設計目標為LiteCoin和其他基於Scrypt的altcoins,他們將迫使大功率GPU採礦鑽機脫離競爭。然而,現在,挖掘是一種有趣的方式來了解一項技術,這可能是十年中最重要的發明,而不是讓你的退休基金在線。

在市场上唯一有利可图的挖掘机器

S9 Antminer Rig

每天的電力成本 $ 3.96

每週回報 $ 42.95

每天返回 $ 6.14

每月返回 $ 184.05

投資回收期 342 days

利潤率154%

S9是Bitmain最新的2016年產品。與14 TH為$ 2100這是家庭比特幣礦工市場上最好的機器之一。隨著比特幣獎勵減半在2016年年中,S9肯定是成本曲線中更有競爭力的機器之一。

https://www.cryptocompare.com/mining/bitmain/antminer-s9-miner/

最佳比特币云矿业服务

对于那些对操作实际硬件不感兴趣的人,他们可以购买比特币云采矿合同。在本节中列出的不是这些服务的认可。有大量的比特币云开采骗局。

Hashflare Review – http://profit.hashflare.eu/en/?ref_id=539A7635

Genesis Mining Review – https://www.genesis-mining.com/?afclick=586678277881cc916e8b8f4b

Minex- https://minex.io/?clickid=586678027881cc976e8b8f1f&pid=1110

Bitcoinming – https://www.bitcoinmining.com/

Review Proposal of the Investment in Google Doc

 

 

 

Mining project proposal

https://3dwarehouse.sketchup.com/model.html?id=6f7bdb7f03959f2fbd3f74b436390d5b

Underground building
https://3dwarehouse.sketchup.com/embed.html?mid=dbcd2cf977095f794b5916ceaed6c0f6&width=580&height=326

Underground container
https://3dwarehouse.sketchup.com/embed.html?mid=1171480ea9c2f6dbec83c1b12b60680&width=580&height=326

Underground house concept
https://3dwarehouse.sketchup.com/embed.html?mid=215301610a66add8df2d7205a618f7c7&width=580&height=326

Server Room setup
https://3dwarehouse.sketchup.com/embed.html?mid=ufdeb78b7-9268-41f0-a5d4-f9a5b67645e5&width=580&height=326

使用Quagga作為連接到數據中心的路由器。注意,我們使用IPv4 / 29作為上行鏈路,並在終端服務器連接到之間的第2層交換機。第二個IPv4 / 23塊在Quagga路由器上使用,bgp在Quagga和DataCenters Layer3設備之間完成。此設置也適用於IPv6。
Rig Setup 鑽機設置