Stephen Hawking's final paper, which aims to test a theory that proposes parallel universes, appeared today (May 2) in the Journal of High Energy Physics.

As Live Science reported at length in March, before the paper was peer-reviewed and officially published, it shares Hawking's final look at one of his earliest theories, the so-called "no-boundary proposal." This idea describes the conditions in the very early universe. Hawking and his co-author, Thomas Hertog, a physicist at the Catholic University of Leuven in Belgium, attempted to resolve thorny questions regarding the multiverse, or the idea that many universes exist side by side. Hertog called their conclusions a "departure" from the "no-boundary proposal" as Hawking originally presented it.

According to Hawking's "no-boundary proposal," before the Big Bang, when the entire universe was compressed into a single, infinitely small point, there was no directional time as we experience it. Time was a closed, boundary-free thing, like a sphere without edges. [Stephen Hawking: A Physics Icon Remembered in Photos]

Scientists later determined that this proposal implied something strange: that the multiverse is infinite, with endless, uncountable parallel universes existing alongside our own, Live Science previously reported. That wild situation presented a number of problems for science, most significantly that it rendered most basic scientific ideas about the multiverse impossible to test. (If there are infinitely many universes, then an experiment could make predictions about what the universe should look like — and there will be some universes out there that will match those predictions.)

"Hawking was not satisfied with this state of affairs," Hertog told Live Science in March. "'Let's try to tame the multiverse,' he told me a year ago. So, we set out to develop a method to transform the idea of a multiverse into a coherent, testable scientific framework."

Hawking's final paper suggests a framework for understanding the universe that would render the multiverse finite, countable and subject to meaningfully engagement via the tools of science.

There were some minor tweaks to the text of the paper as it appeared on the preprint server arXiv at the time of Hawking's death and its final published form, but they're minor and don't represent any fundamental differences in meaning.

"There are no significant changes between versions 2 and 3," Hertog wrote in an email. "The paper represents indeed a departure from the no-boundary theory (as we write at the end)."

Physicists that Live Science interviewed previously said that while the idea is interesting, it isn't earth-shattering — in part because there's still no good way to prove it's true. In addition, as North Carolina State University cosmologist Katie Mack told Live Science at the time, the idea is not yet fully fleshed out.

"What they've done in this paper is to use what they call a toy model — it's not fully rigorous and complete," Mack said. "They admit that there's a lot more work to be done."

To get to that point, Mack said, physics will need to overcome some significant hurdles. Most importantly, they have to develop a thorough unification of the theories of gravity and quantum mechanics.

A PDF of the final, peer-reviewed version Hawking's final paper is available without a paywall on the preprint server arXiv. A digital version appeared on the journal's website on April 27.

Originally published on Live Science.

It has become clear that storing secrets in computers is hard. The best demo to the world that storing secrets on “online” computers is hard and sometimes devastating, is the largeamounts of cryptocurrencytheft due to critical keys being in memory of systems directly or indirectly connected to the internet.

For the last one and a half years, I’ve had a set of Yubikeys on my keychain. A Yubikey is a USB stick that acts like a two factor token, but can also act as a smart card.

Smart cards are neat, since they allow you to store sensitive cryptographic keys on another removable device, and they come with a guarantee that once they are programmed with a key they will not give it back to a system (they can be overwritten though)

This allows someone to separate a cryptographic key from the system it lives on. This is useful for things like SSH, since it means you can have a key that moves on your person, rather than a per machine key in the case that you use multiple machines to access systems.

Under the hood, all these smart cards are doing are the operations that require the private key, like data signing and decryption.

I figured that we could also retrofit them to provide for other roles where keys would normally be in memory (and stealable), Like TLS/HTTPS servers!

To start with, I took a spare yubikey I had never setup and used the GPG tooling on Linux to setup the card and generate keys.

ben@eshwil:~$ gpg2 --card-status
Reader ...........: 1050:0407:X:0
Application ID ...: D2760001240102010006069118380000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 0xxxxxxx
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 0
Signature key ....: [none]
Encryption key....: [none]
Authentication key: [none]
General key info..: [none]

Here we see that the system is able to query the card and is empty and ready to program a key on to it.

ben@eshwil:~$ gpg2 --card-edit
gpg/card> admin
Admin commands are allowed

gpg/card> generate
Make off-card backup of encryption key? (Y/n) n

Please note that the factory settings of the PINs are
   PIN = '123456'     Admin PIN = '12345678'
You should change them using the command --change-pin

What keysize do you want for the Signature key? (2048) 
What keysize do you want for the Encryption key? (2048) 
What keysize do you want for the Authentication key? (2048) 
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days<n>w = key expires in n weeks<n>m = key expires in n months<n>y = key expires in n years
Key is valid for? (0) 91
Key expires at Tue 31 Jul 2018 11:52:47 EDT
Is this correct? (y/N) Y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: yubitls.benjojo.co.uk
E-mail address: 
Comment: 
You selected this USER-ID:
    "yubitls.benjojo.co.uk"

Change (N)ame, (C)omment, (E)-mail or (O)kay/(Q)uit? O
gpg: /home/ben/.gnupg/trustdb.gpg: trustdb created
gpg: key 3FCD18FAB4FC1CF9 marked as ultimately trusted
gpg: directory '/home/ben/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/home/ben/.gnupg/openpgp-revocs.d/8236069819F168BB781D31B53FCD18FAB4FC1CF9.rev'
public and secret key created and signed.

Above we used the smart card itself to generate keys. We could have generated keys locally on the system and then uploaded keys to the card, however that would mean that at some point the keys that we are trying to secure would have been visible to a system connected to the internet. This is not optimal since if I had malware on my laptop while I did this, the keys could have been copied without me knowing.

Generation on the card ensures that the system provisioning the smart card never sees the sensitive key material, all of the generation is done on the card itself.

gpg/card> list

Reader ...........: 1050:0407:X:0
Application ID ...: D2760001240102010006069118380000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 0xxxxxxx
Name of cardholder: [not set]
Language prefs ...: [not set]
Sex ..............: unspecified
URL of public key : [not set]
Login data .......: [not set]
Signature PIN ....: not forced
Key attributes ...: rsa2048 rsa2048 rsa2048
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
Signature counter : 4
Signature key ....: 8236 0698 19F1 68BB 781D  31B5 3FCD 18FA B4FC 1CF9
      created ....: 2018-05-01 15:53:07
Encryption key....: 2E4F E811 2814 EA33 FA1E  C23F 99F1 667F C9BE 44A3
      created ....: 2018-05-01 15:53:07
Authentication key: 1A1A 6594 F7D6 5EA2 0E1C  C0AE 5786 AF8D 1462 E84D
      created ....: 2018-05-01 15:53:07
General key info..: pub  rsa2048/3FCD18FAB4FC1CF9 2018-05-01 yubitls.benjojo.co.uk
sec>  rsa2048/3FCD18FAB4FC1CF9  created: 2018-05-01  expires: 2018-07-31
                                card-no: 0006 06911838
ssb>  rsa2048/5786AF8D1462E84D  created: 2018-05-01  expires: 2018-07-31
                                card-no: 0006 06911838
ssb>  rsa2048/99F1667FC9BE44A3  created: 2018-05-01  expires: 2018-07-31
                                card-no: 0006 06911838

Now that we have our key setup, it’s worth going through where the key will be needed to serve as a HTTP/TLS server.

To start a TLS connection, the client states who it is expecting to see to the server, as well as some information about what the clients capabilities and requirements are. The server then replies with a certificate and a signature to prove it has the key for that certificate, plus information on what the clients capabilities are as well.

Assuming all is well, the two systems figure out a solution to connect, and then begin communicating with encryption enabled.

This means that for every fresh connection the server must do operations that involve the sensitive private key. In almost every case this means it has to be accessible in memory for a server to function (unless some other creative solutions are involved). However here we want to move this operation to a external bit of hardware.

Where most programming languages/runtimes link to OpenSSL, golang is different in that it has its own internal TLS stack internally. This is useful for us, since we want to make a “fake private key” that has the function calls of a regular private key, but actually does other logic with those function calls.

Lucky for us, someone has already implemented a library that implements a crypto.PrivateKey but where the backend is a GPG Agent. This is especially useful in our case since the Yubikey works with a GPG agent.

Now that we have a chain that works, we can create a Certificate Signing Request file for the domain we are going to use:

$ ./yubiTLS -csr.cn yubitls.benjojo.co.uk -signcsr
You appear to have not selected a key to use, or the key you selected
Does not exist in the agent at this time, Do you see your key in this list?
2018/05/02 15:39:33 Key: 09A25C1D64EF0E7170F9C3A0FAF9080B02216FD5 - {Keygrip:09A25C1D64EF0E7170F9C3A0FAF9080B02216FD5 Type:1 SerialNo:D2760001240102010006069118380000 CardID:OPENPGP.3 Cached:false Protection:2 Fingerprint:fe:96:e4:c2:68:f7:2f:75:a7:94:8d:1f:24:20:28:be TimeToLive: conn:<nil> publicKey:{N:0xc42000c340 E:65537}}

$ ./yubiTLS -csr.cn yubitls.benjojo.co.uk -signcsr -keyid 09A25C1D64EF0E7170F9C3A0FAF9080B02216FD5

$ ls *.csr
yubitls.benjojo.co.uk.csr

We can then use Let’s Encrypt via SSL For Free to get this CSR signed.

After verifying the domain, we tell the site we have a CSR:

After that, we obtain a SSL certificate for the key on our Yubikey!

Then we can provide these certificates to the server, and run the HTTPS demo server!

$ ./yubiTLS -keyid 09A25C1D64EF0E7170F9C3A0FAF9080B02216FD5 -crtpath cert.crt -cacrtpath bundle.crt
2018/05/02 15:49:57 Listening

The first time you visit it, it may ask for the PIN to unlock the Yubikey, it was amusing when this happened for the first time, because I knew at that point it worked :)

After we enter the pin, we get content served from a HTTPS server backed by a key contained on a USB stick!

If you want to try this out for yourself on a blank yubikey you can find the code on my github here: https://github.com/benjojo/yubiTLS

And if you enjoyed this, you will be glad to know that I am going to be at Recurse Center in NY for the next 7 weeks! Meaning you can follow my Twitter or RSS to keep up with the other silly (or sometimes sensible) things I will do!

Until next time!

Brian Donohue | Pinterest engineering manager, Product Engineering

About 100 days ago, our product engineering team began experimenting with a three-day no-meeting schedule for individual contributors on our teams.

It’s not a big revelation that software development requires long stretches of uninterrupted time to focus. As Pinterest has grown, we’ve noticed the number of meetings also has increased. Having so many meetings can fragment an engineer’s entire day, eliminating the stretches of uninterrupted time required to build software.

Back in 2009, Paul Graham wrote the following, which speaks to this issue better than I can ever hope to:

When you’re operating on the maker’s schedule, meetings are a disaster. A single meeting can blow a whole afternoon, by breaking it into two pieces each too small to do anything hard in. Plus you have to remember to go to the meeting. That’s no problem for someone on the manager’s schedule. There’s always something coming on the next hour; the only question is what. But when someone on the maker’s schedule has a meeting, they have to think about it.

In the interest of preserving these blocks of uninterrupted time, the product engineering organization at Pinterest experimented with putting 9AM-5PM no meeting blocks on engineers’ calendars from Tuesday–Thursday:

Over the past several months, product engineering managers have gotten very positive feedback about the three-day no-meeting schedule, and we recently sent out a three question survey about it.

The last question was for “other feedback,” and here are some of the positive responses:

• “I really enjoy having 3 no-meeting days. Wish we could minimize interruptions more but it’s hard with interviews and other company events.”
• “I love this idea. Get so much done now.”
• “This switch is great, I feel like the 3 no meeting days are great for just building and getting work done without losing focus. Slack lets us talk and make the same decisions we would have made in meetings anyways. Always open to removing even more meetings!”
• “I really appreciate the extra days of no meetings, even though it gets violated regularly, I definitely notice fewer meetings and fewer distractions.”

Here are some of the neutral-to-negative responses:

• “3-day schedule might work well to reduce meetings, but it certainly doesn’t work to kill them because mon/fri conflicts build up and they spill over.”
• “Mondays and Fridays are usually packed with meetings.”

Obviously there are trade-offs when making a change like this. However, we feel that three focused days with two days of meetings is better than scattered meetings throughout the week. The survey results also indicate that the majority of engineers share that sentiment.

Since sharing the results, several other engineering organizations at Pinterest have adopted the same no-meeting schedule. Here’s a message I received from an engineer on the protect team in response to his team adopting the schedule:

My manager suggested we do what your team did and prolong no meetings from 1 to 3 days. It’s hard for me to thank you enough for this initiative. Funnily enough the Paul Graham essay about manager schedule vs maker schedule was trending last night on HN and re-reading it I was just thinking that I would love to extend no meetings to 3 days, and today I come to the office to my manager bringing up that you guys tried it and we could too… Thanks so much man!

As engineering managers, it’s our job to provide the space and support needed to help our engineers deliver great software. It’s been amazing to see the impact of this seemingly small change on product engineering, and we’re really excited to see other engineering teams adopting it at Pinterest.

PS. We’re hiring!

Horse racing is something like a religion in Hong Kong, whose citizens bet more than anyone else on Earth. Their cathedral is Happy Valley Racecourse, whose grassy oval track and floodlit stands are ringed at night by one of the sport’s grandest views: neon skyscrapers and neat stacks of high-rises, a constellation of illuminated windows, and beyond them, lush hills silhouetted in darkness.

On the evening of Nov. 6, 2001, all of Hong Kong was talking about the biggest jackpot the city had ever seen: at least HK$100 million (then about $13 million) for the winner of a single bet called the Triple Trio. The wager is a little like a trifecta of trifectas; it requires players to predict the top three horses, in any order, in three different heats. More than 10 million combinations are possible. When no one picks correctly, the prize money rolls over to the next set of races. That balmy November night, the pot had gone unclaimed six times over. About a million people placed a bet—equivalent to 1 in 7 city residents.

At Happy Valley’s ground level, young women in beer tents passed foamy pitchers to laughing expats, while the local Chinese, for whom gambling is a more serious affair, clutched racing newspapers and leaned over the handrails. At the crack of the starter’s pistol, the announcer’s voice rang out over loudspeakers: “Last leg of the Triple Trio,” he shouted in Australian-accented English, “and away they go!”

As the pack thundered around the final bend, two horses muscled ahead. “It’s Mascot Treasure a length in front, but Bobo Duck is gunning him down,” said the announcer, voice rising. “Bobo Duck in front. Mascot fighting back!” The crowd roared as the riders raced across the finish line. Bobo Duck edged Mascot Treasure, and Frat Rat came in third.

Across the road from Happy Valley, 27 floors up, two Americans sat in a plush office, ignoring a live feed of the action that played mutely on a TV screen. The only sound was the hum of a dozen computers. Bill Benter and an associate named Paul Coladonato had their eyes fixed on a bank of three monitors, which displayed a matrix of bets their algorithm had made on the race—51,381 in all.

Benter and Coladonato watched as a software script filtered out the losing bets, one at a time, until there were 36 lines left on the screens. Thirty-five of their bets had correctly called the finishers in two of the races, qualifying for a consolation prize. And one wager had correctly predicted all nine horses.

“F---,” Benter said. “We hit it.”

It wasn’t immediately clear how much they’d made, so the two Americans attempted some back-of-the-envelope math until the official dividend flashed on TV eight minutes later. Benter and Coladonato had won a jackpot of $16 million. Benter counted the zeros to make sure, then turned to his colleague.

“We can’t collect this—can we?” he asked. “It would be unsporting. We’d feel bad about ourselves.” Coladonato agreed they couldn’t. On a nearby table, pink betting slips were arranged in a tidy pile. The two men picked through them, isolating three slips that contained all 36 winning lines. They stared at the pieces of paper for a long time.

Then they posed, laughing, for a photo—two professional gamblers with the biggest prize of their careers, one they would never claim—and locked the tickets in a safe. No big deal, Benter figured. They could make it back, and more, over the rest of the racing season.

Veteran gamblers know you can’t beat the horses. There are too many variables and too many possible outcomes. Front-runners break a leg. Jockeys fall. Champion thoroughbreds decide, for no apparent reason, that they’re simply not in the mood. The American sportswriter Roger Kahn once called the sport “animated roulette.” Play for long enough, and failure isn’t just likely but inevitable—so the wisdom goes. “If you bet on horses, you will lose,” says Warwick Bartlett, who runs Global Betting & Gaming Consultants and has spent years studying the industry.

What if that wasn’t true? What if there was one person who masterminded a system that guaranteed a profit? One person who’d made almost a billion dollars, and who’d never told his story—until now?

In September, after a long campaign to reach him through friends and colleagues, I received an email from Benter. “I have been avoiding you, as you might have surmised,” he wrote. “The reason is mainly that I am uncomfortable in the spotlight by nature.” He added, “None of us want to encourage more people to get into the game!” But in October he agreed to a series of interviews in his office in downtown Pittsburgh. The tasteful space—the top two floors of a Carnegie Steel-era building—is furnished with 4-foot-tall Chinese vases and a marble fireplace, with sweeping views of the Monongahela River and freight trains rumbling past.

Benter, 61, walks with a slight stoop. He looks like a university professor, his wavy hair and beard streaked with gray, and speaks in a soft, slightly Kermit-y voice. He told me he’d been driven only partly by money—and I believed him. With his intelligence, he could have gotten richer faster working in finance. Benter wanted to conquer horse betting not because it was hard, but because it was said to be impossible. When he cracked it, he actively avoided acclaim, outside the secretive band of geeks and outcasts who occupy his chosen field. Some of what follows relies on his recollections, but in every case where it’s been possible to corroborate events and figures, they’ve checked out in interviews with dozens of individuals, as well as in books, court records, and other documents. Only one thing Benter ever told me turned out to be untrue. It was at the outset of our conversations, when he said he didn’t think I’d find anything interesting to write about in his career.

Benter grew up in a Pittsburgh idyll called Pleasant Hills. He was a diligent student and an Eagle Scout, and he began to study physics in college. His parents had always given him freedom—on vacations, he’d hitchhiked across Europe to Egypt and driven through Russia—and in 1979, at age 22, he put their faith to the test. He left school, boarded a Greyhound bus, and went to play cards in Las Vegas.

Benter had been enraptured by Beat the Dealer, a 1962 book by math professor Edward Thorp that describes how to overcome the house’s advantage in blackjack. Thorp is credited with inventing the system known as card counting: Keep track of the number of high cards dealt, then bet big when it’s likely that high cards are about to fall. It takes concentration, and lots of hands, to turn a tiny advantage into a profit, but it works.

Thorp’s book was a beacon for shy young men with a gift for mathematics and a yearning for a more interesting life. When Benter got to Las Vegas, he worked at a 7-Eleven for $3 an hour and took his wages to budget casinos. The Western—with its dollar cocktails and shabby patrons getting drunk at 10 a.m.—and the faded El Cortez were his turf. He didn’t mind the scruff. It thrilled him to see scientific principles play out in real life, and he liked the hedonistic city’s eccentric characters. It was the era of peak disco, with Donna Summer and Chic’s Le Freak all over the radio. On a good day, Benter might win only about $40, but he’d found his métier—and some new friends. Fellow Thorp acolytes were easy to spot on casino floors, tending to be conspicuously focused and sober. Like them, Benter was a complete nerd. He had a small beard, wore tweedy jackets, and talked a lot about probability theory.

In 1980 he’d just applied for a job as a night cleaner at McDonald’s when his buddies introduced him to the man who would change his life. Alan Woods was the leader of an Australian card-counting team that had recently arrived in Las Vegas. Woods was then in his mid-30s, with a swoop of gray hair and cold blue eyes. Once an insurance actuary with a wife and two kids, he’d decided one day that family life wasn’t for him and began traveling the world as an itinerant gambler.

Woods impressed Benter with his tales of fearlessness, recounting how he’d sneaked past airport security in Manila with $10,000 stuffed into his underwear. Most appealing, he pursued the card counter’s craft with discipline. His team pooled its cash and divided winnings equitably. Having more players reduced the risk of a run of bad luck wiping out one’s bankroll, and the camaraderie offset the solitary nature of the work. Benter joined the squad.

Within six weeks, he found himself playing blackjack in Monte Carlo, served by waiters in dinner jackets. He felt like James Bond, and his earnings grew to a rate of about $80,000 a year. Benter abandoned any idea of returning to college. When his mother’s friends in Pittsburgh asked how his studies were going, she told them, “Bill’s traveling right now.”

Benter and his teammates got a house in the Vegas suburbs, living like geeky college fraternity brothers. Woods strictly forbade drinking on the job, so the men would wait until after their shifts to knock back beers and trade stories of scrapes with casino security, who were constantly on the lookout for card counting. Bull-necked pit bosses patrolled the floors. A suspicious player would be told to leave or, worse, backroomed: interrogated in a dingy office. There were rumors of counters being beaten and drugged. Benter thought the treatment was unjustified. He wasn’t a cheat. He just played smart.

After a couple of years, Benter was playing quietly at the Maxim one day when a meaty hand descended on his shoulder. “Come with me,” said a burly guy in a suit. In the back, Benter was shoved into a chair and told to produce some identification. He refused. The guard walked out, and an even more menacing guy walked in: “Show me your f---ing ID!” Benter got out his wallet.

Afterward—it was probably 1984—Benter, Woods, and some of their partners earned a place in the Griffin Book, a blacklist that a detective agency circulated to casinos. On top of the indignity of having their mug shots next to hustlers and pickpockets, the notoriety made it almost impossible for them to keep playing in Vegas. They needed to find another game.

Woods knew there were giant horse-betting pools to tap in Asia—and that the biggest of all was run by the Hong Kong Jockey Club. Begun in 1884 as a refuge for upper-crust Brits who wanted a stretch of England’s green and pleasant land in their subtropical colony, the club changed over time into a state gambling monopoly. Its two courses, Happy Valley and Sha Tin, were packed twice a week during a racing season that extended from September to July. Hong Kong’s population was then only about 5.5 million, but it bet more on horses than the entire U.S., reaching about $10 billion annually by the 1990s.

Hong Kong racing uses a parimutuel (also known as “totalizer”) system. Unlike odds in a Vegas sportsbook, which are set in advance and give a decisive edge to the house, parimutuel odds are updated fluidly, in proportion to how bettors wager. Winners split the pool, and the house skims a commission of about 17 percent. (After costs, the Jockey Club’s take goes to charity and the state, providing as much as a tenth of Hong Kong’s tax revenue.) To make money, Benter would have to do more than pick winners: He needed to make bets with a profit margin greater than the club’s 17 percent cut.

He went to the Gambler’s Book Club, a Vegas institution, and bought everything he could find on horses. There were lots of “systems” promising incredible results, but to him they seemed flimsy, written by journalists and amateur handicappers. Few contained real math. Benter wanted something more rigorous, so he went to the library at the University of Nevada at Las Vegas, which kept a special collection on gaming. Buried in stacks of periodicals and manuscripts, he found what he was looking for—an academic paper titled “Searching for Positive Returns at the Track: A Multinomial Logit Model for Handicapping Horse Races.” Benter sat down to read it, and when he was done he read it again.

The paper argued that a horse’s success or failure was the result of factors that could be quantified probabilistically. Take variables—straight-line speed, size, winning record, the skill of the jockey—weight them, and presto! Out comes a prediction of the horse’s chances. More variables, better variables, and finer weightings improve the predictions. The authors weren’t sure it was possible to make money using the strategy and, being mostly interested in statistical models, didn’t try hard to find out. “There appears to be room for some optimism,” they concluded.

Benter taught himself advanced statistics and learned to write software on an early PC with a green-and-black screen. Meanwhile, in the fall of 1984, Woods flew to Hong Kong and sent back a stack of yearbooks containing the results of thousands of races. Benter hired two women to key the results into a database by hand so he could spend more time studying regressions and developing code. It took nine months. In September 1985 he flew to Hong Kong with three bulky IBM computers in his checked luggage.

The Hong Kong that greeted Benter was a booming financial center, with some of the most densely populated spaces on the planet. The crowded skyline that had recently inspired Ridley Scott’s dystopian megacity in Blade Runner seemed to sprout towers weekly.

Benter and Woods rented a microscopic apartment in a dilapidated high-rise. Warbling Cantonese music drifted through stained walls, and the neighbors spent all night shouting in the hall. Their office was an old desk and a wooden table piled high with racing newspapers. If they went out at all, it was to the McDonald’s down the street.

Twice a week, on race days, Benter would sit at the computer and Woods would study the racing form. Early on, the betting program Benter had written spat out bizarre predictions, and Woods, with his yearlong head start studying the Hong Kong tracks, would correct them. They used a telephone account at the Jockey Club to call in their bets and watched the races on TV. When they won, there were satisfied smiles only. They were professionals; cheering and hooting were for rubes.

Between races, Benter struggled to make his algorithms stay ahead of a statistical phenomenon called gambler’s ruin. It holds that if a player with limited funds keeps betting against an opponent with unlimited funds (that is, a casino, or the betting population of Hong Kong), he will eventually go broke, even if the game is fair. All lucky streaks come to an end, and losing runs are fatal.

One approach—familiar to Benter from his blackjack days—was to adapt the work of a gunslinging Texas physicist named John Kelly Jr., who’d studied the problem in the 1950s. Kelly imagined a scenario in which a horse-racing gambler has an edge: a “private wire” of fairly reliable tips. How should he bet? Wager too little, and the advantage is squandered. Too much, and ruin beckons. (Remember, the tips are good but not perfect.) Kelly’s solution was to wager an amount in line with the gambler’s confidence in the tip.

Benter was struck by the similarities between Kelly’s hypothetical tip wire and his own prediction-generating software. They amounted to the same thing: a private system of odds that was slightly more accurate than the public odds. To simplify, imagine that the gambling public can bet on a given horse at a payout of 4 to 1. Benter’s model might show that the horse is more likely to win than those odds suggest—say, a chance of one in three. That means Benter can put less at risk and get the same return; a seemingly small edge can turn into a big profit. And the impact of bad luck can be diminished by betting thousands and thousands of times. Kelly’s equations, applied to the scale of betting made possible by computer modeling, seemed to guarantee success.

If, that is, the model were accurate. By the end of Benter’s first season in Hong Kong, in the summer of 1986, he and Woods had lost $120,000 of their $150,000 stake. Benter flew back to Vegas to beg for investment, unsuccessfully, and Woods went to South Korea to gamble. They met back in Hong Kong in September. Woods had more money than Benter and was willing to recapitalize their partnership—if it was renegotiated.

“I want a larger share,” Woods said, in Benter’s recollection.

“How much larger?” Benter asked.

“Ninety percent,” Woods said.

“That’s unacceptable,” Benter said.

Woods was used to being the senior partner in gambling teams and getting his way. He never lost his temper, but his mind, once set, was like granite. Benter was also unwilling to budge. Their alliance was over. In a fit of pique, Benter wrote a line of code into the software that would stop it from functioning after a given date—a digital time bomb—even though he knew it would be trivial for Woods to find and fix it later. Woods would keep betting algorithmically on horses, Benter was sure of that. He resolved that he would, too.

Benter’s Las Vegas friends wouldn’t stake him at horse racing, but they would at blackjack. He took their money to Atlantic City and spent two years managing a team of card counters, brooding, and working on the racing model in his spare time. In September 1988, having amassed a few hundred thousand dollars, he returned to Hong Kong. Sure enough, Woods was still there. The Australian had hired programmers and mathematicians to develop Benter’s code and was making money. He’d moved into a penthouse flat with a spectacular view. Benter refused to speak to him.

Benter’s model required his undivided attention. It monitored only about 20 inputs—just a fraction of the infinite factors that influence a horse’s performance, from wind speed to what it ate for breakfast. In pursuit of mathematical perfection, he became convinced that horses raced differently according to temperature, and when he learned that British meteorologists kept an archive of Hong Kong weather data in southwest England, he traveled there by plane and rail. A bemused archivist led him to a dusty library basement, where Benter copied years of figures into his notebook. When he got back to Hong Kong, he entered the data into his computers—and found it had no effect whatsoever on race outcomes. Such was the scientific process.

Other additions, such as the number of rest days since a horse’s last race, were more successful, and in his first year after returning to Hong Kong, Benter won (as he recalls) $600,000. The next racing season, ending in the summer of 1990, he lost a little but was still up overall. He hired an employee, Coladonato, who would stay with him for years, and a rotating cast of consultants: independent gamblers, journalists, analysts, coders, mathematicians. When the volume of bets rose, he recruited English-speaking Filipinos from the ranks of the city’s housekeepers to relay his bets to the Jockey Club’s Telebet phone lines, reading wagers at the rate of eight a minute.

A breakthrough came when Benter hit on the idea of incorporating a data set hiding in plain sight: the Jockey Club’s publicly available betting odds. Building his own set of odds from scratch had been profitable, but he found that using the public odds as a starting point and refining them with his proprietary algorithm was dramatically more profitable. He considered the move his single most important innovation, and in the 1990-91 season, he said, he won about $3 million.

The following year the Hong Kong Jockey Club phoned Benter at an office he’d established in Happy Valley. He winced, remembering the meaty hand of the Las Vegas pit boss on his shoulder. But instead of threatening him, a Jockey Club salesperson said, “You are one of our best customers. What can we do to help you?” The club wasn’t a casino trying to root out gamblers who regularly beat the house; its incentive was to maximize betting activity so more revenue was available for Hong Kong charities and the government. Benter asked if it was possible to place his bets electronically instead of over the phone. The Jockey Club agreed to install what he called the “Big CIT”—a customer input terminal. He ran a cable from his computers directly into the machine and increased his betting.

Benter had achieved something without known precedent: a kind of horse-racing hedge fund, and a quantitative one at that, using probabilistic modeling to beat the market and deliver returns to investors. Probably the only other one of its kind was Woods’s operation, and Benter had written its code base. Their returns kept growing. Woods made $10 million in the 1994-95 season and bought a Rolls-Royce that he never drove. Benter purchased a stake in a French vineyard. It was impossible to keep their success secret, and they both attracted employees and hangers-on, some of whom switched back and forth between the Benter and Woods teams. One was Bob Moore, a manic New Zealander whose passions were cocaine and video analysis. He’d watch footage of past races to identify horses that should have won but were bumped or blocked and prevented from doing so. It worked as a kind of bad-luck adjuster and made the algorithms more effective.

The computer-model crowd spent nights in a neighborhood called Wan Chai—a honey pot of gaudy bars and topless dancers that’s been described as “a wildly liberated Las Vegas.” Moore favored Ridgeway’s pool bar, where he’d start fights and boast about his gambling exploits. Woods didn’t drink much, but he enjoyed ecstasy, and he could be found most nights in Neptune II, a neon dungeon full of drunk businessmen and much younger women.

Benter was a more reserved presence. He could often be seen sitting at the end of a bar, engaged in quiet conversation. Over time an aura built up. To the small group of insiders who knew that software had conquered Happy Valley—perhaps a dozen people—Benter was the acknowledged master. Even Woods (in an interview he later gave to an Australian journalist) admitted that his rival’s model was the best. But the two men couldn’t resolve their differences. When Benter saw his old partner in Wan Chai, he would smile politely and walk away. They’d gone 10 years without speaking.

Throughout 1997 a shadow loomed over Hong Kong. After 156 years of colonial rule, the British were set to hand the territory back to China on July 1. There were news reports of Chinese troops massed at the border, and many islanders feared it would be the end of Hong Kong’s freewheeling capitalism. China tried to reassure residents that their most treasured customs would be protected. “Horse racing will continue, and the dancing parties will go on,” said Deng Xiaoping, the former Communist Party leader.

Benter faced an additional and more peculiar anxiety. A month before the handover, his team won a huge Triple Trio jackpot. They were in the middle of an epic winning season, up more than $50 million. The Jockey Club normally put Triple Trio winners in front of the TV cameras to show how, for example, a night watchman had changed his life with a single bet. This time, nobody wanted to tout that the winner was an American algorithm.

The club had come to see the syndicates’ success as a headache. There was no law against what they were doing, but in a parimutuel gambling system, every dollar they won was a dollar lost by someone else. If the everyday punters at Happy Valley and Sha Tin ever found out that foreign computer nerds were siphoning millions from the pools, they might stop playing entirely.

Benter had his Big CIT privileges revoked. On June 14 one of his phone operators called the Telebet line and was told, “Your account has been suspended.” Woods was also blocked. Club officials issued a statement saying they had acted to “protect the interests of the general betting public.” Benter flew back to Vegas, as he did every summer, to think about his next move. He reread the club’s statement. Phone betting was out—but nowhere did it say he was prohibited from betting altogether. He got an idea. As in his blackjack days, it would require a low profile.

One Friday evening that autumn, after the handover of the territory to China, Benter paid for a hotel room in Hong Kong’s bayside North Point district. He made sure to get a space on the ground floor for easy access. He had helpers haul in laptops, a 50-pound printer, and stacks of blank betting slips. On Saturday morning—race day—they checked the internet connection and put a “Do Not Disturb” sign on the door.

At 1:45 p.m., 15 minutes before the first race, the laptops received lines of bets from Benter’s Happy Valley office. The printer began to suck in blank tickets and churn them out with black marks in the relevant betting boxes.

Eight minutes to starting pistol. Benter grabbed a pile of 80-odd printed tickets and a club-issued credit voucher worth HK$1 million and bolted for the door. Across from the hotel was an off-track betting shop. It was loud and smoky inside, and he found an automated betting terminal free at one side of the room. Two minutes to go. He started feeding in tickets, one after another after another, until the screen flashed a message: “Betting closed.”

Benter hurried back to the hotel room to see which wagers had hit. At 2:15 p.m. the laptops downloaded the next package of bets from the office. Time to go again. Simultaneously, other teams hired by Benter were doing the same in different parts of Hong Kong.

Benter’s solution to the phone ban was time-consuming and required him to manage teams of runners, who risked being robbed. But it was almost as profitable as his old arrangement. The club continued to exchange his cash vouchers for checks, and no one came to shut him down. Woods kept betting in a slightly different manner, sending members of an extended roster of Philippine girlfriends directly to the racetrack with bags full of cash.

Publicity is a hex for professional gamblers. That fall an increasingly erratic Moore drew more attention to algorithmic betting, first by bragging to the local press—who nicknamed him the “God of Horses”—and then by fatally overdosing on sleeping pills.

Afterward, Hong Kong’s tax authority began to investigate the Woods syndicate. By law, gambling winnings were exempt from taxation, but company profits weren’t. The question was whether the syndicates had moved beyond conventional betting and started behaving like corporations. The implications would be dire if the Inland Revenue Department decided to tax profits retroactively. When agents asked Woods for a list of his investors, he fled to the Philippines.

Benter continued to operate his in-person betting scheme through the turn of the millennium, with his model expanding to track more than 120 factors per horse, but the logistics were proving a grind. He felt disconnected from his gambler friends in Wan Chai—a nocturnal clique of geeks and rogues. He had started mixing with a more professional crowd, adopting their dress code of smart suits and ties, and he’d taken a more active role in the local Rotary Club chapter. Benter embraced its motto of “Service Above Self,” giving millions of dollars anonymously and visiting impoverished schools in China and refugee camps in Pakistan. For the first time, he thought seriously about quitting and moving back to the U.S. If it all has to end, he thought, I’ve had an incredible run.

It was then, in November 2001, that he decided to have a final punt on the Triple Trio. Benter had avoided major prizes since 1997 for fear of angering the Jockey Club’s management, but this jackpot was too big to resist. Wagering on it was something of a lark, albeit an expensive one: He spent HK$1.6 million on the 51,000 combinations. If he won, he decided, he would leave the tickets unclaimed. Club policy in such cases directed the money to a charitable trust.

After Bobo Duck, Mascot Treasure, and Frat Rat romped across the finish line—and then days turned into weeks, with no one collecting the prize—Benter was unprepared for the level of mounting public interest. “The ghost of the unclaimed $118 million Triple Trio,” wrote the racing columnist for the South China Morning Post, “is still banging around like an unwanted poltergeist.” Outlandish theories spread across Hong Kong. One held that the winner had watched the final leg and died of shock.

Finally, Benter sent an anonymous letter to the Jockey Club’s directors explaining his intentions. But the organization never shared it with the public. (Club spokeswoman Samantha Sui told Bloomberg Businessweek, “We are not in a position to disclose or comment on matters related to specific customers due to privacy and confidentiality concerns.”) At the time, head of betting Henry Chan told the Morning Post that there was no way of knowing who the ticket holder was. “Although this is bad luck for one winner,” he said, “it means there will be a lot of winners through the charities.”

Later in 2001, without any warning, Jockey Club officials lifted the telephone betting ban. It was as if Benter’s gift had appeased the gambling gods. The club also bowed to public pressure and allowed customers to wager over the internet from their homes. Benter opted to move back to Pittsburgh, where he continued to bet. He didn’t want to spend his whole life in Hong Kong.

In Manila, Woods lived like a hermit, bingeing on drugs for days at a time, waited on by young women he hired to keep him company. He employed gamblers remotely in Australia and Hong Kong, but he was a difficult boss; he accused staff of stealing, and once he made everyone take IQ tests before telling them all how much smarter he was. Woods started calling himself Momu—short for “master of my universe.”

In December 2007 he sent a letter to Business Review Weekly, an Australian magazine, asking to be considered for its rich list. “I had planned to delay my hope for inclusion until I could make it into the top 10,” he wrote. “However, as of today, it does not appear I will live long enough.” Woods had been diagnosed with cancer. He came back to Happy Valley for treatment; the Hong Kong Sanatorium & Hospital was within sight of the racetrack. He spent his final days beating his friends at a Chinese card game known as chor dai di and died on Jan. 26, 2008, at 62.

Interviews with Woods’s friends, employees, and other sources indicate he had amassed a fortune of A$900 million (then about $800 million). Mike Smith, a former Hong Kong policeman who knew Woods, wrote about him in his book In the Shadow of the Noonday Gun: “He left a very simple will that pretty much summed up his lifestyle. Assets: A$939,172,372.51. Liabilities: A$15.93.”

Woods left the bulk of his estate to his two children in Australia and gave token sums to various ex-girlfriends, including a Filipina who said he’d fathered her child. A wake was held in a bar at the Happy Valley racetrack and attended by an eclectic crowd of gamblers and hustlers. To the last, Woods never believed that Benter had won the 2001 Triple Trio and given up the jackpot.

“Gambling,” Benter told me in his Pittsburgh office, “has always been the domain of wise guys from the wrong side of the track.” Perhaps more than anyone else, Benter has changed that perception—within the tiny population of people who gamble for a living, that is.

By the time he moved back to Pittsburgh, he’d inspired others in Hong Kong to form syndicates of their own. In response, the Jockey Club began publishing reams of technical data and analysis on its website to level the playing field. With a little effort, anyone could be a systematic gambler—or mimic one. The odds boards at Happy Valley and Sha Tin were color-coded to show big swings in the volume of wagers on a horse, specifically to reveal whom the syndicates were backing.

The robo-bettors’ numbers have continued to proliferate. After Woods’s death, his children maintained his Hong Kong operation, but other members of the team went into business for themselves. And Benter spread the secrets of his success in various ways: He gave math talks at universities, shared his theories with employees and consultants, and even published an academic paper laying out his system. The 1995 document—“Computer-Based Horse Race Handicapping and Wagering Systems: A Report”—became a manual for an entire generation of high-tech gamblers.

Today, online betting on sports of all kinds is a $60 billion industry, growing rapidly everywhere outside the U.S., where the practice is mostly banned. The Supreme Court, however, may lift federal restrictions this year, and if it does, American dollars will flood the market, increasing liquidity and the profits of computer teams. Big names from the world of finance have taken notice.

In 2016, Susquehanna International Group LLP, an American quantitative trading company, started an Ireland-based operation called Nellie Analytics Inc., targeting basketball, American football, soccer, and tennis. Phoenix, a proprietary sports-betting company with headquarters in Malta and data-mining operations in the Philippines, won a £9 million ($13 million) investment in 2010 from a unit of RIT Capital Partners Plc, the £3 billion trust chaired by Lord Jacob Rothschild of the global banking dynasty. (RIT sold its stake in 2016 to a private buyer, quadrupling its money.) What isn’t widely known is that Phoenix was founded by former employees of Woods, including his protégé Paul Longmuir.

Many of the biggest players in sports betting can trace a lineage directly to the Benter-Woods axis. For example, the Australian press has called Zeljko Ranogajec “the world’s biggest punter.” Today he runs a global algorithmic gambling empire, but he began his career in Las Vegas counting cards with Benter and Woods, then followed them to Hong Kong. During a rare interview in London, Ranogajec said, “A substantial portion of our success is attributable to the pioneering work done by Benter.”

Benter has few regrets. One relates to an attempt in the early 1990s to create a model for betting on baseball. He spent three summers developing the system and only broke even—for him, a stinging professional defeat. America’s pastime was just too unpredictable.

That failure, however, led to a second period of his career as lucrative as Hong Kong was. He worked with one of his baseball backers to start betting on U.S. horse racing. Parimutuel tracks are scattered around the country, and by the late 1990s it became easier to amass data on a lot of them. The U.S. business took off just as competition began eroding profits in Hong Kong. “There is a golden age for a particular market,” he said, fiddling with a stack of decommissioned casino chips. “When there aren’t many computer players, the guy with the best system can have a huge advantage.”

In 2010, Benter married Vivian Fung, whom he’d met at the Rotary Club in Hong Kong. The couple have a young son, and Benter seems in every sense a contented man. An active philanthropist, he donated $1 million to a Pittsburgh charter school program and $3 million to a polio immunization effort in Afghanistan, Pakistan, and parts of Africa. In 2007 he started the charitable Benter Foundation, which donates to health, education, and the arts. Many of the people he meets at fundraising galas and nights at the opera have no idea how he made his money.

And how much is that—exactly? During our interviews, it was the one topic that made him visibly uncomfortable. William Ziemba, a finance professor at the University of British Columbia who studied the Hong Kong syndicates, has said that a first-rate team could make $100 million in a good season. Edward Thorp (who’s still writing about gambling in his 80s) asserted in a 2017 book that Benter had a “billion-dollar worldwide business betting on horse races.” When pushed, Benter conceded that his operations have probably made close to a billion dollars overall, but that some of the money has gone to partners in Hong Kong and the U.S. “Unfortunately,” he said, “I’m not a billionaire.”

Thirty-two years after he first arrived in Hong Kong, Benter is still betting on horses at venues around the world. He can see the odds change in the seconds before a race as all the computer players place their bets at the same time, and he’s amazed he can still win. He continues tinkering with his model. The latest change: How much does moving to a new trainer improve a horse’s performance?

Benter also runs a medical transcription company, but it’s only modestly profitable. “I find the real business world to be a lot more difficult than horse racing,” he told me. “I’m kind of a one-trick pony.” —With Jonathan Browning and Giles Turner

In the heyday of American vaudeville—roughly 1880 to 1930—few shows were complete without an animal act or two.

Rats in little jockey costumes rode cats around racetracks. Elephants waltzed and danced the hula. Kangaroos boxed, sea lions juggled, monkeys pedaled bicycles and smoked cigarettes.

But no animal act seemed to get as much notice as Don the Talking Dog, a sensation from the moment he debuted in 1912. Variously described a German hunting dog, forest dog, setter, or pointer, the 8-year-old Don was acclaimed as “the canine phenomenon of the century.”

With a vocabulary that ultimately reached eight words—all in German—Don had garnered attention in the United States as early as 1910, with breathless newspaper reports from Europe. According to some accounts, his first word was haben(“have” in English), followed by “Don,” kuchen(“cake”), and hunger (same word in English and German).

Theoretically, this allowed him to form the useful sentence: Don hunger, have cake—although most accounts say he typically spoke just one word at a time, and only when prompted by questions. He later added ja and nein (“yes” and “no”), as well as ruhe (“quiet” or “rest”) and “Haberland” (the name of his owner).

Vaudeville was designed as family entertainment suitable for all ages. While less prestigious than “legitimate” theater (think Hamlet), it was a considerable step up from its competitor, burlesque, which tended to be more risqué (think scantily clad dancing girls.) It also catered to Americans of all socioeconomic groups, from the well-established middle class to freshly arrived immigrants—basically anybody with the 25 cents to $1.50 it cost to buy a ticket.

Though centered on Broadway and other prime locations around Manhattan, with lavish theaters that could seat several thousand patrons, vaudeville also flourished in cities large and small across the U.S. Performers would go on a “circuit” from city to city, often starting in New York, gradually making their way to the west coast, and then looping back again. Some acts would also travel to England, continental Europe, Australia and South Africa, where vaudeville (sometimes called “variety”) was popular, as well.

The vaudeville historian Trav S.D., author of No Applause—Just Throw Money, thinks the fact that Don “spoke” German may have been part of his appeal, given the large German immigrant population in New York City at the time. “I wouldn’t be shocked to hear that many German-Americans went out to see their canine countryman utter a few words of their native language out of sheer patriotism and nostalgia,” he told Smithsonian.com.

Don arrived in the U.S. in 1912 at the invitation of the vaudeville impresario and publicity genius William Hammerstein. Hammerstein had hyped Don’s pending visit by putting up a $50,000 bond (more than $1.25 million in today’s dollars) in case the dog died between London and New York; Lloyd’s of London had supposedly refused to insure him. “This makes Don the most valuable dog in the world,” the New York Times reported.

“Don will sail on the Kronprinz Wilhelm next Wednesday,” the Times noted. “A special cabin has been engaged in order to insure his safety.”

When Don’s ship docked, he was greeted like any other visiting celebrity, met by ship reporters hoping for some lively quotes. Unfortunately, as the New York Evening World’s reporter noted, Don was “too seasick on the way over to converse with anybody. As yet, therefore, his opinion of the New York skyline and other local sights is unknown.”

Don would stay in the States for the next two years, appearing first at Hammerstein’s prestigious Roof Garden theater on 42nd Street in New York City, where he performed on the same bill as escape artist Harry Houdini. He then toured the country, performing in Boston, San Francisco, and other cities.

Not every performer of Houdini’s caliber would share the bill with an animal act. Some considered it undignified. Others objected to the way the animals were sometimes treated, especially the often-cruel methods used to train them. Among the latter group were the legendary French actress Sarah Bernhardt, who appeared on the vaudeville stage late in her career, and the hugely popular but now largely forgotten American singer Elsie Janis. Janis once wrote that, “any man who earns his money by the hard, cruel work of dumb beasts should not be known.”

Don seems to have had it relatively easy, though. Wherever he appeared, his act consisted of answering a series of questions served up by his regular straight man and interpreter, a vaudeville veteran known as Loney Haskell. Haskell became so attached to Don, according to the famous New York celebrity columnist O.O. McIntyre, “that in one-night stands he slept in the dog’s kennel.”

Off stage, Don’s purported ability to talk was taken seriously even in academic circles. Lending some credence to the notion that a dog might actually converse, the inventor Alexander Graham Bell had once claimed that as a young man he taught his Skye terrier to say “How are you grandmamma?”

On a 1913 visit to San Francisco, Don and his handlers called on J. C. Merriam, a respected paleontologist at the University of California at Berkeley, who, if contemporary newspaper accounts are to be believed, was “astonished” and “declared his belief that the dog can reason and think for himself.”

Earlier, the respected journal Science had another explanation, based on statements by a University of Berlin professor who had also examined Don. His conclusion, the journal reported in May 1912, was that “the speech of Don is… to be regarded properly as the production of sounds which produce illusions in the hearer.”

In other words, Don’s audience was hearing what it wanted (and had paid) to hear—a genuine talking dog.

The trade paper Variety came to a similar verdict in several enthusiastic, if appropriately skeptical, reviews of the act. “The trained growls which emanate from his throat can readily be mistaken for words,” one reviewer concluded.

Despite his relatively limited vocabulary, Don also became a pioneering celebrity endorser, in his case for Milk-Bone dog biscuits. Referring to Don as “the most valuable money-making dog in the world,” newspaper ads claimed that the cash-cow canine “is fed only on Maltoid Milk-Bone—the Best Food for Your Dogs Too.”

After two years in the U.S., Don seems to have retired and returned to his homeland. Haskell calculated that their stage performances paid Don $92 per word, the equivalent of about $2,300 a word today. That meant his full eight-word performance would have returned the modern equivalent of $18,400—presumably enough to keep him in cakes and/or Milk-Bones for life. (And vaudeville acts typically performed multiple times a day.)

Don reportedly died at home, near Dresden, Germany, in late 1915, when he would have been about 12. His last words, if any, seem to have gone unrecorded.

There would be other “talking” dogs, including Rolf, a German-born terrier who supposedly communicated by a sort of Morse code of his own invention and also solved addition and subtraction problems (circa 1915), and Queen, “positively the only dog in the world that speaks the English language” (circa 1918). Singing dogs had their day, too.

The phenomenon would gradually die out as vaudeville yielded the stage to other forms of entertainment, especially motion pictures. Author Trav S.D., who pays attention to such matters, says he isn’t aware of any “talking” dog acts on the scene today. However, he notes, there are plenty of amateurs to be seen (and heard) on YouTube.

But no dog, however vocally gifted, is likely to capture the American public’s imagination quite like Don. A top dog, if there ever was one.

README.md

Lower power Kilopower systems, like the one kilowatt version, can power a basic toaster, while the largest version, a 10 kilowatt model, can do a bit more. Four or five of the latter could be used to power a habitat on Mars and importantly, they don't rely on the sun, meaning they can be used on planets with less sunlight than ours, in shadowed regions and during light-blocking dust storms. "Kilopower's compact size and robustness allows us to deliver multiple units on a single lander to the surface that provides tens of kilowatts of power," NASA Associate Administrator Steve Jurczyk said in January.

In March, the team behind Kilopower performed a 20-hour, full-power test of the system in Nevada with the goal of confirming predicted performance. The system used was designed to be as flight-ready as possible and the environment was constructed to mimic that of space -- measures taken in order to get as good of a look at how this system might perform in space as possible.

Throughout the test, Kilopower met or exceeded the researchers' expectations, producing more thermal power in its steady state condition than what was predicted and maintaining steady temperatures when faced with more extreme conditions. For example, cutting off the system's cooling or ramping it up to its maximum level both resulted in a core temperature change of just 15 degrees or less.

Dave Poston, chief reactor designer at Los Alamos National Laboratory, said that the significance of the tests was hard to overstate. The Kilopower system is the first new fission reactor concept to be developed in the US in over 40 years and the most recent test provided valuable data and effectively assessed its infrastructure. It also demonstrated that Kilopower's passive operations -- once it gets going, human input isn't needed to keep it running or to regulate it -- are reliable. Based on its testing performance, Kilopower is largely ready to use now for near-term space science and is closer to being available for long-term space exploration.

Going forward, the Kilopower team plan to conduct flight demonstrations, though there's no timeframe for that just yet. Over the next 18 months, they'll work to determine exactly what will be needed to design, build, certify and fly these reactors.

Image: NASA

Over the past few years, there has been a steady evolution in Rowhammer, the once largely theoretical attack that exploits physical defects in memory chips to tamper with the security of the devices they run on. On Thursday, researchers are unveiling the most practical demonstration yet of Rowhammer's power and reach: an exploit that remotely executes malicious code on Android phones by harnessing their graphical processors.

Dubbed GLitch, the exploit is the first to show that GPUs can flip individual bits stored in dynamic random-access memory. The advance gives attackers greater flexibility over previous techniques that relied solely on CPUs. It's also the first Rowhammer attack that uses standard JavaScript to compromise a smartphone, meaning it can be executed when users do nothing more than visit a malicious website. Another key innovation: on average, GLitch takes less than two minutes to compromise a device, a significant improvement over previous Rowhammer exploits.

GLitch gets its name and idiosyncratic capitalization because it uses the WebGL programming interface for rendering graphics to trigger a known glitch in DDR3 and DDR4 memory chips. The term Rowhammer was coined because the exploit class accesses—or "hammers"—specific memory blocks known as rows inside a chip thousands of times per second. Attackers use it to alter crucial pieces of data by changing zeros to ones and vice versa. The physical weakness is the result of ever smaller dimensions of the silicon. With less space between each DRAM cell, it becomes increasingly hard to prevent one cell from interacting electrically with its neighbors.

Like all of the Rowhammer attacks that have preceded it, the GLitch proof-of-concept exploit isn't mature enough to pose an immediate threat to most end users. Because of the significant amount of reverse engineering required and the advent of Rowhammer mitigations in some newer phones, the PoC currently works only on a Nexus 5 phone, which Google discontinued in 2015. With refinements, however, the novel attack vector could one day provide a more robust way to compromise a serious vulnerability in both computers and phones that can be mitigated but never actually patched.

"This is the first work I know of that can take advantage of both GPU and remote JavaScript execution to take over a remote machine by exploiting the Rowhammer failure mechanism," said Onur Mutlu, a researcher who cowrote the 2014 paper that introduced Rowhammer as a vulnerability.

He continued:

As a result, I think its implications are very significant—GPUs are employed in all interesting mobile systems, and if the DRAM is vulnerable to Rowhammer, one can exploit that GPU to take over the system. The fact that the attack is end-to-end and does not require the user to install a new app to be performed makes it even more significant since the barrier to attack is low. So, I think this paper presents a significant and very clever demonstration of how the Rowhammer vulnerability can lead to another attack.

A farewell to CPUs

The breakthrough of the GLitch research is its discovery of a new way to exploit the Rowhammer vulnerability. To hammer rows, exploits must repeatedly access specific chunks of data stored in DRAM in rapid succession. This hammering can be hampered by the data caches that sit between the CPUs and the main memory chips, because the caches store recently accessed data.

A 2015 exploit that used JavaScript to exploit Rowhammer on computers overcame this hurdle by using a technique called cache eviction to remove data from the caches. The process ensured that the targeted data was accessed in DRAM and not in the cache. In 2016, a different team of researchers devised a way to root Android phones by using a locally stored app, called Drammer, that exploited Rowhammer. But the team was unable to implement an eviction-based Rowhammer on the mobile OS. The eviction, the researchers concluded, appeared to be too slow to trigger bit flips on Android phones.

The GPUs integrated into most smartphones, by contrast, usually employ smaller caches. What's more, the GLitch researchers found, mobile GPU caches have deterministic behaviors that contrast sharply with the random policies implemented in mobile CPUs. These GPU features make cache eviction efficient and fast enough to trigger bit flips in entire classes of devices once considered off limits.

In a research paper titled Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU, the researchers wrote:

Unlike CPU caches that are large and optimize for a general-purpose workload by implementing either random or nondeterministic replacement policies, we show that GPU caches are small and follow a deterministic replacement policy. This allows an attacker to reason about cache hits or misses with great precision, paving the way for fast and reliable side-channel attacks with little noise.

Rowhammer attacks rely on side channels to map out large chunks of memory stored inside vulnerable chips. To surgically hammer the rows storing targeted bits, Rowhammer attacks carefully measure the time certain DRAM access take. The timing side channels allow the attacks to deduce information about the bits' location in the module. The speed and clarity of GPU-based side channels are key to the success of GLitch.

Pwning Firefox

The researchers gleaned GPUs' superior Rowhammer capabilities using a novel technique to reverse engineer the Snapdragon 800/801 system on a chip, which integrates a CPU and GPU onto the same piece of silicon. The researchers then used the insights to develop an exploit for the Nexus 5, which uses the Snapdragon SoC. The researchers said their exploit works on other mobile devices that use the same Snapdragon SoC. They also believe other SoC models can be exploited by subjecting them to the same intensive reverse engineering.

When the researchers' PoC JavaScript is remotely loaded into Firefox running on a Nexus 5, it executes code of the attacker's choice. Currently, the code runs with the same system restrictions as Firefox, meaning it could be used to steal any passwords, browsing histories, or other data belong to the browser, but not root the phone or access data belonging to most other apps. By chaining GLitch to Drammer or a newly developed privilege-escalation exploit, however, those restrictions could probably be overcome, a prospect that would make remote rooting feasible.

Pietro Frigo, one of the four researchers in Vrije University Amsterdam Systems and Network Security Group who authored the paper, told Ars that most of the GLitch research was done using the Chrome browser, which is much more popular on Android than Firefox.

"If you're wondering if we can trigger bit flips on Chrome, the answer is yes, we can," Frigo wrote in an email. Eventually, he and his fellow researchers switched to Firefox when developing the exploit.

"The reason we attacked Firefox is we already had some prior knowledge about its internals and there was more documentation around, so it was easier for us to build a full exploit there," Frigo explained. "On different browsers, you would have different techniques to build the exploit which would make it faster/slower more/less practical. But, theoretically, you could exploit any target."

Both Chrome and Firefox are in the process of being updated to shut down some of the functions that make GPU-based Rowhammer exploits possible. Both Chrome version 65 and Firefox version 59, which were released in March, disabled a WebGL extension called EXT_DISJOIN_TIMER_QUERY, which gave attackers a key tool for building a GPU-based side channel. Both updates also partially redesigned some WebGL functions to make it harder for attackers to build custom timers used in side-channel attacks.

Despite the mitigations put into Firefox 59, however, Frigo said the update has failed to stop his proof-of-concept exploit from working in version 59.0.2. He did say the changes make GLitch less reliable because the exploit now must guess if the targeted memory is contiguous or not.

In a statement, Google officials wrote:

We have worked with the team from Vrije Universiteit for months, and while this vulnerability isn’t a practical concern for the overwhelming majority of users, we appreciate any effort to protect them and advance the field of security research, overall. We are not aware of an exploit, but the researchers' proof-of-concept does show that WWeb browsers can be a vector for this Rowhammer-style attack. We mitigated this remote vector in Chrome on March 13, and we are working with other browsers so they can implement similar protections.

Mozilla officials issued the following statement:

The Dutch National Cybersecurity Center did alert us to this issue. Like Chrome m65, Firefox also disabled EXT_DISJOINT_TIMER_QUERY in our March release of Firefox 59. We worked with the Chrome team to change the WebGL specification to make it harder for attackers to construct custom timers. These changes will be released with Firefox 60 on May 9. We will continue to monitor for any updates from hardware manufacturers to address the underlying issue and make changes accordingly.

Google researchers, speaking on the condition they not be named or quoted, also said that many Android phones ship with DDR chips that contain mitigations designed to prevent bits from flipping. One mitigation known as target row refresh recharges memory rows that show signs of being abused. Another, known as error correcting code, is designed to monitor chips for signs of bit flips and, when detected, quickly correct them. It's not clear what Android models have one or both of these protections deployed, but it's known that the Nexus 5 exploited by GLitch doesn't implement either one.

Frigo said his teammates haven't yet studied the mitigations, but he expects they would make Rowhammer attacks much harder. Still, he said his team has proof of bit flips produced on a Google Pixel phone, which may include some of the mitigations (the flips weren't the result of GLitch). The researcher also said the mitigations aren't likely to be included in lower-end phones.

The upshot

For the time being, GLitch, as with most other Rowhammer exploits, poses little immediate threat to most phone and computer users. Compared with more mundane attacks that use malicious spam or compromised websites to spread malware, Rowhammer exploits are extremely expensive to develop and unreliable to use. With the exception of the most high-value marks targeted in exotic nation-sponsored hacks, there's little chance of GLitch exploits being used in the wild.

At the same time, the GLitch research is immensely important because it demonstrates a never-before-seen vector for exploiting a hardware weakness that can never be patched. Not only is the GPU method almost completely overlooked, it's also more effective than better-known methods that use CPUs.

Most important of all, GLitch illuminates the previously unknown susceptibility of smartphones and potentially other types of devices used by billions of people around the world. And for these reasons, Thursday's paper and accompanying web page should be required reading for anyone who develops hardware or software, particularly those who dismiss it as too esoteric an issue to warrant serious concern.

"Rowhammer in many ways has been ignored by vendors hiding behind [the claim] that it's difficult and usually requires local execution or deduplication which has been removed from Windows by now," said Anders Fogh, a principal security researcher with GDATA Advanced Analytics who spoke about Rowhammer at the 2015 Black Hat security conference. "This [research] should put some much needed focus on the fact that what is often seen only as a reliability issue is often a severe security issue."

Identity isn't hard when you don't always use it. For example, here in the natural world we are anonymous—literally, nameless—in most of our public life, and this is a handy thing. Think about it: none of us walks down the street wearing a name badge, and it would be strange to do so. A feature of civilization is not needing to know everyone's name, or details about their lives, and to give others information about ourselves on a need-to-know basis.

To be anonymous, however, does not mean to lack distinction. In fact to be human is to be distinctive: designed by nature to look and sound different than other people, so we can tell each other apart. We also add to our distinctions through clothing, jewelry, haircuts, mannerisms and body art. Our souls are also profoundly original in ways that transcend our genetic portfolio. For example, television star Laverne Cox has an identical twin brother. So does transgender activist Nicole Maines. Being distinctive helps relieve us of the need to disclose our names all the time, because in most cases all we need is to be recognizable, or familiar, not identified by name. This too is a grace of civilization.

Our identities are also profoundly personal, and often complex. We start with the names given to us by our parents or our tribe. After that we add abbreviations and nickames, which have conditional uses and conventions. For example, my father was named Allen, but most people called him Al. He and my mother, who was named Eleanor and sometimes went by El, named me David Allen. Mostly they called me Dave. My son Peter's middle name is also Allen, and that's the name he mostly goes by, while family members call him Pete. When I worked in radio, somebody called my on-air persona "Doctor Dave." Then, after I started a business with a one of my listeners whose name was also David (and who didn't like being called Dave), he and our co-workers called me Doc to avoid confusion. As my social network expanded through our growing business, the nickname stuck, and I've been mostly called Doc ever since. (By the way, years after we went into business, I found out David's first name was Paul. David was his middle name. Nobody, even in his family, called him Paul.)

Everything I just described falls under the heading Devon Loffreto was the first to call self-sovereign identity: the kind fundamentally under the control of a single (or sovereign) individual. All the systems by which organizations give us identifiers he calls administrative.

From their start, administrative identity systems have had a hard time coping with the simple fact that identifiers are optional among human beings having human interactions in the natural world, that our default state within those interactions is to be anonymous yet distinctive—and that we especially value anonymity. Proof of how much we value anonymity is the exception to it we call celebrity. Ask any famous person about the cost of their fame and they'll tell you it's anonymity. The bargain is Faustian: while there are many benefits to celebrity, it is also a curse to be recognized by everyone everywhere, and known by name.

The world's administrative systems have little use for anonymity. After all, they require identifiers for people, so they can know who they are serving, arresting, or sending messages. Knowing people by name has many advantages for administrative systems, but also presents problems in the networked world for both those systems and human beings. Requiring "an ID" for every person puts operational and cognitive overhead on both sides. In the natural world, a boundless variety of business interactions only require that the business know who they encounter is human, trustworthy, and worth the time and effort.

In the networked world, however, we are still stuck with systems comprised of “identity providers” and “relying parties” that reduce individuals to mere “users” burdened with logins and passwords—or convenienced by the Faustian bargain of "federated" identities that let them login with Facebook, Linkedin or Twitter. In these systems, who we are as individuals is secondary to the needs of identity providers and relying parties and the transactions their systems perform, most of which eliminate anonymity. This is dehumanizing. Even the GDPR, which was created to cause respect for personal privacy, and to protect it, reduces us in compliance considerations to mere “data subjects”: a label that is barely less demeaning than “user” and “consumer.”

While these systems are digital, their legacy designs are industrial: top-down and one-to-many. They also grew into their current forms within the architecture of the client-server Web, rather than atop the peer-to-peer (aka end-to-end) Internet beneath the Web (and everything else). This made sense in the early days of dial-up and asymmetrical provisioning of bandwidth, but is a stale legacy in a time when everyone has ample bandwidth in both directions, most commonly on a mobile device that works as an extension of one's body and mind.

In today's networked world, we need approaches to identity that start with human agency, and are modeled on the way each of us operates in the natural world. We should be able to disclose and express our distinctions, choices, requirements and existing relationships with ease—and with anonymity as the defaulted social state until we decide otherwise.

These are the base requirements addressed by many of today's pioneering self-sovereign identity systems and approaches. Here's the key thing to bear in mind: while self-sovereign identity needs to work with existing administrative identity systems, self-sovereign identity cannot be fully understood or explained in terms of those systems—any more than personal computing can be explained in terms of a mainframe, or the distributed Internet can be explained in terms of a centralized LAN.
When each of us has full control of our naturally self-sovereign identity in the networked world, there is no limit to what we can do—while the limits of administrative systems are painfully apparent. (Example: logins and passwords, which everyone hates.)

This doesn't mean, by the way, that we should throw out the great work that has been done with administrative systems, especially those that have obeyed Kim Cameron's Seven Laws of Identity, which he first wrote in 2004. Here they are:

1.    User control and consent
2.    Minimum disclosure for a constrained use
3.    Justifiable parties
4.    Directed identity
5.    Pluralism of operators and technologies
6.    Human integration
7.    Persistent experience across contexts

Today those laws apply to both self-sovereign and administrative identity, and remain an especially helpful guide if we change the first word in that list from “User” to “Personal.”
The time has come to humanize identity in the networked world by making it as personal as it has been all along in the natural one. We can also make progress a lot faster if veterans of administrative systems try to understand self-sovereign approaches from the perspective of how they, as naturally sovereign human beings, choose to be known.

Introduction

Goal

Goal choice

Game choice

The base game is not all that important, since the main point of this run is to showcase ACE. I chose Pokémon Yellow, because it has a very fast ACE setup, and it is has GBC capabilites, but any other game with an ACE exploit would work just fine.

Emulator choice

ACE setup

  e2             ld [$ff00+c], a  // enable joypad read at all
  18 07          jr .start        // jump over unfinished parts of the code
  .loop
  f2             ld a, [$ff00+c]  // read half-byte (nibble) input.
  cb 37          swap a           // swap upper and lower nibble.
  57             ld d, a          // store in register d temporarily
  f2             ld a, [$ff00+c]  // read another nibble
  aa             xor d            // combine the nibbles
  22             ld [hli], a      // write result in memory
  .start
  ab             xor e            // xor with e = $5d
  20 f6 (7d ab)  jr nz, .loop     // loop if result not zero

  cd 96 1e   call $1e96      // call GBFadeOutToWhite, fades screen to white
  f3         di              // disable all interrupts
  e2         ld [$ff00+c], a // re-enable joypad reads
  e0 40      ld [rLCDC], a   // Disable LCD
  3c         inc a
  e0 4d      ld [rKEY1], a
  10 00      stop            // Enable double-speed mode
  21 00 c0   ld hl, $c000    // Write payload to $c000, similar to second stage
             .loop
  f2         ld a, [$ff00+c]
  cb 37      swap a
  57         ld d, a
  f2         ld a, [$ff00+c]
  aa         xor d
  22         ld [hli], a
  ab         xor e
  20 f6      jr nz, .loop
  c3 00 c0   jp $c000        // Jump to written code

The Payload

  WriteHByteDirect:: ; 88 cycles, 4 inputs at cycles (12,28,40,56), output at cycle 64
    ld hl, $ff00    ; 12
    ld a, [hl]      ; 8
    swap a          ; 8
    xor [hl]        ; 8
    ld c, a         ; 4
    ld a, [hl]      ; 8
    swap a          ; 8
    xor [hl]        ; 8
    ld [$ff00+c], a ; 8
    ret             ; 16

Storyboard

Source code

Conclusion

Judgement

README.md

In November 2013, the first commercially available helium-filled hard drive was introduced by HGST, a Western Digital subsidiary. The 6 TB drive was not only unique in being helium-filled, it was for the moment, the highest capacity hard drive available. Fast forward a little over 4 years later and 12 TB helium-filled drives are readily available, 14 TB drives can be found, and 16 TB helium-filled drives are arriving soon.

Backblaze has been purchasing and deploying helium-filled hard drives over the past year and we thought it was time to start looking at their failure rates compared to traditional air-filled drives. This post will provide an overview, then we’ll continue the comparison on a regular basis over the coming months.

The Promise and Challenge of Helium Filled Drives

We all know that helium is lighter than air — that’s why helium-filled balloons float. Inside of an air-filled hard drive there are rapidly spinning disk platters that rotate at a given speed, 7200 rpm for example. The air inside adds an appreciable amount of drag on the platters that in turn requires an appreciable amount of additional energy to spin the platters. Replacing the air inside of a hard drive with helium reduces the amount of drag, thereby reducing the amount of energy needed to spin the platters, typically by 20%.

We also know that after a few days, a helium-filled balloon sinks to the ground. This was one of the key challenges in using helium inside of a hard drive: helium escapes from most containers, even if they are well sealed. It took years for hard drive manufacturers to create containers that could contain helium while still functioning as a hard drive. This container innovation allows helium-filled drives to function at spec over the course of their lifetime.

Checking for Leaks

Three years ago, we identified SMART 22 as the attribute assigned to recording the status of helium inside of a hard drive. We have both HGST and Seagate helium-filled hard drives, but only the HGST drives currently report the SMART 22 attribute. It appears the normalized and raw values for SMART 22 currently report the same value, which starts at 100 and goes down.

To date only one HGST drive has reported a value of less than 100, with multiple readings between 94 and 99. That drive continues to perform fine, with no other errors or any correlating changes in temperature, so we are not sure whether the change in value is trying to tell us something or if it is just a wonky sensor.

Helium versus Air-Filled Hard Drives

There are several different ways to compare these two types of drives. Below we decided to use just our 8, 10, and 12 TB drives in the comparison. We did this since we have helium-filled drives in those sizes. We left out of the comparison all of the drives that are 6 TB and smaller as none of the drive models we use are helium-filled. We are open to trying different comparisons. This just seemed to be the best place to start.

The most obvious observation is that there seems to be little difference in the Annualized Failure Rate (AFR) based on whether they contain helium or air. One conclusion, given this evidence, is that helium doesn’t affect the AFR of hard drives versus air-filled drives. My prediction is that the helium drives will eventually prove to have a lower AFR. Why? Drive Days.

Let’s go back in time to Q1 2017 when the air-filled drives listed in the table above had a similar number of Drive Days to the current number of Drive Days for the helium drives. We find that the failure rate for the air-filled drives at the time (Q1 2017) was 1.61%. In other words, when the drives were in use a similar number of hours, the helium drives had a failure rate of 1.06% while the failure rate of the air-filled drives was 1.61%.

Helium or Air?

My hypothesis is that after normalizing the data so that the helium and air-filled drives have the same (or similar) usage (Drive Days), the helium-filled drives we use will continue to have a lower Annualized Failure Rate versus the air-filled drives we use. I expect this trend to continue for the next year at least. What side do you come down on? Will the Annualized Failure Rate for helium-filled drives be better than air-filled drives or vice-versa? Or do you think the two technologies will be eventually produce the same AFR over time? Pick a side and we’ll document the results over the next year and see where the data takes us.

Asylo is an open-source framework and SDK for developing applications that run in trusted execution environments (TEEs). TEEs help defend against attacks targeting underlying layers of the stack, including the operating system, hypervisor, drivers, and firmware, by providing specialized execution environments known as “enclaves”. TEEs can also help mitigate the risk of being compromised by a malicious insider or an unauthorized third-party. Asylo includes features and services for encrypting sensitive communications and verifying the integrity of code running in enclaves, which help protect data and applications.

Previously, developing and running applications in a TEE required specialized knowledge and tools. In addition, implementations have been tied to specific hardware environments. Asylo makes TEEs much more broadly accessible to the developer community, across a range of hardware—both on-premises and in the cloud.

“With the Asylo toolset, Gemalto sees accelerated use of secure enclaves for high security assurance applications in cloud and container environments. Asylo makes it easy to attach container-based applications to securely isolate computations. Combining this with Gemalto’s SafeNet Data Protection On Demand paves the way to build trust across various industry applications, including; 5G, Virtual Network Functions (VNFs), Blockchain, payments, voting systems, secure analytics and others that require secure application secrets. Using Asylo, we envision our customers gaining deployment flexibility across multiple cloud environments and the assurance of meeting strict regulatory requirements for data protection and encryption key ownership.”
— Todd Moore, Senior Vice President of Data Protection at Gemalto

Asylo offers unique benefits over alternative approaches to confidential computing:

• Ease of use. With Asylo, it’s easy to create apps that take advantage of the security properties of TEEs. You won’t need to learn a completely new programming model, or rewrite your app.
• Portability and deployment flexibility. Asylo applications do not need to be aware of the intricacies of specific TEE implementations; you can port your apps across different enclave backends with no code changes. Your apps can run on your laptop, a workstation under your desk, a virtual machine in an on-premises server, or an instance in the cloud. We are exploring future backends based on AMD Secure Encryption Virtualization (SEV) technology, Intel® Software Guard Extensions (Intel® SGX), and other industry-leading hardware technologies that could support the same rebuild-and-run portability.
• Open source. As an open-source framework, everyone can take advantage of confidential computing technology. Keep on the lookout for Asylo’s rapidly-evolving capabilities!

The Asylo roadmap

We look forward to seeing how you use, build on, and extend Asylo. Your input and contributions will be critical to the success of the project and ensure Asylo grows to support your needs.

Getting started with Asylo

Check out our quick-start guide, read the documentation, and join our mailing list to take part in the discussion. We look forward to hearing from you on GitHub!

If you’re wondering when you can start eating all the romaine lettuce again without fear, the answer is: hang tight.

Officials at the Centers for Disease Control and Prevention, along with the Food and Drug Administration, are still searching for the source of E. coli-contaminated romaine lettuce, in what has become the largest multistate outbreak since 2006. As of May 1, 121 people in 25 states have fallen ill, including one person who died in California. Of these cases, 40 percent have been hospitalized.

“Do not eat or buy romaine lettuce unless you can confirm it is not from the Yuma, Arizona, growing region,” the CDC warned. Restaurants and retailers are also advised to avoid romaine if they can’t confirm its origin. And that includes all types — from heads and hearts of romaine to chopped romaine and romaine in salad mixes.

CDC

But in reality, we should probably be a little wary of lettuce all the time — not just when there’s a big E. coli outbreak. As sales of precut and bagged greens have boomed, one thing is becoming increasingly clear: They’re now one of the most common sources of food poisoning in the US.

One in six Americans get sick from food — many of them from salads

Some 48 million people (one in six Americans) get sick from the food every year. Of those, about 128,000 wind up in hospitals and 3,000 die. And the foods most frequently implicated here are probably not what you think.

According to a 2015 estimate from the CDC, nearly half of all food-borne illnesses are caused by produce. Meanwhile, dairy and eggs cause 20 percent, meat and poultry are the culprits in only 22 percent of cases, and fish and shellfish just 6 percent.

Vox

A 2013 analysis by CDC of food poisoning cases between 1998 and 2008 found that leafy vegetables — salads and the like — caused almost a quarter of all food poisonings. That was more than any other food product,including dairy and poultry.Leafy vegetables were also the second most common cause of food poisoning-related hospitalizations.

“Back in the ’90s and early 2000s, E. coli cases linked to hamburgers represented almost all that I did,” said Bill Marler, one of America’s leading food safety attorneys. “Now it’s none of what I do. Now it’s just salads, raw vegetables.”

Michele Jay-Russell, a food safety researcher at the University of California Davis who has investigated salad-related poisoning outbreaks in the past, said the raw vegetables that are the most common culprits are basically all salad greens, but especially the chopped and bagged kind. “We really haven’t seen kale and some of the other greens [with contamination] problems, at least not yet. And romaine is one of the most common lettuce products that are used in salads.”

Why fresh produce is now a major source of food poisoning

Getty Images/Passage

So more people are now sickened byleafy greens than by their hamburgers or sushi. And there are a number of different drivers of this trend.

People are simply eating more fresh produce these days than they did just a few years ago. This means there’s more risk of exposure to pathogens that may be hanging out in fruits and veggies. (In a Washington Post’s story about the E. coli outbreak, one of the people who fell sick from the contaminated lettuce was a 16-year-old from Wilton, California, who had been eating salads every day in a bid to be healthier.)

And we tend to eat most produce raw. That means “there’s no kill step for the consumer to cook off the bacteria that might be lurking in our food,” said Jay-Russell.

There are many different strains of E. coli, and most of them live in our guts and don’t cause any harm. But the strain that’s led to the outbreak now — E. coliO157 — produces toxins that are dangerous for humans, and it’s a particularly virulent strain (which CDC officials say explains the high rate of hospitalizations in this outbreak). The bacteria are typically transmitted from animals to humans through animal excrement that has contaminated food or water. The symptoms of infection include cramping, vomiting, diarrhea, and, rarely, kidney failure and death.

While there are extensive procedures to prevent this kind of food poisoning from happening, and regulations on farms have gotten stricter, some contamination can still slip through.

Some of the processes farms have in place to clean salads actually trap bacteria in the plants, making them impossible to wash away. “During harvest, workers core lettuce in the field, often with a knife soiled by pathogen-laden dirt,” explained Modern Farmer in an article about why lettuce keeps sickening people. “The plant then produces a milky latex that essentially traps any present pathogens in the plant.”

But contamination can happen “all along the spectrum of growing plants,” Jay-Russell added. “There can be animal intrusions or inputs like contaminated water sources that bring the bacteria into the field.”

There are also types of bacteria that you simply can’t wash off, or the contamination happens in places you typically don’t splash with water, like inside the core of a lettuce head. That can make it pretty hard to prevent food poisoning, even with the triple washing most bagged lettuces go through.

Our love of convenient, prepackaged salads amplifies the risk

Marler also blames Americans’ love of convenience for the problem. “Mass-produced chopped, bagged lettuce that gets shipped around the US amplifies the risk of poisoning,” he said.

Instead of shipping heads of lettuce or large carrot sticks that people wash, we chop them and mix them up in processing, then package them in plastic bags. In that process, Marler said, “The bacteria has a chance to grow. And a lot of people get sick.”

This prepackaging makes it harder to find the cause of a food poisoning outbreak. Different lettuces grown at different farms get mixed into bags that are distributed at supermarkets and restaurants all over the country, so food safety officials need to search for the common link among suppliers.

“When it gets processed, you might have four to five farms supplying the processor on any day. So was it farmer one, two, three, or four that was contaminated?” Marler asked. It also means that when something goes awry in a batch, it can cause a very widespread problem — like the one we’re seeing now.

“In a perfect world, nobody would mix and match lettuce so this problem wouldn’t happen,” he said. “I think the [question] is: Is the convenience worth the risk?”

BBC R&D - Cloud-Fit Production

BBC R&D - Beyond Streams and Files - Storing Frames in the Cloud

One aspect of our work has covered the challenges of using software to transmit and receive streams of high data rate media over IP networks. This is all the more relevant as the broadcast industry starts to deploy facilities which implement the SMPTE 2110 suite of standards. The unique challenge here involves handling IP packets (around 1500 bytes each) at data rates of between 1 and 8 Gigabits per second for typical uncompressed High Definition and Ultra High Definition formats. As we discovered, one of the greatest bottlenecks when handling this volume of data in software is the computational expense of copying these packets between different areas of memory, something which has to happen multiple times when using the Linux kernel's standard sockets library. Back in 2015 we discussed our use of the open source project Netmap on 25 and 100Gb/s IP networks, which is one of several possible tools which allow the transmission and reception of much higher data rates by using 'kernel bypass' techniques. As the name suggests, this mechanism bypasses the operating system's default path for processing packets, providing a more direct route between applications and the network hardware.

Whilst Netmap helps us to reduce the number of copy operations required, we can further enhance performance by interacting directly with the network interface card (NIC) hardware, allowing multiple packets to be passed to the NIC at one time. This could be achieved by interacting directly with any vendor's NIC driver from our applications, but given a desire to prototype with a range of network cards we didn't want to have to write code to interact with each vendor's driver directly. Thankfully, Netmap provides an abstraction layer to enable this. The Netmap codebase includes patches for several vendors' drivers which allow an application to interact with Netmap's API, but under the hood directly pass data to and from the NIC hardware.

At the time we started this work we used 10Gb/s NICs which Netmap already had good support for, however given our desire to work with multiple HD or UHD streams we rapidly outgrew the capacity of a single 10Gb/s link. With the advent of 25 and 100Gb/s networking we wanted to see what performance we could achieve on those cards too.

With very few 25 and 100Gb/s network cards available at the time we opted to prototype with the Mellanox ConnectX-4 range. One of the major advantages to this was the availability of an open source network driver, which is bundled as part of the Linux kernel. This permissive open source license allowed us to patch the driver source directly. Through the development of a patched driver for Netmap we were able to send and receive data rates exceeding 80Gb/s using a single thread.

As our work moves on to other challenges and opportunities afforded by IP production we wanted to make the results of our efforts available to the wider community, enhancing Netmap's capabilities to operate with a greater range of manufacturers' network cards, and allowing implementers a straightforward path to implement high data rate networking in software without being locked to a single hardware vendor.

These patches are now available from the Netmap software repository on GitHub, and we're hoping to release further software and patches in the future covering other IP broadcasting requirements.

Thank you to Mellanox for their support throughout this project, and to the Netmap project for their support in integrating the patches.

Tweet This - Share on Facebook

BBC R&D - Cloud-Fit Production

BBC R&D - Beyond Streams and Files - Storing Frames in the Cloud

BBC R&D - IP Studio: Lightweight Live

BBC R&D - IP Studio Update: Partners and Video Production in the Cloud

BBC R&D - Object-Based Media

BBC R&D - Our Vision of the Future

BBC R&D - Nearly Live Production

BBC R&D - Building a Live Television Video Mixing Application for the Browser

The original Wolf of Wall Street, Jordan Belfort, was a rogue trader convicted of fraudulently selling worthless penny stocks to naive investors. His biopic, starring Leonardo DiCaprio as the ostentatious, money-obsessed huckster, was a box-office hit in 2013. Although it may have been intended as a cautionary tale, to thousands of young millennials from humble backgrounds, Belfort’s story became a blueprint for how to escape an unremarkable life on low pay.

Within months of the Wolf of Wall Street’s UK premiere in January 2014, a stocky 21-year-old named Elijah Oyefeso from a south London housing estate, began broadcasting on social media how much money he was making as a stock-market whizzkid. His thousands of young followers were desperate to do the same. As Oyefeso’s online fame grew, he caught the attention of TV producers. In January 2016, Oyefeso was featured in the Channel 4 show Rich Kids Go Shopping, in which he bought expensive jumpers to give to homeless people and showed viewers how easy it was to make stock trades online.

Even before Oyefeso’s appearance on mainstream TV, his story had already gone viral. British tabloids, including the Daily Mail, the Evening Standard and the Mirror, as well as a host of online magazines targeted at young men, all ran pieces about his success. The Mail headline described him as a university dropout who supposedly used his student loan to start trading financial products online and “now claims he earns £30,000 on a BAD month – by working just ONE HOUR a day”.

It’s an image of self-made wealth and ridiculous luxury, and one that Oyefeso has intensively cultivated online. The videos on his almost comedic YouTube channel, which have hundreds of thousands of views, feature him buying £250,000 cars and boarding private jets as nonchalantly as others his age might hail an Uber. His Instagram, which regularly shows him posing next to a blue and silver Rolls-Royce, describes him as the founder of DCT, his trading firm. DCT stands for “Dreams Come True”.

“I’m never going to work for someone,” Oyefeso says in one of his videos, in a somewhat cartoonish, nasal voice, while he drives his Rolls dressed in a bathrobe. “Look what I’ve built: a foundation. A brand.”

For many young people from areas such as the poorer part of Camberwell in south London where Oyefeso grew up, or those who have come across him on social media, Oyefeso’s portrayal as a self-made millionaire has given him the heroic status of a footballer or rapper.

“I’m just a normal guy and most people who come from where I’m from, they see if I can do it, they can do it,” Oyefeso told me. He has described DCT Trading as a future Goldman Sachs or JP Morgan – except, unlike those mammoth financial institutions, which tend to recruit from a narrow pool of elite graduates from prestigious universities, Oyefeso appeared to be opening a closed door to young people who might otherwise be excluded from the trading floor.

Oyefeso has sent out thousands of invitations with the message “join my team”. The problem is, his company does not have a trading floor. It does not have an office. Dreams Come True isn’t registered at Companies House. It does not exist as anything more than a website and some social media accounts. (Oyefeso claims the parent company, Gabs Fossard Ltd, is registered, although it was dissolved without posting any income.)

Although there has been intense activity on Oyefeso’s public social media pages since September, for some of this time the south Londoner was in jail, after ploughing his car into a friend to whom he owed money, a claim he disputes. In the course of his trial last autumn for dangerous driving and possession of a weapon, the judge remarked: “[you] portrayed yourself as a very successful trader within the financial market. Clearly this is not the case.” His own lawyer told the court that Oyefeso “makes a number of claims about his wealth but I have seen no evidence of this … clearly if he had this money he could have written a cheque to the victim.” He was released last month after, he claims, a successful appeal.

Oyefeso is one of the most high-profile figures of an internet subculture that reveres Jordan Belfort and has taken his Wolf of Wall Street persona to social media. Posing as ultra-wealthy kids and posting internet memes taken from the movie, its followers aggressively sign up young people to what looks like an international pyramid scheme that has helped to generate billions of pounds for large companies selling highly risky financial trading products.

They are the wolves of Instagram.

The financial sector has a genius for creating new products that brush against the law. A former UBS trader told me that the sector had taken advantage of the grey area between what they know they can’t do and what they believe they can get away with. In 2008, as the economy reeled under the weight of trillions of dollars of bad debt in financial products called collateralised debt obligations, another risky and obscure proposition was being designed for the public: the binary option.

The concept is simple: you sign up with a minimum deposit of £250 from a debit or credit card, click a button that says you are over 18, then bet on whether the price of a stock, currency or other financial security will go up or down and by how much. The binary option is part of a family of similar financial products such as spread betting and contracts for difference. If you have ever heard a rookie investor declare that they trade currency, these are probably what they are talking about.

These products became popular alongside a proliferation of online trading software and mobile betting platforms. The craze was largely driven by two countries – Israel and Cyprus – in the late 2000s. Their regulatory frameworks meant that firms could access European markets without the heavy hand of European regulators, and new binary options companies spread like chain letters. After the financial crash, in Israel alone an estimated 100 firms popped up in the space of a few years.

Over the past 18 months, these financial products have taken great leaps into public life with expensive marketing campaigns. Plus500, which is to online trading what McDonald’s is to fast food, is the main sponsor of European football giant Atlético Madrid, and 24Option have sponsored the renowned MMA fighter Conor McGregor and Italian football team Juventus.

Some companies, such as Plus500 and 24Option, are legitimate, but others are borderline fraudulent. The Financial Conduct Authority revealed in 2016 that 82% of all trades using some of these products are lost, and the average trader loses £2,200 a year. Unlike the mortgaged-backed securities that tanked the market in 2008, these products are not primarily offered or owned by the world’s big banks – they target novices looking for quick money.

Binary options are considered so volatile that they have been banned outright in the US. However, in the UK, which has some of the most liberal financial regulations in the world, they were until January of this year classified as high-risk gambling products and regulated by the Gambling Commission. Since then, they have been under the auspices of the FCA, which published a list of unauthorised firms and guidelines for aspiring traders.

The mystery is how such complex products became an internet youth craze. And this is where the wolves of Instagram swagger in. Oyefeso described himself as a social media “influencer”, which means he and others like him can use Instagram and Twitter to sell the trading platforms a supply of teenagers and young adults with limited knowledge of the money markets and a hunger for success.

This is how it works. Oyefeso posts images of luxury goods he claims to have bought with his winnings. He gives the pictures hashtags such as #richkidsofinstagram and mass-follows young people online. One teenager told me he and his friends were drawn in by the sight of a young black man who grew up on a council estate similar to theirs, driving a Rolls-Royce. As soon as anyone follows Oyefeso back, he slides into their DMs with a message: “I’m offering a great opportunity to earn £100-400+ per week from trading, no experience required, all done from home and only requires 15-30 min per day.” If you’re young, poor and want to defy the odds against you, the next question is: where do I sign up?

What wolves like Oyefeso fail to declare is that each of the trading platforms you sign up to (with a minimum deposit of £250) pays him around £40-80 – and that recruitment, rather than betting on these predatory financial products, is the way he makes his risk-free money (Oyefeso maintains he’s making money from trading). Young people join the platforms, make a few trades and can lose anything between £250 and several thousand pounds, then realise they can make it back by repeating the trick: becoming a paid marketing affiliate masquerading as a successful trader. It looks like a vintage pyramid scheme, rebooted for the social media era using a model of e-marketing that has boomed over the last 20 years.

In 2016, one of the wolves shared with me the presentation he was pitched by the leading software provider of binary options, SpotOption. The PowerPoint presentation revealed a system that is rigged against the consumer: the average user would lose 80% of everything he or she put in to “trade”. Later that year, the core of this presentation was published by the Bureau of Investigative Journalism, and SpotOption was banned in its home country, Israel. SpotOption says that since the changes in Israeli law, it has ceased all activities related to binary options, and terminated agreements with clients found to be acting unethically.

Last year, the FCA launched a crackdown on investment scams and police raided 20 premises suspected of operating binary options fraud, but so far, the social media influencers who appear to be working as middle men for foreign firms have escaped their attention. Social media has become a wild west for marketers aware that regulators can’t keep up with their online activity. Complaints about the aggressive nature of social media influencers’ stealth marketing have been growing. Between 2010 and 2016, the number of social media users grew to more than a billion, while the number of complaints to the UK Advertising Standards Authority about social media marketing posts breaching guidelines rose by a staggering 1,567%.

It is almost impossible to count the number of marketing affiliates masquerading as successful traders on Instagram, but we can count the number of promotional posts they’ve made using hashtags such as #binaryoptions (222,206), #traderlifestyle (64,151), and #richkidsofinstagram (529,574). Those numbers rise by the minute and the thousands of accounts generating them appear and disappear constantly.

The companies making the real money from these financial gambling products are supposed to be kept in check by the ASA, the Gambling Commission and the FCA – but this pack of regulators appears to be outfoxed by the wolves. The National Fraud Authority estimated that £59m had been defrauded from UK residents in 2017 from binary options alone.

“These binary options are almost no-win gambling products masquerading as complex financial instruments,” Labour’s deputy leader, Tom Watson, one of a number of politicians who have issued warnings about such products, told me. “It’s outrageous they are being targeted at the most vulnerable gamblers and young people.”

Many of the most exploitative companies’ digital storefronts drift anonymously in the middle of the internet, virtually undiscoverable to people who don’t know they are there and aren’t looking for them. This is where the influencers and their social media accounts come in. In Oyefeso’s words: “I just saw a big hole and I filled it up, which any successful entrepreneur would do.”

My first meeting with Oyefeso was on a summer’s afternoon in 2016. He and some of his friends were parked up on a private housing estate in Canary Wharf, having arrived in a convoy of supercars, including Oyefeso’s Rolls and a rented Audi R8. The neighbourhood was meant to serve as a backdrop to the world of opulence they were displaying on their Instagram feeds. It was not long before a resident came out to tell us we were trespassing. “This is a private estate, we don’t want to associate this estate with those kinds of people,” he said.

Instagram – even more than Facebook or Twitter – is where people sell a version of their lives that they want people to believe. None more so than these young, self-proclaimed millionaires. They are part of the larger phenomenon of #richkidsofinstagram, a hashtag first used in 2012 to profile the genuine heirs of multimillion-pound estates – including a son of one of the West Ham football club owners – but then spread to people like Oyefeso, who were faking it. A search of the posts tagged #richkidsofinstagram reveals young men and women from across the world sharing pictures and videos of their extravagant lifestyles: suitcases filled with stacks of £10, £20 and £50 notes; toddlers wearing customised Gucci denim jackets; expensive cars and private jets, all set to the latest hip-hop anthems.

For Oyefeso and many of his friends, the lifestyle is largely a costume drama. In his most recent video on YouTube Oyefeso appeared to hire a private jet – one that was parked up – to announce his return after he left prison. Oyefeso recounted how much money he could make in 15 minutes. Yet in reality, the only company I could find registered to Oyefeso’s address – IWANTTOTRADE Ltd, was dissolved in 2016 without posting a penny of income. Despite his glamorous trappings, Oyefeso, the son of Nigerian migrants, is, on paper at least, still residing at their council flat in south London.

In reality, #richkidsofinstagram is mostly a feed of adverts selling everything from clothes to gambling products, featuring endless marketing affiliates trying to recruit young people who are under more and more pressure from friends and influencers on social media to buy their way to success. The @richkidslondon account, followed by more than 730,000 people, says it profiles the most impressive rich kids, but what it does not say is that it charges them £60 for a post or £350 for 10.

According to a close friend, Oyefeso got his start in this world in 2014, when he began working at One Two Trade (OTT), a bucket shop operated out of a backstreet office in Wapping, east London, where unwitting investors could register bets online. OTT, which is not a regulated financial institution in the UK, but registered in Panama and Malta, would take a cut of every trade, and then try to hustle investors out of the rest of their money using excessive commissions and other exploitative terms. Former staff describe it as overrun with young people who had lost money on the platform, trying to make it back by signing up their friends with trading accounts.

For young people with ambition but no access, who were attracted to the risk, ingenuity and wealth of investment banks and hedge funds but would not qualify for a job at a traditional Canary Wharf company, working at OTT felt like a genuine career in the City – despite being unpaid. Oyefeso began styling himself as a guru offering “signals”, or trading tips, while working as a marketing affiliate. According to one of his mentees, he was a frontrunner in a burgeoning scene of young black outsiders, most of whom knew each other, spinning stories about how they infiltrated the old white man’s world of finance.

On Oyefeso’s website there is a section where he recommends a range of financial betting platforms. He also showed me a WhatsApp group he charged thousands of young people a £69.99 monthly fee to join, which would instruct them on what to bet on next. Unbeknown to his “clients”, they were the product he was selling.

The flashy Instagram may have won him a following, but the biggest gift to Oyefeso was his TV appearance. “After Rich Kids Go Shopping, he was so exposed,” one of his close friends said. “Before, it was just a small black community that was going to him, people that wanted to make quick money would go to him, but when he got put on the TV he had clients in Scotland.”

I asked Oyefeso who started the traders of Instagram subculture. “Without being cocky, I think I did,” he said. Without Oyefeso to “show people that you can have this, that you can buy this house, that you can buy this car”, there might not have been the traders of Instagram business model. A rival who copied him agreed. “It started from Elijah,” she said. “He was putting it all on social media. When they are seeing a young black man buy a Bentley or a Rolls-Royce and who is constantly on TV and he’s getting a lot of publicity, they’re thinking, what is this guy doing? I want to be involved.”

Then came a binary options gold rush among one of the most unlikely of demographics – young people in Britain’s inner cities.

Oyefeso marketed for a range of legitimate companies, including 24Option and AvaTrade, registered in Cyprus and Ireland, respectively, which have an estimated combined annual revenue of nearly $90m. (Neither company responded to a request for comment.) Oyefeso also introduced his young audience to Banc de Binary, a company he describes as “fully good”, even after it ceased trading amid fraud allegations.

Banc de Binary was founded in 2009 in Israel. The man at the helm was a former Israeli paratrooper, Oren Shabat Laurent. At its peak, the company had a yearly revenue of $100m, making it a star among binary options companies. The firm sought respectability by sponsoring football teams such as Liverpool and Southampton, but both clubs dropped the company when it become embroiled in scandal.

Banc de Binary faced a string of multi-million dollar lawsuits from clients, and was pursued by the US Securities and Exchange Commission. It was fined $11m for major regulatory breaches such as using shell offices in the UK and the US to evade financial regulations. The company was kicked out of the US in 2013, and was denied access to European markets when it lost its licence in Israel soon after that. In January 2017, the company ceased trading when it was revealed to have used software rigged against its users. Its founder, Laurent, has since reinvented himself in the world of cryptocurrency, with a bigger online following than any of the influencers who peddled binary options for him. Laurent did not respond to requests for comment.

Part of what made Oyefeso and Banc de Binary’s practices so ruthless was the age of the people they were signing up. In the UK, you have to be 18 to gamble or speculate on financial transactions. But Oyefeso was openly targeting much younger teenagers. It appears that in doing so, he was violating advertising regulations on gambling products.

When I spoke to Oyefeso before he went to prison, he did not exhibit much regret. “I’m not going to lie to you, there are some people under 18 who trade and use their parent’s name,” Oyefeso told me. I asked him if he had worked with anyone under 18 directly. “Of course,” he said. Aren’t you breaching the rules? I asked. “If I am, why aren’t I behind bars?” he said.

It seems Oyefeso didn’t just see teenagers as a source of income. They were also a source of labour. I spoke to one 18-year-old who told me that when he was between 15 and 16, he received a message from Oyefeso telling him he could sign up to a trading platform using his mother’s details. Oyefeso then offered the boy and his school friends work running his social media accounts and messaging his followers with advertising scripts. The teenagers were paid a cut of the commission for every one they signed up.

Even those losing money on Banc de Binary and other platforms sometimes gained a sense of self-confidence and an identity they felt proud of. Young men soon started trading in their hoodies for three-piece, pinstripe suits even though they had no office to wear them to. The subculture even had an anthem. A one-time Instagram trader who goes by the handle 10KJunes released a rap track called Trading Life, which includes the line, “I be selling stocks and then I buy it back, I got the taxman thinking that I’m selling crack”.

Technology has made some jobs extinct and endangered entire sectors, but in a tough jobs market, affiliate work seems like the most accessible route to money. There is no interview or licence required. All that is needed, in most cases, is an email address and a bank account. The marketers earn on commission only, so they provide a growing class of cheap labour.

A decade ago, teenagers primarily used social media to keep up with their friends and interests. In 2018, many see curating their accounts as a career and there is a growing ecosystem making this a major challenge for advertising regulators. Adverts are supposed to be identifiable, but influencers blur the lines with account pages built as shop windows on their lives. This grey area allowed foreign firms reliant on UK-based influencers to operate with impunity. Experts suggest that the regulators could have gone after marketing affiliates as “facilitators of gambling” sales, but chose not to.

Plus500, which is valued at over £1bn, has an estimated 100,000 marketing affiliates working for it alone. The @dailyforexsignals account on Instagram appeared to be promoting the company with posts that the Campaign for Fairer Gambling claimed were in breach of the guidelines. However, Plus500 said the account had signed up just eight clients and the company had long cancelled @dailyforexsignals affiliation. It says it offers customers a test to indicate they understand the terms of trading, and has measures to ensure protection of its customers, including limiting the amount clients can lose. It says it requires all affiliates to comply with industry standards, but it is difficult to see how a company such as Plus500 keeps tabs on the thousands of unmanaged digital workers making it money. This in turn makes it hard to stop it profiting from vulnerable consumers – in particular, from young people hooked in by the promise of easy wealth.

In 2005, the Labour government liberalised gambling advertising and created the Gambling Commission to regulate commercial gambling and protect vulnerable people, including anyone under 25. Tom Watson, the current deputy Labour leader, admitted that the legislation didn’t take the digital era into account.

“The yield taken from losers in the industry has gone up from £8bn in 2008 to £13bn in 2016,” Watson said. “That’s a lot of money, and when you combine that with recent news that companies are targeting the most vulnerable people who are susceptible to becoming problem gamblers – I think we’ve got a problem and our current regulations and laws are not fit for purpose.”

Matt Zarb-Cousin, of the Campaign for Fairer Gambling, alleges that the wolves’ Instagram posts are breaching two ASA regulations, “the first of which is: you can’t market to young people, and the second is: gambling cannot be offered as a way of making money. So these adverts would never pass the regulators if they were conventional.”

The Gambling Commission has admitted that it had received a growing number of complaints when it was in the process of trying to regulate binary options, but the Campaign for Fairer Gambling says neither it nor the ASA had taken strong enough action on the advertising of such profits to vulnerable young adults. The Gambling Commission acknowledged it had never even “written to Instagram relating to advertisements or posts promoting gambling, that breach the UK advertising codes” during the time of the steepest rise in complaints.

Both regulators blame the 2005 legislation. The Gambling Commission said that although binary options were regulated, the rules only applied if the firm had “remote gambling equipment located in Great Britain, irrespective of whether there are offices in GB or not”. The law states that if equipment is not in Britain, any binary options that the firm offers will not be regulated. Last month, the European Securities and Market Authority decided to prohibit the sales of binary options and limit the marketing and distribution of related products to vulnerable retail consumers. However, the wolves of Instagram have already adapted their behaviour.

“Everything is changing, so obviously I’ve got to change, too,” Oyefeso said to me last year, when the landscape began to shift.

One of Oyefeso’s business associates has leapt headfirst into the latest gold rush. “I recently got into bitcoin about three months ago,” he said. “Young people have just jumped to it and it’s like the (binary options) trading bubble all over again.”

The cryptocurrency craze is in many ways similar to the boom in binary options and digital gambling apps. There have now been over 1,560 different currencies launched. Most of them are worthless but a host of new platforms are trying to hawk them via dubious platforms that entice young people through marketing affiliates disguised as Instagram influencers.

One of Oyefeso’s early proteges was a north Londoner called Olivia James, 23. She described the original Wolf of Wall Street as “a king in my eyes”, and in February tweeted “I’m do everything Belfort done and more lifestyle wise”. Hoping to take advantage of the popularity of bitcoin, James has now incorporated a new company called TRADEtoGAIN, with 20-year-old Armon Rabiee and 24-year-old Luke Arliss. The trio share a common story with many of the other young people founding pop-up sites to teach young adults how they can crack cryptocurrencies, for exorbitant fees. Arliss struggled at school, James was repeatedly turned down for entry level jobs in the City and Rabiee said he lost thousands during the binary options wave as a teenager. Together, they plan to make money as gurus of crypto.

Arliss, who has a big Instagram following from his former company, which repaired bodywork on footballers’ cars, said that he gets “loads of messages” about crypto from young people “interested in the hype”. Rabiee piped in, claiming that with their special insight they “can charge people thousands”.

As Oyefeso’s fairytale has unravelled, the internet has turned against him. People shared reports of his arrest and sentence with mocking comments, and published blogs accusing him of running scams. Oyefeso responded with a caption on a recent video post: “People don’t want to see a young black guy from the ends make it out to be successful,” he wrote.

The problem, in Oyefeso’s case, has not been a lack of goodwill. There were many who shared his original rags to riches story, unaware that there was another version in which this apparently wealthy young trader was an invention, incentivised by companies happy to exploit the gap between the life millennials are persuaded they should be living, and the harsh economic reality they live in.

• Follow the Long Read on Twitter at @gdnlongread, or sign up to the long read weekly email here.

• This article was amended on 25 April 2018 for personal reasons.

Four of the top podcast producers unite to own and operate a platform to improve podcasts discovery experience for listeners and to connect producers with new audiences

Former iHeartRadio General Manager Owen Grover named CEO of Pocket Casts

May 3, 2018; New York, NY – Today, four of the top podcast producers – NPR, WNYC Studios, WBEZ Chicago, and This American Life – announced the acquisition of Pocket Casts, a leading podcast app. This unprecedented collaboration furthers public radio's leading role as an innovator in audio discovery and distribution, while ensuring the continued support and growth of one of the most popular listening platforms on the market.

Audio veteran Owen Grover will serve as CEO of Pocket Casts.Grover previously served as Executive Vice President and General Manager at iHeartRadio, and before that as Vice President of Programming and Marketing at Clear Channel Music & Radio. Pocket Casts will operate as a joint venture, with founders Philip Simpson and Russell Ivanovic in leadership roles and the existing staff and developer team remaining in place. To ensure development aligns with the mission-driven ethos of public radio, the board will be comprised of representatives of the public media leaders.

Created in 2008 by Australian mobile app developer Shifty Jelly, Pocket Castsis one of the highest-rated mobile apps for podcast listening by users on Android, iOS, the web, Sonos, and other platforms. Pocket Casts has been recognized as "The podcast app every iPhone user needs" (WIRED) as well as "The best podcast app for Android" (The Verge).

NPR, WNYC Studios, WBEZ Chicago, and This American Life are responsible for more than 170 million downloads per month thanks to some of the most popular, industry-shaping podcasts, including: This American Life, 2 Dope Queens, Making Obama, Making Oprah, Planet Money, Radiolab, Serial, and Up First. Coming together for this acquisition reflects their shared vision: a commitment to reach a new generation of listeners and to serve the needs of audio producers across public radio and beyond. Pocket Casts is an enormous opportunity to improve discovery for listeners, provide podcast producers with better insights, and to enable creators to connect with audiences around the world.

"Public radio has been at the vanguard of audio innovation and podcasting, bringing in new listeners, experimenting with new forms and topics, fostering engagement and community, and cultivating new talent in the industry," said Laura Walker, President and CEO of New York Public Radio, which includes WNYC Studios. "And yet despite this remarkable renaissance, the listening experience — particularly around discovery — has remained virtually unchanged. Pocket Casts will enable us to forge a closer relationship with our listeners, provide audiences with more ways to enjoy audio programming, and create a more tailored discovery experience that helps listeners find their next must-listen podcast."

"As the leading producers of podcasts in a rapidly growing market, we're linking arms to embrace new opportunities for the distribution of audio and the engagement of a new generation of listeners," said Jarl Mohn, President and CEO, NPR. "Pocket Casts is a terrific app and will be a great complement to NPR One, the NPR app and the other outstanding products in public radio's portfolio of innovation. We want to continue serving and delighting its large and passionate audience through wide access to the world of powerful podcasts, from public radio and beyond."

"Thanks to the mission-driven nature of this partnership, and of public media overall, we'll put the needs of producers and listeners at the heart of everything we do with Pocket Casts," said Goli Sheikholeslami, CEO of WBEZ Chicago. "We plan to work with producers to find new and broader audiences, which will enable creators to better connect with fans and potential audiences and build a sustainable business for their podcast."

"For months now, I've been using Pocket Casts and recommending it to friends," said Ira Glass, creator and host of This American Life."It's a great app – with a super-intuitive interface – and I'm excited for the things we're hoping to add to it."

Pocket Casts users will continue to enjoy:

• A wide variety of podcasts from hundreds of national and international producers;
• Filters that include user-friendly options like 'episodes you've already started' or 'downloaded but not heard' and the option to create custom filter categories;
• An easy-to-use-playlist that can be instantly reordered;
• Special settings to improve your listening experiences: playback speed, trim silence, and volume boost;
• Web-based version that synchronizes with your devices so listeners can have podcasts at the tip of their fingers, even on desktop.

New York Public Radio's investment in Pocket Casts was made possible, in part, by Cynthia King Vance and a grant from Carnegie Corporation of New York.

About NPR

NPR's rigorous reporting and unsurpassed storytelling connect with millions of Americans everyday—on the air, online, and in person. NPR strives to create a more informed public—one challenged and invigorated by a deeper understanding and appreciation of events, ideas, and cultures. With a nationwide network of award-winning journalists and 17 international bureaus, NPR and its Member Stations are never far from where a story is unfolding. Listeners consider public radio an enriching and enlightening companion; they trust NPR as a daily source of unbiased independent news, and inspiring insights on life and the arts. Learn more at npr.org/about or by following NPR Extra on Facebook, Twitter and Instagram.

About WNYC Studios

WNYC Studios is the premier producer of on-demand and broadcast audio, home to some of the most critically acclaimed and popular podcasts of the last decade, including Radiolab, 2 Dope Queens, Nancy, The New Yorker Radio Hour, Death, Sex & Money, Here's the Thing with Alec Baldwin, Note To Self, On the Media, and A Piece of Work with Abbi Jacobson. WNYC Studios is leading the new golden age in audio with podcasts and national radio programs that inform, inspire, and delight millions of intellectually curious and highly engaged listeners across digital, mobile, and broadcast platforms. Their programs include personal narratives, deep journalism, interviews that reveal, and smart entertainment as varied and intimate as the human voice itself. For more information, visit wnycstudios.wnyc.org.

About WBEZ Chicago

WBEZ, Chicago's NPR news station, serves the community with fact-based, objective news and information. WBEZ is a publicly funded news organization, WBEZ's award-winning journalists ask tough questions, dig deep for answers and expose truths that spark change and foster understanding. WBEZ Chicago is home to two daily local programs, The Morning Shift and Worldview, and a growing portfolio of popular podcasts, including the "Making" series of Making Obama and Making Oprah;Nerdette; and Sound Opinions. WBEZ Chicago has a legacy of innovation as the birthplace of nationally acclaimed programs such as This American Life, and Wait Wait...Don't Tell Me! and the ground-breaking podcast, Serial. Learn more about WBEZ Chicago and its award-winning programming and on-demand digital content at wbez.org or on Facebook or Twitter.

About This American Life

This American Life is one of the most popular podcasts in the world, downloaded each week by 2.5 million people, and heard on public radio by another 2.2 million. Since 1995, it's been a champion of a style of narrative journalism that's been adopted widely by other programs. www.thisamericanlife.org

Press Contact

Isabel Lara - Senior Director, Media Relations

mediarelations@npr.org

I’ve supervised a lot of great student projects in my nine years at MIT, but my inner nerdy teenager has never been as personally delighted by a project as it is right now.  Today, I’m proud to announce that Adam Yedidia, a PhD student at MIT (but an MEng student when he did most of this work), has explicitly constructed a one-tape, two-symbol Turing machine with 7,918 states, whose behavior (when run on a blank tape) can never be proven from the usual axioms of set theory, under reasonable consistency hypotheses.  Adam has also constructed a 4,888-state Turing machine that halts iff there’s a counterexample to Goldbach’s Conjecture, and a 5,372-state machine that halts iff there’s a counterexample to the Riemann Hypothesis.  In all three cases, this is the first time we’ve had a reasonable explicit upper bound on how many states you need in a Turing machine before you can see the behavior in question.

Here’s our research paper, on which Adam generously included me as a coauthor, even though he did the heavy lifting.  Also, here’s a github repository where you can download all the code Adam used to generate these Turing machines, and even use it to build your own small Turing machines that encode interesting mathematical statements.  Finally, here’s a YouTube video where Adam walks you through how to use his tools.

A more precise statement of our main result is this: we give a 7,918-state Turing machine, called Z (and actually explicitly listed in our paper!), such that:

1. Z runs forever, assuming the consistency of a large-cardinal theory called SRP (Stationary Ramsey Property), but
2. Z can’t be proved to run forever in ZFC (Zermelo-Fraenkel set theory with the Axiom of Choice, the usual foundation for mathematics), assuming that ZFC is consistent.

A bit of background: it follows, as an immediate consequence of Gödel’s Incompleteness Theorem, that there’s some computer program, of some length, that eludes the power of ordinary mathematics to prove what it does, when it’s run with an unlimited amount of memory.  So for example, such a program could simply enumerate all the possible consequences of the ZFC axioms, one after another, and halt if it ever found a contradiction (e.g., a proof of 1+1=3).  Assuming ZFC is consistent, this program must run forever.  But again assuming ZFC is consistent, ZFC can’t prove that the program runs forever, since if it did, then it would prove its own consistency, thereby violating the Second Incompleteness Theorem!

Alas, this argument still leaves us in the dark about where, in space of computer programs, the “Gödelian gremlin” rears its undecidable head.  A program that searches for an inconsistency in ZFC is a fairly complicated animal: it needs to encode not only the ZFC axiom schema, but also the language and inference rules of first-order logic.  Such a program might be thousands of lines long if written in a standard programming language like C, or millions of instructions if compiled down to a bare-bones machine code.  You’d certainly never run across such a program by chance—not even if you had a computer the size of the observable universe, trying one random program after another for billions of years in a “primordial soup”!

So the question stands—a question that strikes me as obviously important, even though as far as I know, only one or two people ever asked the question before us; see here for example.  Namely: do the axioms of set theory suffice to analyze the behavior of every computer program that’s at most, let’s say, 50 machine instructions long?  Or are there super-short programs that already exhibit “Gödelian behavior”?

Theoretical computer scientists might object that this is “merely a question of constants.”  Well yes, OK, but the origin of life in our universe—a not entirely unrelated puzzle—is also “merely a question of constants”!  In more detail, we know that it’s possible with our laws of physics to build a self-replicating machine: say, DNA or RNA and their associated paraphernalia.  We also know that tiny molecules like H₂O and CO₂ are not self-replicating.  But we don’t know how small the smallest self-replicating molecule can be—and that’s an issue that influences whether we should expect to find ourselves alone in the universe or find it teeming with life.

Some people might also object that what we’re asking about has already been studied, in the half-century quest to design the smallest universal Turing machine (the subject of Stephen Wolfram’s $25,000 prize in 2007, to which I responded with my own $25.00 prize).  But I see that as fundamentally different, for the following reason.  A universal Turing machine—that is, a machine that simulates any other machine that’s described to it on its input tape—has the privilege of offloading almost all of its complexity onto the description format for the input machine.  So indeed, that’s exactly what all known tiny universal machines do!  But a program that checks (say) Goldbach’s Conjecture, or the Riemann Hypothesis, or the consistency of set theory, on an initially blank tape, has no such liberty.  For such machines, the number of states really does seem like an intrinsic measure of complexity, because the complexity can’t be shoehorned anywhere else.

One can also phrase what we’re asking in terms of the infamous Busy Beaver function.  Recall that BB(n), or the n^th Busy Beaver number, is defined to be the maximum number of steps that any n-state Turing machine takes when run on an initially blank tape, assuming that the machine eventually halts. The Busy Beaver function was the centerpiece of my 1998 essay Who Can Name the Bigger Number?, which might still attract more readers than anything else I’ve written since. As I stressed there, if you’re in a biggest-number-naming contest, and you write “BB(10000),” you’ll destroy any opponent—however otherwise mathematically literate they are—who’s innocent of computability theory.  For BB(n) grows faster than any computable sequence of integers: indeed, if it didn’t, then one could use that fact to solve the halting problem, contradicting Turing’s theorem.

But the BB function has a second amazing property: namely, it’s a perfectly well-defined integer function, and yet once you fix the axioms of mathematics, only finitely many values of the function can ever be proved, even in principle.  To see why, consider again a Turing machine M that halts if and only if there’s a contradiction in ZF set theory.  Clearly such a machine could be built, with some finite number of states k.  But then ZF set theory can’t possibly determine the value of BB(k) (or BB(k+1), BB(k+2), etc.), unless ZF is inconsistent!  For to do so, ZF would need to prove that M ran forever, and therefore prove its own consistency, and therefore be inconsistent by Gödel’s Theorem.

OK, but we can now ask a quantitative question: how many values of the BB function is it possible for us to know?  Where exactly is the precipice at which this function “departs the realm of mortals and enters the realm of God”: is it closer to n=10 or to n=10,000,000?  In practice, four values of BB have been determined so far:

• BB(1)=1
• BB(2)=6
• BB(3)=21 (Lin and Rado 1965)
• BB(4)=107 (Brady 1975)

We also know some lower bounds:

See Heiner Marxen’s page or the Googology Wiki (which somehow I only learned about today) for more information.

Some Busy Beaver enthusiasts have opined that even BB(6) will never be known exactly.  On the other hand, the abstract argument from before tells us only that, if we confine ourselves to (say) ZF set theory, then there’s some k—possibly in the tens of millions or higher—such that the values of BB(k), BB(k+1), BB(k+2), and so on can never be proven.  So again: is the number of knowable values of the BB function more like 10, or more like a million?

This is the question that Adam and I (but mostly Adam) have finally addressed.

It’s hopeless to design a Turing machine by hand for all but the simplest tasks, so as a first step, Adam created a new programming language, called Laconic, specifically for writing programs that compile down to small Turing machines.  Laconic programs actually compile to an intermediary language called TMD (Turing Machine Descriptor), and from there to Turing machines.

Even then, we estimate that a direct attempt to write a Laconic program that searched for a contradiction in ZFC would lead to a Turing machine with millions of states.  There were three ideas needed to get the state count down to something reasonable.

The first was to take advantage of the work of Harvey Friedman, who’s one of the one or two people I mentioned earlier who’s written about these problems before.  In particular, Friedman has been laboring since the 1960s to find “natural” arithmetical statements that are provably independent of ZFC or other strong set theories.  (See this AMS Notices piece by Martin Davis for a discussion of Friedman’s progress as of 2006.)  Not only does Friedman’s quest continue, but some of his most important progress has come only within the last year.  His statements—typically involving objects called “order-invariant graphs”—strike me as alien, and as far removed from anything I’d personally have independent reasons to think about (but is that just a sign of my limited perspective?).  Be that as it may, Friedman’s statements still seem a lot easier to encode as short computer programs than the full apparatus of first-order logic and set theory!  So that’s what we started with; our work wouldn’t have been possible without Friedman (who we consulted by email throughout the project).

The second idea was something we called “on-tape processing.”  Basically, instead of compiling directly from Laconic down to Turing machine, Adam wrote an interpreter in Turing machine (which took about 4000 states—a single, fixed cost), and then had the final Turing machine first write a higher-level program onto its tape and then interpret that program.  Instead of the compilation process producing a huge multiplicative overhead in the number of Turing machine states (and a repetitive machine), this approach gives us only an additive overhead.  We found that this one idea decreased the number of states by roughly an order of magnitude.

The third idea was first suggested in 2002 by Ben-Amram and Petersen (and refined for us by Luke Schaeffer); we call it “introspective encoding.”  When we write the program to be interpreted onto the Turing machine tape, the naïve approach would use one Turing machine state per bit.  But that’s clearly wasteful, since in an n-state Turing machine, every state contains ~log(n) bits of information (because of the other states it needs to point to).  A better approach tries to exploit as many of those bits as it can; doing that gave us up to a factor-of-5 additional savings in the number of states.

For Goldbach’s Conjecture and the Riemann Hypothesis, we paid the same 4000-state overhead for the interpreter, but then the program to be interpreted was simpler, giving a smaller overall machine.  Incidentally, it’s not intuitively obvious that the Riemann Hypothesis is equivalent to the statement that some particular computer program runs forever, but it is—that follows, for example, from work by Lagarias and by Davis, Matijasevich, and Robinson (we used the latter; an earlier version of this post incorrectly stated that we used the Lagarias result).

To preempt the inevitable question in the comments section: yes, we did run these Turing machines for a while, and no, none of them had halted after a day or so.  But before you interpret that as evidence in favor of Goldbach, Riemann, and the consistency of ZFC, you should probably know that a Turing machine to test whether all perfect squares are less than 5, produced using Laconic, needed to run for more than an hour before it found the first counterexample (namely, 3²=9) and halted.  Laconic Turing machines are optimized only for the number of states, not for speed, to put it mildly.

Of course, three orders of magnitude still remain between the largest value of n (namely, 4) for which BB(n) is known to be knowable in ZFC-based mathematics, and the smallest value of n (namely, 7,918) for which BB(n) is known to be unknowable.  I’m optimistic that further improvements are possible to the machine Z—whether that means simplifications to Friedman’s statement, a redesigned interpreter (possibly using lambda calculus?), or a “multi-stage rocket model” where a bare-bones interpreter would be used to unpack a second, richer interpreter which would be used to unpack a third, etc., until you got to the actual program you cared about.  But I’d be shocked if anyone in my lifetime determined the value of BB(10), for example, or proved the value independent of set theory.  Even after the Singularity happens, I imagine that our robot overlords would find the determination of BB(10) quite a challenge.

In an early Shtetl-Optimized post, I described theoretical computer science as “quantitative epistemology.”  Constructing small Turing machines whose behavior eludes set theory is not conventional theoretical computer science by any stretch of the imagination: it’s closer in practice to programming languages or computer architecture, or even the recreational practice known as code-golfing.  On the other hand, I’ve never been involved with any other project that was so clearly, explicitly about pinning down the quantitative boundary between the knowable and the unknowable.

Comments on our paper are welcome.

Addendum: Some people might wonder “why Turing machines,” as opposed to a more reasonable programming language like C or Python.  Well, first of all, we needed a language that could address an unlimited amount of memory.  Also, the BB function is traditionally defined in terms of Turing machines.  But the most important issue is that we wanted there to be no suspicion whatsoever that our choice of programming language was artificially helping to make our machine small.  And hopefully everyone can agree that one-tape, two-symbol Turing machines aren’t designed for anyone’s convenience!

This entry was posted on Tuesday, May 3rd, 2016 at 6:04 pm and is filed under Announcements, Nerd Interest. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.