Facebook Wants To Teach Machine Learning

When you think of technical education about machine learning, Facebook might not be the company that pops into your head. However, the company uses machine learning, and they’ve rolled out a six-part video series that they say “shares best real-world practices and provides practical tips about how to apply machine-learning capabilities to real-world problems.”

The videos correspond to what they say are the six aspects of machine learning development:

  1. Problem definition
  2. Data
  3. Evaluation
  4. Features
  5. Model
  6. Experimentation

Continue reading “Facebook Wants To Teach Machine Learning”

Universal music translation network

Facebook’s Universal Music Translator

Star Trek has its universal language translator and now researchers from Facebook Artificial Intelligence Research (FAIR) has developed a universal music translator. Much of it is based on Google’s WaveNet, a version of which was also used in the recently announced Google Duplex AI.

Universal music translator architectureThe inspiration for it came from the human ability to hear music played by any instrument and to then be able to whistle or hum it, thereby translating it from one instrument to another. This is something computers have had trouble doing well, until now. The researchers fed their translator a string quartet playing Haydn and had it translate the music to a chorus and orchestra singing and playing in the style of Bach. They’ve even fed it someone whistling the theme from Indiana Jones and had it translate the tune to a symphony in the style of Mozart.

Shown here is the architecture of their network. Note that all the different music is fed into the same encoder network but each instrument which that music can be translated into has its own decoder network. It was implemented in PyTorch and trained using eight Tesla V100 GPUs over a total of six days. Efforts were made during training to ensure that the encoder extracted high-level semantic features from the music fed into it rather than just memorizing the music. More details can be found in their paper.

So if you want to hear how an electric guitar played in the style of Metallica might have been translated to the piano by Beethoven then listen to the samples in the video below.

Continue reading “Facebook’s Universal Music Translator”

Hackaday Links: April 2, 2017

Toorcamp registration is open. It’s June 20-24th on Orcas Island, Washington.

Hey, you. The guy still using Mentor Graphics. Yeah, you. Siemens has acquired Mentor Graphics.

CNC knitting machines are incredibly complicated but exceptionally cool. Until now, most CNC knitting machines are actually conversions of commercial machines. Beginning with [Travis Goodspeed] and  [Fabienne Serriere] hack of a knitting machine, [Becky Stern]’s efforts, and the Knitic project, these knitting machines are really just brain transplants of old Brother knitting machines. A few of the folks from the OpenKnit project have been working to change this, and now they’re ready for production. Kniterate is a project on Kickstarter that’s a modern knitting machine, and basically a 2D woolen printer. This is an expensive machine at about $4500, but if you’ve ever seen the inside of one of these knitting machines, you’ll know building one of these things from scratch is challenging.

There was a time when a Macintosh computer could play games. Yes, I know this sounds bizarre, but you could play SimCity 2000, Diablo, and LucasArts adventure games on a machine coming out of Cupertino. [Novaspirit] wanted to relive his childhood, so he set up a Mac OS 7 emulator on a Raspberry Pi. He’s using Minivmac, beginning with an install of OS 7.1, upgrading that to 7.5.3, then upgrading that to 7.5.5. It should be noted the utility of the upgrade to 7.5.5 is questionable — the only real changes from 7.5.3  to 7.5.5 are improved virtual memory support (just change some emulator settings to get around that) and networking support (which is difficult on an emulator). If you’re going to upgrade to 7.5.5, just upgrade to 8.1 instead.

It’s getting warmer in the northern hemisphere, and you know what that means: people building swamp coolers. And you know what that means: people arguing about the thermodynamics of swamp coolers. We love these builds, so if you have a swamp cooler send it on in to the tip line.

The Prusa edition of Slic3r is out. The improvements? It’s not a single core app anymore (!), so slicing is faster. It’s got that neat variable layer slicing. Check out all the features.

It takes at least a week to delete your Facebook account. In the meantime, you can lawyer up and hit the gym. Additionally, we’re not really sure Facebook actually deletes your profile when you disable your account. Robots to the rescue. [anerdev] built a robot to delete all his content from Facebook. It’s a pair of servos with touchpad-sensitive pens. Add an Arduino, and you have a Facebook deleting machine.

Facebook Open-Sources Their Capture-the-Flag Hacking Challenges

If you want to learn how to defeat computer security, nothing beats hands-on experience. Of course, if you get your hands on someone’s system without their permission, you may end up having a very short training that ends with a jail term. And that’s where capture-the-flag (CTF) events come in.

A CTF is a system of increasingly-difficult challenges that can’t be too easy or too hard. A well-designed CTF teaches all of the participants stuff that they didn’t know, no matter how far they get and what skills they came in with. Designing a good CTF is difficult.

But since it’s also a competition, running one also involves a lot of horrible bookkeeping for the folks running it. Registering teams and providing login pages is the dirty work that you have to do in the background, that takes away time from building the systems which others are going to take apart.

Which is why it’s great that Facebook is opening up their CTF-hosting platform, along with a few starter challenges, for us all to play along. We love CTFs and related hacking challenges. If this spurs the creation of more, we’re all for it. You can find the whole setup on GitHub.

If you’re new to CTFs, here’s an awesome collection of CTF-related material on GitHub to get you started. And if your tastes run more toward hardware hacking, we’ve covered previous firmware CTFs, but frankly there’s a lot more material out there. We feel a feature post coming on…

Thanks [ag4ve] for the unintentional tip!

You Can Learn A Lot About Social Engineering From A Repo Man

The most vulnerable part of any secure information system is the human at the controls. Secure passwords, strong encryption, and stringent protocols are all worthless if that human can be coerced to give away the keys to the kingdom. The techniques of attacking a system through the human are collectively known as social engineering. While most of us don’t use social engineering in our day-to-day jobs, anyone can fall victim to it, so it’s always good to see this stuff in action. Some of the best examples of social engineering come from unlikely places. One of those is [Matthew Pitman].

reponinja[Matt] is one of those people we all hope we never to meet in real life. He’s a repo man. For those not familiar with the term, [Matt] is the guy who comes to pick up your car, boat or other asset when you fall behind on your loan payments. Generally, these repossession agents are contractors, working for the bank or loan agency who holds the loan on the collateral. As you might expect, no one is happy to see them coming.

[Matt] uses plenty of high-tech gadgetry in his line of work, everything from GPS tracking devices to drones. He calls his tow truck the Repo Ninja, and the interior is decked out with an internet connection, laptop, and tons of cameras. Even so, his greatest asset is social engineering. His 26 years of experience have taught him how to work people to get what he needs: their cars.

Continue reading “You Can Learn A Lot About Social Engineering From A Repo Man”

Hackaday Links Column Banner

Hackaday Links: Summer, 2015

[Elia] was experimenting with LNAs and RTL-SDR dongles. If you’re receiving very weak signals with one of these software defined radio dongles, you generally need an LNA to boost the signal. You can power an LNA though one of these dongles. You’ll need to remove a few diodes, and that means no ESD protection, and you might push the current consumption above the 500mA a USB port provides. It does, however, work.

We’ve seen people open up ICs with nitric acid, and look inside them with x-rays. How about a simpler approach? [steelcityelectronics] opened up a big power transistor with nothing but a file. The die is actually very small – just 1.8×1.8mm, and the emitter bond wire doesn’t even look like it’ll handle 10A.

Gigantic Connect Four. That’s what the Lansing Makers Network built for a Ann Arbor Maker Faire this year. It’s your standard Connect Four game, scaled up to eight feet tall and eight feet wide. The disks are foam insulation with magnets; an extension rod (with a magnet at the end) allows anyone to push the disks down the slots.

[Richard Sloan] of esp8266.com fame has a buddy running a Kickstarter right now. It’s a lanyard with a phone charger cable inside.

Facebook is well-known for the scientific literacy of its members. Here’s a perpetual motion machine. Comment gold here, people.

Here’s some Hackaday Prize business: We’re giving away stuff to people who use Atmel, Freescale, Microchip, and TI parts in their projects. This means we need to know you’re using these parts in your projects. Here’s how you let us know. Also, participate in the community voting rounds. Here are the video instructions on how to do that.

Race Conditions Exploit Granted Free Money On Web Services

[Josip] has been playing around with race conditions on web interfaces lately, finding vulnerabilities on both Facebook and Digital Ocean. A race condition can occur when a piece of software processes multiple threads using a shared resource.

For example, [Josip] discovered that he was able to manipulate page reviews using just a single Facebook account. Normally, a user is permitted to leave just one review for any given Facebook page. This prevents a single user from being able to skew the page’s overall ranking by making a bunch of positive or negative reviews. The trick to manipulating the system was to intercept the HTTP request that submitted the page review. The request was then replayed over and over in a very short amount of time.

Facebook’s servers ended up processing some of these requests simultaneously, essentially unaware that multiple requests had come in so close together. The result was that multiple reviews were submitted, artificially changing the pages overall ranking even though only one review actually showed up on the page for this user. The user can then delete their single review, and repeat this cycle over and over. It took Facebook approximately two months to fix this vulnerability, but in the end it was fixed and [Josip] received a nice bounty.

The Digital Ocean hack was essentially the exact same process. This time instead of hacking page reviews, [Josip] went after some free money. He found that he was able to submit the same promotional code multiple times, resulting in a hefty discount at checkout time. Digital Ocean wasted no time fixing this bug, repairing it within just ten days of the disclosure.