Flappy Bird Might Fly Again. Let's Try Not to Freak Out This Time.
In an interview with Rolling Stone today, Flappy Bird’s creator said he might resurrect the insanely popular smartphone game at some point.
“I’m considering it,” 28-year-old Dong Nguyen told the magazine. But if he does bring back the title, he added, it will come with a warning for would-be addicts: “Please take a break.” For now, his focus is on developing three new games: a cowboy-themed shooter, a flying game called Kitty Jetpack, and an “action chess game” called Checkonaut.
That was the highlight of an otherwise surprisingly unsurprising interview with the young Vietnamese game designer. Rolling Stone sent writer David Kushner to Hanoi to track down the elusive Nguyen and didn’t come away with a whole lot that we didn’t already know or suspect. Still, the article does the best job yet of stitching together the threads of Nguyen’s personal story and rescuing him from mythical status. He’s just a guy, not a gaming god.
Nguyen tells the magazine he built Flappy Bird as an homage to the simple-yet-compelling Nintendo games of his youth. He adds that he never expected it to go viral, and Rolling Stone wasn’t able to shed any new light on how that transpired. When it did, he was overwhelmed by the media attention in his home country, where he became a sudden celebrity. Even more, he was distraught by reports of people getting addicted to the game and losing their jobs or ignoring their schoolwork. So he pulled the plug, and he still feels it was the right choice. This is basically the same story he has told via Twitter, and in past interviews.
I did, however, appreciate Nguyen’s insistence that the game’s simplicity was no accident. He said his goal with Flappy Bird was to build something that people could play with one hand, in the fleeting moments between appointments or obligations. And he intended the graphics to be amusingly cartoonish. My favorite part is where Nguyen tells the magazine he modeled the game on what Kushner calls “one of the most masocore analog creations ever: paddleball.” From the story:
Like paddleball, he limited his game to just a couple of elements—the bird and the pipes—and resisted the usual urge to lard the action with new elements as the player progressed. He tuned the physics so that the bird was fighting gravity so strong, even the slightest wrong tap would kill it.
A game’s appeal is not proportional to its complexity. If anything, the relationship is inverse. Flappy Bird is a game like bouncing a ball on a paddle is a game. It is utterly simple, mind-numbingly repetitive, yet endless in its variations—and profound in its ability to fulfill our human need to concentrate for a moment, an hour, or an evening on something other than the weighty complexities of real life.
If nothing else, the Rolling Stone interview should serve as reassurance that the Flappy Bird’s appeal was not random or inexplicable. It was the product of a sharp mind tackling a problem—how to make a compelling game for a tiny screen on a mobile device—in a fresh and creative way.
Instead of yearning for Flappy Bird’s return or downloading all the Flappy Bird clones that now populate the app stores, fans of the game ought to show their appreciation by downloading the new games that Nguyen says he’s working on. And if you find yourself getting addicted, please resist the urge to dump your problems on the game’s creator via Twitter or angry app-store reviews. He’s obviously a pretty sensitive fellow.
The full Rolling Stone story is here.
Previously in Slate:
A Human Faces a Robot in the Most Dramatic Game of Ping-Pong Ever
Jeopardy! had Watson and chess had Deep Blue, so it was time for ping-pong to face a formidable opponent in technological form. The incredibly quick KUKA robot, normally used in manufacturing, squared off against a top ping-pong player—and performed really well.
Timo Boll is currently ranked eighth in the world for table tennis, but has held the No. 1 spot. For the opening of KUKA's new Shanghai robotics factory, he came on to endorse KUKA and play the robot in ping-pong. According to the (incredibly overproduced) video, it was a super-intense match. Boll had to play hard to beat the KUKA 11-9 in a match for the ages. Or at least it looks like it in the video—who knows how much of that was planned.
Though the music and the lighting are slightly over the top, it's still pretty awesome to watch a robot and a human play a professional-level game of table tennis and make it look natural. KUKA's video is definitely absurdist, but also self-deprecating in a cool way. At the end the screen reads, “Not the best at table tennis, but probably the best in robotics.” Solid humble brag.
It Took 3.5 Hours for HBO GO to Come Back After the True Detective Debacle
As True Detective fans were getting more and more hyped up on Sunday, HBO GO was rapidly approaching disaster. The streaming service had promised to post a stream of True Detective's season finale as the show aired at 9 p.m. ET. But instead the whole site went down. Needless to say, people were devastated. And angry. And hilariously angry.
The network equipment company Sandvine reported on its Internet Phenomena Blog about the outage. Sandvine's data shows HBO GO failing at 9 p.m. right as True Detective was posted, and coming back up between 12:30 and 12:45 a.m.. At that point there's a small, hour-long surge in traffic while night owls (and West Coast dwellers) presumably watched the episode. Then traffic drops off in the early morning before starting to climb again today. It's unclear exactly how much traffic HBO GO deals with on a regular basis or Sunday night in particular, since the company doesn't release figures, so it's difficult to say whether it should have been more prepared.
As the Washington Post points out, people have been speculating that password sharing is partly to blame in HBO GO's reliability woes. Perhaps it isn't preparing for the correct number of users during high traffic times because its estimates of how many people use the service are too low. And this alleged naivete is corroborated by something HBO's CEO told BuzzFeed in January. Richard Plepler said, “It’s not that we’re unmindful of it, it just has no impact on the business. ... We’re in the business of creating addicts.” If the outage was caused by unexpected traffic, then it isn't exactly “no impact.”
The Internet of Things Needs Anti-Virus Protection
As the Internet of Things grows and more devices than ever have network connectivity baked in, you might start to wonder what protects all of these smart home appliances and media streaming dongles against hacks. The answer: pretty much nothing. Companies can release security updates or patches when they learn about vulnerabilities in their devices, but who is going to do a software update on their refrigerator?
The problem is particularly troubling in an industry where there are Internet routers in every office and a Voice over IP phone on every desk. Even if an attacker can’t get into your computer because it’s running anti-virus software, she can still get eyes and ears in your office by hacking an IP phone or video console unit. And since those devices are behind office firewalls, she might even be able to infiltrate network servers from there.
In an attempt to implement a large-scale solution for corporate and government application, a group of Columbia University researchers have started a company, Red Balloon, to sell security defenses for embedded devices—i.e., the little computers in electronics that don’t look recognizably like a laptop, desktop, or server. The group has funding from Columbia and the Department of Homeland Security, and had funding from DARPA for earlier research. Last week at the security summit RSA Conference, Red Balloon presented a new hack of Avaya-brand IP phones and showed how their defense system, known as the Symbiote, can alert a device’s owner to an attack.
“Now that we know that these phones can be hacked and used as eyes and ears by the attackers, it's time we started demanding real security on the phones,” says Ang Cui, Red Balloon’s chief scientist. “These phones, like most other embedded devices I've looked at, are about as protected as my laptop back in 2006, without anti-virus.”
In the past Red Balloon has demonstrated exploits of multiple Cisco IP phones. Combined with the Avaya demonstration, they have now exposed vulnerabilities in products that together represent more than half of total IP phone market share worldwide. That’s a lot of vulnerable phones.
Cui, along with Red Balloon’s director Salvatore Stolfo and the rest of their research team, are offering corporations and government agencies a free pilot license of their package of defense products, AESOP. The goal is to install the product on the large quantity of devices these groups already use to offer protection, but also do recon to see if the devices have already been exploited, and by whom. Long term, the idea is for Red Balloon software to come standard on new devices so they are pre-protected for consumers.
The main component of Red Balloon’s defense, the Symbiote, is a small piece of code that is injected into a “host” device. The product is “operating system agnostic,” meaning it can analyze and protect any device even if it is running a proprietary operating system that Red Balloon couldn’t have accessed and parsed in advance. Once injected, the Symbiote lies in wait, monitoring the system for suspicious activity like modifications in certain parts of the code. If it detects something, the Symbiote alerts the device’s owner and other Symbiotes running on the same network.
The Red Balloon researchers aren’t the only group working on defense solutions for embedded devices, though. At MITRE, a nonprofit that runs federally funded research and development centers, researchers are using work started at Carnegie Mellon University to develop their own approach to system security. Xeno Kovah, MITRE’s information security engineer, explains that the approach he is working on also lives on a device, but isn’t looking for code modifications. Instead it assumes that an attacker has full knowledge of the system she is hacking, and allows her to try to conceal her presence on the device. This very attempt at concealment involves sending requests to the device system that create a detectable change in the amount of time it takes for requests to be answered on a device, indicating the presence of the attacker.
MITRE’s Kovah points out that if Red Balloon’s Symbiote is focused on checking whether code is intact, an attacker could manipulate the system to make the Symbiote think that the system still looks the same when it’s actually been modified. Additionally, Kovah points out that not all attacks involve modifying code. Instead, some are targeted at redirecting the flow of data through a system in deleterious ways.
“The software Symbiote definitely does defeat the type of attackers that are in the wild right now,” Kovah says, but “I don’t have a lot of faith in it long-term.” Kovah worries that if an attacker can control and warp measurements of a system she can make products like the Symbiote send back normal readings even though a device has been compromised.
Cui says that he thinks timing-based attestation is a strong option in some contexts, but is “infeasible for the general case.” And he adds that AESOP, the security software suite, includes a component for evaluating the code that coordinates software and hardware (the firmware) and removing any unnecessary or easily repeatable code that a hacker could infiltrate or hide behind. Most importantly, AESOP is both a pilot of Red Balloon’s products and “a recon mission for us to find real embedded attacks in places we think we'll find them.” The data from the pilot will inform Red Balloon’s next development steps by giving the group more information about who is currently exploiting embedded device weaknesses and why.
Everyone agrees, though, that embedded devices “have negligible security,” as Kovah says. “At least the Red Balloon approach gives you some ability to detect whether or not there’s manipulation of the device. That’s the kind of capability that’s not widely available.
Hollywood's Copyright Lobbyists Are Like Exes Who Won't Give Up
You know when you break up with someone and they just don’t get the message? A few months later, they’re trying again, testing the waters with a few small things that just keep getting bigger. They friend you again on Facebook. They start liking your posts. They show up at a party they expect you to be at. They ask you for drinks, just to “catch up,” you know? And then they talk about the way things used to be, and if only you two could try again. And you’re like, “What part of ‘I never want you to be a part of my life’ did you not understand?”
The copyright lobbyists in D.C. are following this ex-boyfriend playbook.
Let’s begin with the breakup. Under the 1998 Digital Millennium Copyright Act, Tumblr, YouTube, Reddit, WordPress, and Facebook aren’t responsible for the copyright infringement of each of their millions of users, so long as they take down specific posts, videos, or images when notified by copyright holders. But copyright holders thought that wasn’t good enough. They wanted to take down whole websites, not just particular posts, and without ever going to court. In 2011, they proposed a bill that would let them do just that.
It was called SOPA.
This Drummer Has a Third Arm
It would be pretty amazing to have three arms, but it would feel even stranger to go from one to three. At Georgia Tech, a music technology researcher, Gil Weinberg, is taking the work he's done on robot musicians and using it to create prosthetics for amputees. Rick Allen from Def Leppard is back!
The prosthetic is really two arms in one. The first uses a computer to process physical inputs from the wearer as she flexes her muscles. But the second portion moves autonomously, improvising along with music. There is currently one prototype of the prosthesis that was made especially for drummer, Jason Barnes. Barnes lost his right arm below the elbow two years ago in an accident. Since he is a student at the Atlanta Institute of Music and Media, he had the resources to build himself a prosthesis, but it was limited, and he couldn't really play the drums while wearing it, even though he could move the elbow of the device.
The Georgia Tech prosthesis is different because its sensors respond to fine differences in Barnes' bicep muscle movements, which translate to more precise control over the drumstick. “Now I can flex and send signals to a computer that tightens or loosens the stick and controls the rebound,” said Barnes in a press release.
Since the second “arm” moves and drums on its own, Barnes has control over whether he wants to use it at a given time. Weinberg said in the press release, “Jason can pull the robotic stick away from the drum when he wants to be fully in control. Or he can allow it to play on its own and be surprised and inspired by his own arm responding to his drumming.”
Having a third arm at all is weird to think about, much less one that thinks and drums on its own, but for someone dealing with the loss of an arm it's kind of cool to get a bonus. “I’ll bet a lot of metal drummers might be jealous of what I can do now,” Barnes said. The cyborgs shall inherit the earth.
But Wait, There’s More (Winter)
A storm currently crossing through the Pacific Northwest will join forces with yet another Arctic blast pushing south from the still-frozen Canadian Shield. Snowstorm number infinity of this legendary winter comes courtesy of a phasing of energy from the jet stream and an ample supply of cold air perfectly positioned for maximum effect. (Phasing is a term meteorologists use when low pressure centers merge, which tends to amplify their effects.)
That’s what is headed our way on Wednesday, to bring a superfluous coating of flakes from Chicago to Maine. This may be the storm that breaks the all-time snowfall record in places like Indianapolis and Detroit.
Aggressive Hackers Brought Meetup Down. Here's How It Came Back.
Last weekend, the event coordination site Meetup was down. If you've ever seen the part in The Social Network where fictionalized Mark Zuckerberg says, "We don't crash ever! If the servers are down for even a day, our entire reputation is irreversibly destroyed," you know how dramatic this stuff can be. It took Meetup from Feb. 27 to March 3 to completely restore service stability. So what happened?
Meetup was hit with a distributed denial-of-service attack (DDoS), in which an attacker uses a virus to take over a number of computers, then uses those comuters to send an extremely high volume of packets to a server until its switches are too overwhelmed to process actual user traffic. DDoS attacks are a classic and common hack but have gotten much more severe in recent months. Jag Bains, the chief technology officer at the security firm DOSarrest, told Reuters, "It's really a game of cat and mouse. I'd like to say we are ahead, but I just don't think it's true."
On Thursday, Feb. 27, Meetup began experiencing a DDoS attack, and Meetup's CEO, Scott Heiferman, received an email attempting to extort $300 from the company to stop it. Meetup was reluctant to negotiate with criminals, but the amount the hacker was asking for was also so small as to be suspcious. The team was concerned that if the company paid the money, it would be further exploited and would also send the signal that such a ransom demand could work on other companies.
"When someone steals a credit card, the first thing they do is try a four- or five-dollar charge and see if that goes through," says Brendan McGovern, Meetup's CFO and co-founder. "Once they’re successful there, they know that they have an open pipe, and that’s when they hit you for a few thousand dollars. So we decided early on to not engage at all, to not respond, and not pay. And, in the long term, that served us. If everyone is not paying, and these types of attacks are just not successful, then perhaps they’ll stop."
Meetup's CTO Gary Burns says that the most important lesson was that companies should foster close connections with their Internet service provider because the attacks can't really be controlled without the ISP's help. On a day-to-day basis, Meetup has been able to deal with unusual traffic by doing things like blocking IP addresses that generate heavy traffic or setting up firewalls. But in this case the amount of traffic was too overwhelming.
"The traffic that was sent to us was large enough that it started to be a problem for the ISP, the level above us," Burns says. "So there wasn't a lot we could do to try and mitigate the attack because it wasn't within our control. What's really important is the relationship you have with your ISP and the flexibility you have there." Meetup is also ensuring that all of its systems and partners' systems are fully upgraded and patched to reduce network vulnerabilites. But Burns warns that patching weaknesses needs to be an Internet-wide effort to truly be effective.
McGovern says that Meetup's losses will be in the hundreds of thousands of dollars, between extending all organizer subscriptions by seven days (subscriptions are about $15 per month), losing out on new subscription sales while the site was down, and spending money to mitigate the attacks.
"It’s significant but, and I’m actually authentically being serious about this, it paled in comparison to the amount of pain that was suffered by the Meetup members and organizers in the community. We’ll take a big hit financially, but to see all the people who had a really rough four or five days while they were relying on us is a much more painful number." Humanity emerges in times of crisis.
It's Surprisingly Easy to Make a Cryptocurrency
Future Tense covers a lot of cryptocurrency news because the topics are interesting but also complicated. It's hard to know exactly what the implications of cryptocurrency are and who should be using it, if anyone. But keep in mind that the code that underlies bitcoin, the world's biggest and oldest cryptocurrency, is open source. That means that "altcoins" can use the bitcoin code as a jumping-off point to develop their own currencies. To figure out what it takes to start a cryptocurrency, the staff of the tech blog Ars Technica started arscoin.
Business editor Cyrus Farivar led the initiative. He writes, "As the new year began, I found myself writing about several new (and often ridiculous) altcoins ... It got me thinking: if anyone can just up and create a new altcoin, how hard can it be?" Because it's for education, the arscoin system is locked down so people can't exchange arscoins for goods outside Ars Technica channels. But they can use them to buy things like colorful usernames on the Ars site or digital username hats. You also pay to change or remove your username color or hat.
Arscoin is a normal cryptocurrency in the sense that more arscoins enter the system by mining them, and the more arscoins that exist, the more computing power it takes to mine one. Farivar writes:
Arscoins, like any altcoins, are worth whatever the market will bear. This is worth emphasizing: they’re worth whatever someone is willing to pay for them, whether it's $5, $500, or $5 trillion. One evening early in our experiment, I asked my wife what she would trade for 5,000 Arscoins. Her answer: “A kiss?” Boom! A market had been created.
The Ars Technica team went from puzzling over the bitcoin source code to a make-your-own altcoin service called Coingen.io to mining and setting up a storefront that accepts arscoins. "After experimenting with Arscoin, we learned that it's fairly easy to get a cryptocurrency going," Farivar writes. But that doesn't mean you should. The piece points out that more altcoin currencies means less "digital scarcity," aka less value and usefulness. But it also notes that making altcoins easy to create could lead to interesting microeconomies and more diversity. If it's all still seeming abstract and esoteric, join the arscoin community and mess around.
Judge Clears Path for Beer-Delivery Drones—Almost
For many dark, droneless years, breweries and other companies have been stymied from developing airborne delivery to consumers by the Federal Aviation Administration’s insistence that commercial drones are illegal. But in a victory for beer-drone justice, the National Transportation Safety Board, the federal entity that hears appeals of FAA enforcement actions, overturned the FAA’s $10,000 fine against Raphael Pirker. In 2011, Pirker flew a drone over the University of Virginia in Charlottesville to shoot a promotional video for commercial purposes. On Thursday, Judge Patrick Geraghty found that “there was no enforceable FAA rule” against Pirker’s aircraft.
So soon we’ll be able to have a six-pack of our favorite brew flown to our doorstep, right? Not so fast.
Though the ruling looks good for commercial drone operators, Geraghty expressly limited the scope of his decision to “model aircraft.” Any unmanned aircraft systems, or UAS, that exceed that definition would not be not covered by the ruling.
Geraghty’s opinion also falls short of stating affirmatively that the FAA does not have the authority to regulate drones. In reviewing FAA documents governing UAS, the judge wrote that the documents were not substitutes for any regulatory process and were only meant for internal FAA guidance, not the general public. In a 2007 Federal Registry publication, the FAA attempted to “set forth the current FAA policy for UAS operations,” according to its policy statement section. But because this intent was self-defined as a statement of policy, “it cannot be considered as establishing a rule or enforceable action, since … policy statements are not binding on the general public,” Geraghty said. The FAA can appeal Geraghty’s ruling.
I suspect that Geraghty is conscious of both the fragile legal foundation for the FAA’s current drone regulation and the need for the FAA to regulate drones. As I wrote earlier this week, the FAA arguably does not have the authority to create its current permitting and regulatory system for drones. However, it is possible that there will be tens of thousands of drones in the air in the next 10 years. We don’t want them flying around—and into the ground—with no oversight. Of all federal entities, the FAA should have the authority to regulate them, and the apparent intent of the FAA Modernization and Reform Act of 2012 was to grant the FAA that authority and remove the existing doubt.
What the current controversy confirms is the need for us to update and amend our laws to accommodate technological breakthroughs—drones, autonomous technology, artificial intelligence, etc.—that do not conform to the assumptions of our existing laws. If we don’t, our laws will become ineffective in the face of change with potentially serious consequences. And that will drive anyone to drink.