HackerTrans
TopNewTrendsCommentsPastAskShowJobs

tastroder

1,381 karmajoined 8 years ago

Submissions

Oracle lays off employees as it curbs costs during AI buildout

businessinsider.com
2 points·by tastroder·3 months ago·0 comments

comments

tastroder
·13 days ago·discuss
> We do not sell IDP software and we are not paid by any vendor named here.

The vendor list contains your own product and you, as in the company you co-founded, pretty clearly sells IDP software. https://idp-software.com/vendors/konfuzio/
tastroder
·3 months ago·discuss
chrome://on-device-internals reports "Model Name: v3Nano Version: 2025.06.30.1229 Folder size: 4,072.13 MiB" on a random Windows machine I just checked.
tastroder
·3 months ago·discuss
https://cacm.acm.org/research/the-tail-at-scale/ (hedged / tied requests)
tastroder
·4 months ago·discuss
SSRN is a preprint server and that is the only published version.
tastroder
·10 months ago·discuss
I clicked on a few red team "scenarios" if you want to call them that, a few of the tiles look like output of regular tools vaguely related to each but the rest - including the main "terminal" thing - seems more on the fictional side to the point I don't see this being educational.

There's plenty of training material out there these days actually using these tools in contained but realistic environments, if education is the goal just go for those.
tastroder
·6 years ago·discuss
Yeah that's fair, especially your last point. In a perfect pandemic-fighting world we could just have an app that did that, the decentralized model adopted won't be that specific. It would be more something along the lines of uncle dave getting a notification. I share your concern on initial adoption, especially since I could not find hard data on places that already implemented apps. I would expect an initial rush and then a plateau instead of WhatsApp like growth as some people expect. As for your specific questions I can only offer a few points on two of them given what we know about the current plan here in Germany, that highly depends on the country and I honestly have not looked at how health authorities work in the US very much.

> What happens if the app flags them as possibly infected? Can they call a hotline to give them information or is it just some automated crap they hear?

The new vendors here in Germany were especially chosen with the argument that they are able to operate 24/7 human phone support. With the decentralized approach they'll get a lot of people flagged and at the moment it seems like the app would suggest to them to call up that number (or likely offer that as an alternative to the other established contact points). Those phone contacts could then talk them through the next steps or, should testing become too limited at any point, through an assessment if testing makes sense for them / voluntary self quarantining can be done / ...

> It works using bluetooth. How much power drain on their batteries are they willing to accept?

In centralized models as proposed by PEPP-PT/ROBERT(France) or NHSX(UK) there's a few ways explored to minimize battery usage on Android, the APIs on the iphone require the screen to be turned on for this use case and must subsequently be horrible for battery usage. The decentralized model that was adopted adopted by many countries is supported by Google/Apple as OS vendors with battery usage and interoperability with other Bluetooth usage in mind, I doubt there will be much of an impact (at least not any that would drive significant user numbers away from voluntary use).
tastroder
·6 years ago·discuss
When discussing the paper I linked this article says "That sounds hard. The good news is that, done well, this measure alone could stop the epidemic. But even if you don’t do it well, it contributes." and correctly calls for combination with other measures. That's my main point, even if it's not as good as manual contact tracing the allegation that this is "tracing app" vs. anything else is just a pointless debate that Schneiers post seems to further. Like the article you posted seems to say, we should improve manual tracing and testing as well but I haven't seen anything in there that would support the Schneier viewpoint on first glance. Looks like an interesting read for later though, thanks for sharing!
tastroder
·6 years ago·discuss
> I'm not against a tracing app, but lots of unsolved questions aren't even discussed openly.

Weird, I see the points you made brought up in many discussions that are tad more professional than a Twitter argument.

Your first point is addressed by the fact that these apps are developed in tandem with health authorities. You don't just get locked away for two weeks because your phone popped up a notification. Just like there's stages for isolation there's ways to make this more compatible with regular life and still maintaining an impact on hindering the spread of this pandemic, e.g. getting you tested quickly instead of automatic isolation. Of course from an epidemiological standpoint one might argue that immediate isolation would be advisable but I doubt that would go over well in most democracies. The job loss argument seems like the economic impact argument brought up a lot over the last few weeks. On a population scale, an asymptomatic superspreader is likely far more expensive than somebody not going to work for a few days until they got tested so it could/should be addressed by policy makers. If your politicians can't figure out how to make mandatory sick leave happen during an active pandemic I'm not convinced a contact tracing app is the problem.

The debate on voluntary or mandatory usage will surely be interesting, though I don't see how making it mandatory would not lead to people actively avoiding it's use and thus lessening the efficacy.
tastroder
·6 years ago·discuss
That completely depends on your definition of useful, how people react to a "hit" in the application, and a bunch of other factors honestly.

Figure 3 from the paper I linked contains a heatmap [0] that shows the simulated impact on r in different isolation scenarios vs. completely manual contact tracing. That's where those widely cited 60% adoption come from. In my, non-epidemiologist, view what matters more is that a) the gradient in this is better than completely manual contact tracing and b) I have yet to see anything that suggests it did not help in Singapore. While their product lead [1] is a biased source, he correctly points out that working in tandem with health authorities is critical for these efforts. If these apps aren't made only for technologies sake I do not really see how they would hurt. They have 20% there, quite some experience with outbreaks, and didn't replace it yet so I'd figure 20% would be a good enough data point for other countries to evaluate the approach on the scale of a population. And afterwards they would have to be re-evaluated constantly, just like any other measure politicians and epidemiologists currently propose to address the pandemic. We imho don't have enough data yet to even remotely answer "this amount helps", "this is how good they are" but I don't really see how that justifies these "this isn't perfect so it is dumb" reactions in the other direction.

[0] https://science.sciencemag.org/content/sci/early/2020/04/09/...

[1] https://blog.gds-gov.tech/automated-contact-tracing-is-not-a...
tastroder
·6 years ago·discuss
https://twitter.com/eredmil1/status/1255934130753204224 this had preliminary results on questionnaires w.r.t. user acceptance . This https://science.sciencemag.org/content/early/2020/04/09/scie... paper looks at how effective it is given N% of the population using it and I've not seen any info that it hurt the situation in Singapore.
tastroder
·6 years ago·discuss
That's good points Schneier does not make in this post imho. The conditioning / slippery slope argument also applies to countries that currently go with the, imho, more sensible architecture of DP3T. We've seen worrying calls for including a bunch of additional features in Germany, e.g. (voluntary) epidemiological data collection and an "immunity pass" (not from the government yet but still, worrying). I think the privacy community, at least in my bubble of the internet, was excited that the scientific consensus of DP3T > PEPP-PT/ROBERT/(the NHS approach) won out over lobby interests and from their perspective was deemed the safer option.

It's not like they aren't discussing the broader implications of digital contact tracing from a bunch of angles, and I see calls for evaluating the proportionality and efficacy of these apps on Twitter pretty much daily. OTOH I don't really see how shallow dismissals of "it's plain dumb" like this blog post help the overall discussion honestly.
tastroder
·6 years ago·discuss
> [...] and Bluetooth -- just aren't accurate enough to capture every contact.

Did I miss his paper on the matter? There's dozens of groups working on this and even with a regular free space model the results seem "good enough" in <2m,15min scenarios for an additional data point.

Most of this seems to leave out that digital contact tracing is not a cure all but a tool to help manual efforts. I somewhat hate the simplification people bring here, that every additional identified contact helps, but dismissing it as "plain dumb" seems rather shallow as well. Sure, false negatives will be a thing, the false negative rate of not doing digital contact tracing at all would be higher by definition. Most of what he outlined can occur in manual contact tracing as well and we still do that, simply because it's necessary.

I haven't seen anything so far that would suggest that digital contact tracing in the poster child Singapore had any of the negative impact he brings to the table here and studies like Ferretti et al. [0] seem to make a pretty good case why it would at least not hurt the overall epidemiological goal.

> It's not accurate enough for you to quarantine yourself for two weeks. And without ubiquitous, cheap, fast, and accurate testing, you can't confirm the app's diagnosis. So the alert is useless.

The time frame and assumptions on testing capability is US centric I assume? If you can get a quick test it would not be two weeks, it's likely quick tests will become more prevalent if this sticks around long enough and testing capability will be raised to sufficient levels. Otherwise yes, false positives would quickly diminish usage.

Of course some of his points are valid and need to be addressed by OS vendors, apps and policy makers, and evaluation of efficacy will be just as critical as teaching the public that having an app does not mean things can go back to normal. There's also plenty of opportunity for abuse even with the commonly decentralized architecture that is at the moment widely agreed upon but none of that supports the allegations of this particular article imho.

The comments similarly bring up things like "surface transmission" as if that mattered at all. If you treat a contact tracing app as an additional data point it becomes much more sensible.

[0] https://science.sciencemag.org/content/early/2020/04/09/scie...
tastroder
·6 years ago·discuss
Since you're bringing up the website... I don't get this marketing strategy. The cryptocurrency angle is just as off putting as telling me as a potential customer that my data will be stored on janky servers in unreliable places, no matter if the uptime is the same. OP even claims they have reliability and experience I'd consider but those aspects sure send signals that make me not want to deal with that stack.

Just looking at the website for Sia I see a bunch of fluffy marketing stuff, fair enough, that's normal these days. But where is the selling point? https://sia.tech/technology tells me my data is stored securely and in a redundant manner, great, just like any storage provider. That is followed by "Renters And Hosts Pay With Siacoin" and talks about payment channels, which links to a wikipedia article and not something that tells me how I would even pay them, not to even talk about how much (I saw the calculator thingy on my way to that site, the messaging is still weird).

The "Getting started" call to action is a similar experience, a bunch of downloads, cool - I don't even know if you're right for me yet. I'm five levels deep into the "Getting started guide" linked there and so far found that I'd apparently have to deal with weird crypto exchanges to pay somebody for this, plus I couldn't use most of my pretty standard tooling anymore (at least not without involving one of those proxy things on the getting started page that cover a few use cases, some of which seem to be operated by others?).
tastroder
·7 years ago·discuss
Just found it through the search, it was submitted a few months back.

> But some of those are edits made by submitters, [...]

Honestly never realized that's a thing, thanks for the tip!
tastroder
·7 years ago·discuss
https://hackernewstitles.netlify.com/
tastroder
·7 years ago·discuss
> The EU doesn't prevent the "bad" startups from existing. They just prevent them from starting in the EU, which means the EU misses out on a lot of the potential upside.

To me that sentence just isn't logical. Yes, they'd prevent some them from starting in the European market with their exact original business model if they were starting out now (and not like half of them in the last millenium). None of them started out here back in their time so that sounds more like a question of market penetration than benefit for the startup culture anyhow. With the GDPR they will hopefully also prevent said market penetration for bad actors when the time comes for the next generation of startups.

If GDPR is the sole reason and, subsequently, the US chooses to foster such businesses to win in a market, more power to them. Your examples might be huge successes, but many of them are at this time considered to be either unethical (Facebook, for the most part; Google had their share of negative attention) or plain illegal (Uber for example still hasn't managed to really start out in Germany, let's throw in AirBNB for good measure - I think they were founded in about the same year - huge financial hit that leads users to break laws and contracts left and right).

The calculation of long term cost and benefit is honestly the point where this discussion switches from economical concerns to political, at least for me since I'm not versed enough in macroeconomics to begin to judge that and would always place society over monetary concerns. I'm sure neither of us can win over the other so I'd suggest we leave it at that.
tastroder
·7 years ago·discuss
Okay, let's say there is enough data and you are absolutely correct. How does that invalidate the "Even if it did, the trade-offs are worth it." response?

The US-EU funding disparity was always there, in my book this leads to less people copying ethically dubious startup patterns from their US counterparts. If GDPR is the sole reason for the decline... doesn't the benefit of the population, of quite a few countries, outweigh the impact on a few startup folks and their investors?
tastroder
·7 years ago·discuss
From that paper: "Of course, there are caveats to these findings. First of all, GDPR has only been in effect in the EU for a short time, and the effects we’ve observed may be temporary, with investors potentially taking a wait-and-see approach."

Given the year-over-year trends shown in [0] I feel like one should not overemphasize the timeframe that article looked at. The decline seems to be relatively contained at best and future development is unclear at best. And honestly, who cares, even if we suddenly got 20% of startup failures due to GDPR concerns alone. If those concerns are reasonable I'm totally fine with that.

[0] https://news.crunchbase.com/news/decade-in-review-trends-in-...
tastroder
·7 years ago·discuss
> Be real.

This is apparently a curious student that discovered a vulnerability and, judging by the way that blog post is written, is unsure how to properly disclose it. If this was your Facebook analogy, they'd have a relatively visible path to disclose that. Here, they have to potentially fear being reprimanded or criminally charged.

Under the premise that yes, granted, all that might technically qualify for some criminal act: The aspect of intent and malice are, imho, important in these discussions and should be for the corresponding laws. They found a vendor negligently handling student data, instead of dumping it somewhere, making a fuzz in the press or using it for something they try to disclose it (at least I'd hope so). It's not like the author abused that data, they tried out a proof of concept to see if access to other users could be gained. Not just out of solidarity that's something we should applaud and shield, instead of branding it as criminal behaviour.

For me this is more akin to past cases of people being reprimanded for trying to change URL parameters that are not sufficiently protected, while I see that it might be a philosophical standpoint rather than a legal one, I think the fine in these cases should go to the negligent company, not some curious individual without malicious intent.
tastroder
·7 years ago·discuss
Not sure why you'd think that not tracking attendance means that people do not attend. Pure attendance does not guarantee good performance and in filled lecture halls there's often not much to "engage" with anyhow.

We see this as academic freedom, if you miss out on in-person seminars you won't pass, if you do not go to some lecture because you have to work and teach yourself afterwards, who cares.