I'm working on a project in malaria genetics this summer, and I was shocked to find out that the entire analysis toolkit is entirely based on math and statistics (and some non-trivial stuff too, e.g. hidden Markov models to predict CNV). Genotype likelihoods throw an extra wrench into the process, since even basic stuff like predicting allele frequencies requires a maximum likelihood estimator instead of simple counting. This whole area was quite eye-opening, and I'm still amazed that reading billions of base-pairs in DNA sequencing reliably works.
> Public health officials say it started when an international traveller attended a wedding in New Brunswick last October. New Brunswick's outbreak ended in January, but guests at that wedding had already brought the virus to southwestern Ontario, where that province's outbreak was concentrated among closely knit Mennonite communities.
International travel + spread among low-vaccination communities.
Yes signatures would prevent that, but as you noted it isn't enabled by default so most people don't use it. Optional security features don't count in my book :)
For the rebuttal you posted, I'll respond to one thing:
> The entire rant is basically about how OpenPGP is old and therefore bad and how new things, sometimes only vaguely defined, are good. So let's address this first.
> If someone, while trying to sell you some high security mechanical system, told you that the system had remained unbreached for the last 20 years you would take that as a compelling argument. You would be unlikely to demand a newer design. Normally old designs that have stood the test of time are valued. Cryptography is based on mathematical/logical principles. Such principles don't age out on any sort of a schedule and are valued in some cases for thousands of years.
The "unbreached for the last 20 years" conclusion about mechanical security systems does not immediately apply to mathematical ones, and we can indeed see that it is empirically incorrect. The cryptographic world is littered with the corpses of cryptographic algorithms that were secure for decades and are now broken (MD5, SHA1, DES, small RSA keys, TLS 1.0), and their C implementations that had horrible vulnerabilities (HeartBleed, etc). Mathematical proofs will not help us here either, since e.g. there is no proof that GPG is IND-CCA. (Which is unlike new systems, which do have proofs!) GPG had its day, and now it should be retired.
Also, the quantum threat is a reasonable one in the "store now, decrypt later" model. A lot of people presumably use git to store their password store online and would be vulnerable to this. The passwords in the files would probably not be important anymore once quantum computers are created, but any other long term data or other personal information that people store in there could be decrypted.
For use with multiple devices you can copy the database file to each of them, a smarter approach using syncing is very complicated and not one I considered here.
This article goes into some of the deficiencies of using GPG with pass. In particular, GPG uses asymmetric keys, so someone could encrypt a new password file with your public key and you wouldn't know.
Pass is great, but GPG keys are complicated and add a lot of extra overhead if you don't have one already. Frankly I cannot recommend anyone use GPG today for any purpose. I wrote a much simpler CLI password manager instead that meets explicit security models.
It's also an SUID binary so in theory the same thing could happen. However it's much simpler than sudo so the odds of a bug creeping in like this are much smaller.
> As usual, there was a lot of cleaning up going on, and there notably, a good chunk of this year’s Google Summer of Code project to clean out the issues reported by Coverity Scan is already in.
Yup, they're working on coreboot support. If you're in Europe Tuxedo Linux is also working on coreboot, and the Purism laptops ship with it out of the box.
I'm optimistic about the OLinuXino boards from Olimex. They're certified open source hardware by OSHWA, with all the bootloader code, schematics, and even CAD files on Github. I think the Mali firmware is the last holdout, but with the new Lima and Panfrost drivers landing in Linux we may soon have replacements for that too.
I'd even recommend Aegis [1]. Also open source with encrypted backups, but has better crypto than andOTP (both devs talk a bit about it here [2]). Plus, it can do imports from other OTP apps for easy migration.
I personally agree with the philosophy of the author: I think all software should be free, and in the perfect world, I would license everything I do under the GPL. However, not everyone in the open source world has this philosophy. A lot of people prefer more permissive licenses like Apache and MIT, and using the GPL excludes these people and projects from using the code - by its viral nature, any single usage of the GPL would force the entire project to be under the GPL as well. Cooperation is the greatest strength of the FOSS world, and so I'm willing to compromise a bit to make that possible. As such, I personally prefer the MPL - it is a weak copyleft license that enforces all modifications to the source code itself are released back (important for me), but unlike the GPL is not viral and will not spread outside its own source files to other projects (important for others). This way I can keep the project and all modifications to it free, but also allow it to be used by others who don't share that point of view.
I made a similar switch to Lineage about a year ago, and it's also been absolutely great. No regrets whatsoever. Also, AFAIK you can root your phone to fool play store checks, using something like Magisk if that's important enough.
> The success of Riemann’s project is strong evidence that the whole numbers – which we think of as static, unchanging quantities – are really some kind of shadow or projection of the Hegelian integers. The Zeta function reveals more because it represents whole numbers as what they actually are, that is dynamic contradictions of being and nothing.
> But, in addition, the Zeta function represents the whole numbers as a sublated unity, where the entities internally relate via the exchange of a conserved substance. And this whole moves and changes with time. This is quite unlike the vision offered by set theory.
The way modelling normally works is you have a certain phenomenon (falling rocks, fish populations, market booms-and-busts) that you attempt to describe numerically, and then create a mathematical model to make conclusions about the phenomenon. Here we have the opposite: the author takes the phenomenon (the Hegelian contradiction) and uses the model to make conclusions about mathematics!
Hello! I am a fourth year undergraduate in pure mathematics, and have taken many of the classes in your list (especially in the first and third categories), so I'll try to give some advice.
First of all, what you're about to do is an very large endeavor - mathematics is a difficult subject, and learning math will take great persistence and self-motivation, especially if you are self-learning. However, it is also extremely rewarding - mathematics is a beautiful subject, and learning math has easily been one of the most enjoyable things I have ever done.
For the next point, if you want to go deep into math, then you will have learn how to prove things. The heart of math is not at all computation, but ideas, and to know that ideas are true, we need proofs. All of pure mathematics is based on rigorous formal reasoning and proofs, and sadly, most high schools and even universities never touch this part of math. If you have never seen proofs before, I would first recommend reading the book How to Prove It: A Structured Approach by Daniel J. Velleman, which goes through basic set theory, logic, and various proof techniques. Most importantly, it will give exercises for you to practice. Let me say this now: it is impossible to learn math without doing exercises. Again, this will take some work, and the beginning may be a bit slow, but as I said above, it is extremely rewarding - there are few things so satisfying as finding a beautiful, clean, or elegant proof. I hope you will enjoy this as much as I have.
Now then, let's dive into the courses and textbooks. I'm going to model this after what I did in my degree. Many of these topics require earlier ones as prerequisites, so I'm going to organize them into several layers. Some of the textbook recommendations may be a bit difficult, since in many of my classes the professors taught out of their own notes and left textbooks only as references, but I'll do my best. In your "first year", so to speak, there are three main things to learn:
- Single variable calculus, differential and integral. You likely know calculus already, but again, we are now taking the proof based road! The canonical text for this topic is Calculus by Michael Spivak. It's what I used in my first year, and most importantly, comes with a solution manual :)
- Linear algebra. As others have noted, linear algebra is absolutely crucial for many other subjects. I personally learned from Algebra by Michael Artin, but have heard very good things about Linear Algebra Done Right by Sheldon Axler, so I'd probably start there.
- Graph Theory and Combinatorics. These are I think are somewhat more accessible than the others (perhaps at least more intuitive), so I might actually recommend trying these first. For the basics, try A Walk Through Combinatorics by Miklos Bona.
By the way, whenever I need to find a textbook on a subject, I just Google "best (subject) textbook", and try to find the Math Stack Exchange post where someone has asked this question. (Eg. here's [0] the one for graph theory, which is where I got the combinatorics book.)
Now, this post is already getting long enough, so I'll post this for now and follow up the rest in another comment.
Also gotta shout out to these incredible molecular animations by WEHI: https://www.youtube.com/watch?v=7Hk9jct2ozY