HackerTrans
TopNewTrendsCommentsPastAskShowJobs

quasirandom

no profile record

comments

quasirandom
·5 jaar geleden·discuss
The last quote from Desair really sums it up nicely, "The language of finance can be insidious. Words like leverage and concepts like diversification can morph from narrow financial terms into much more general ways of understanding the world."

This kind of thinking has infected corporate America, which is optimizing return based measures--typically IRR--rather than profit based measures. That kind of thinking will lead you to believe offshoring your fabs is a good idea, because is reduces assets in the denominator.

On the other hand, financial thinking can help you better understand the world. One of the more powerful insights that comes to mind is Merton's model of corporate capital structure. It turns out that equity is "equivalent" to a long call on firm assets and debt is "equivalent" to a risk-free bond and a short put on assets.

Seeing things this way tells you something about how firms are run. Equity owners (management) have an incentive to increase asset volatility, which increases the call value. This value is taken straight from the bond holders short put. This is why you see buybacks in situations where buybacks seem crazy (Intel in 8/2020).

https://www0.gsb.columbia.edu/faculty/ssundaresan/papers/Mer...
quasirandom
·5 jaar geleden·discuss
Who said anything about a border? A person was arrested in Seattle for throwing a Jose Cuervo bottle imported from Mexico. The importation was the "foreign or interstate" nexus. Do you own anything that is not imported? That's legal nihilism.
quasirandom
·5 jaar geleden·discuss
What's the difference between the US and a despotic regime? We have a gulag system. There is a degree of legal nihilism that borders on lawlessness. For example, the DOJ charged someone with a federal crime for throwing an imported tequila bottle. When the laws mean anything and nothing, you have rule by fiat. There's corruption everywhere...
quasirandom
·5 jaar geleden·discuss
> The difference being that then we saluted getting access to raw data, whereas now we are being conditioned to consider them "misinformation".

I like this point. I wish it would be reported as an "influence operation" rather than "misinformation". The most effective propaganda is 80% true.
quasirandom
·5 jaar geleden·discuss
\
quasirandom
·5 jaar geleden·discuss
Its been a while, but I just read an article arguing the case that Len Sassaman was a Satoshi. It was a neat article, so I watched one of Len's Defcon talks about remailers from waaay back in the day.

In his talk, Len mentioned that most remailer security analysis assumes homogeneous Poisson email arrivals. He pointed out how bad an assumption that is for email.

I still think it was a solid assumption in the Bitcoin white paper.

https://leung-btc.medium.com/len-sassaman-and-satoshi-e483c8...
quasirandom
·5 jaar geleden·discuss
> It really comes down to how it's used

I absolutely agree. The thing that concerns me is these cameras sitting on the internet. It says something about how overworked the security team is. I trust that they have good faith, but I don't know if they have the resources they need.
quasirandom
·5 jaar geleden·discuss
There's more information here as well. Cloudflare was apparently operating network connected facial recognition cameras in their offices.

I'm not someone who's crazy about privacy, but this is a pretty dark indicator for a company housing DNS query records. Maybe its time for someone to build a proxy for tunneling Cloudflare DoH/DoT over tor or some other free mixing network.
quasirandom
·5 jaar geleden·discuss
Or the commercial model that identifies criminals from their photograph. Turns out people who frown are criminals. People who smile aren't. Or so you'd believe if you anchored your expectations comparing mug shots to social media profile pictures.
quasirandom
·5 jaar geleden·discuss
It would be nice to see a logistic regression using at least some of the features known to be useful (including geography and income).

That way we can see how much of the performance is from magic AI pixie dust, and how much is from basic 19th century statistics.

Every time I read a paper like this, I have this Margaret Mitchell talk [1] in the back of my mind.

[1] https://youtu.be/XR8YSRcuVLE
quasirandom
·5 jaar geleden·discuss
When I read a paper like this I'm looking for four things: (1) the data, (2) the benchmarks, (3) the architecture, (4) the controls/ablation.

1. The data:

"We used a sample of 1,085,795 participants from three countries (the U.S., the UK, and Canada; see Table 1) and their self-reported political orientation, age, and gender. Their facial images (one per person) were obtained from their profiles on Facebook or a popular dating website... Facial images were processed using Face++37 to detect faces. Images were cropped around the face-box provided by Face++ (red frame on Fig. 1) and resized to 224 × 224 pixels."

2. The benchmarks:

"For example, when asked to distinguish between two faces—one conservative and one liberal—people are correct about 55% of the time."

3. The controls:

"What would an algorithm’s accuracy be when distinguishing between faces of people of the same age, gender, and ethnicity? To answer this question, classification accuracies were recomputed using only face pairs of the same age, gender, and ethnicity."

A. A complaint:

Geography and income are two powerful conditioners. These can leak in so many ways: uncropped background (geography), image color and quality (income), eyeglass shape (geography and income). This study really needs more controls. Geography and income would be a nice start.
quasirandom
·5 jaar geleden·discuss
Some problems that Fukushima had: 1950s vintage design, active cooling system, backup power at sea level in a seismically active area. This kind of failure was not just predictable, it was predicted.

People travel to Japan from around the world to learn how to build earthquake resistant structures. Their nuclear engineers are top-notch. It was the bureaucracy that failed, not the talent.

In short, the problems were human not technical. People get complacent and greedy. They use every procedural tool they have to delay upgrades, maintenance, and improvement. I think that is at the core of most nuclear skepticism. Does anyone honestly think the United States has institutions sound enough to safely manage nuclear power over multiple decades? Or will they neglect basic maintenance and upgrades?
quasirandom
·5 jaar geleden·discuss
Is Figure 8 an unconditional empirical CDF of inter-arrival times? Apart from the heavy right tail (which covers ~0.01% of the data), it looks pretty exponential to me. If I'm understanding what I'm seeing, it sounds like like the homogeneous Poisson assumption was pretty solid. Especially considering its purpose. Maybe it would have been more accurate to say "there's a mixture of two Poissons: the bulk and the network disruption". But I think that possibility would occur to most people reading the paper at the time.

Also, Figure 7 seems to show very little change in mean block inter-arrival time.

In fairness the authors say, "Performing the Lilliefors test on the LR data rejects the null hypothesis that block mining intervals are exponentially distributed, at a significance level of α= 0.05." But this isn't physics. We want to know how useful the approximation is, and whether there is a similarly tractable one with better predictive power.
quasirandom
·5 jaar geleden·discuss
Feynman's lectures on the character of physical law should be something everyone sees in school.

   In general we look for a new law by the following process: first we guess it, then we compute the consequences of the guess... and then we compare those computation results to experiment.  

   If it disagrees with experiment it is wrong. In that simple statement is the key to science.  It doesn't make a difference how beautiful your guess is.  It doesn't make a difference how smart you are, who made the guess, or what his name is.  If it disagrees with experiment its wrong, that's all there is to it.

   Notice however that we never prove it right... In the future there could be a wider range of experiments, or you could compute a wider range of consequences, and you may discover then that the thing is wrong. That's why laws like Newton's laws for the motions of planets last such a long time... It took several hundred years before the slight error in the motion of Mercury was developed.
https://www.youtube.com/watch?v=EYPapE-3FRw
quasirandom
·5 jaar geleden·discuss
> Since nobody knows how to reliably ship secure commercial software, liability will mostly have the effect of making it difficult to start new software businesses.

I think you would agree that having critical string parsing logic written in C and shipped in an opaque binary is both negligent and more dangerous than a reasonable person would expect. Traditional products liability claims focus on those kinds of questions: was there negligent conduct? is the product more dangerous than a reasonable person would expect?

Attaching some kind of liability is a good way to encourage the industry to settle on standards of non-negligent conduct. If you provide vendors an opt-out mechanism (e.g. disclose your source and there's no liability), it will not dramatically interfere with the cadence of development.

Common law is very well suited to establishing standards in a dynamic environment. It got us through the first industrial revolution.
quasirandom
·5 jaar geleden·discuss
A really good way to learn about concurrency is to write a SOCKS5 proxy. Start with a simple one using Python threads, then Python asyncio, and if you're brave C sockets with poll/select. The C parts are in Beej's guide to network programming. The SOCKS5 spec is very simple and has an RFC.
quasirandom
·5 jaar geleden·discuss
Two bits surprised me.

First, Intel is apparently collecting telemetry underneath the OS?

   "The ITH can trace different internal hardware component (VIA - Visualization of Internal Signals, ODLA - On-chip logic analyzer, SoCHAP - SOC performance counters, IPT - Intel Process Trace, AET - Intel Architecture Trace), and external component like CSME, the UEFI firmware, and you can even connect it to ETW. *This telemetry eventually finds its way to Intel in various methods*."  
The second is the nested complexity. The sheer quantity of stuff running before the bootloader is staggering. How is it possible to secure these nested trees of computers-in-computers?
quasirandom
·5 jaar geleden·discuss
Or just distribute your source with the binary, and opt into the no liability regime.
quasirandom
·5 jaar geleden·discuss
> but I can't think of any realistic policy that could be applied to stop these kinds of attacks, not without massively disrupting the technology industry at the same time

Why wouldn't Dan Geer's proposal to attach traditional products liability to closed source software improve the situation? Over time, source availability and reproducible builds should make this kind of thing a lot more difficult without wrecking anyone's budget. No?
quasirandom
·5 jaar geleden·discuss
I think part of the reason Feynman got as far as he did--apart from his unusual innate talents--was his skepticism of formality.

Measure theory will tell you exactly when this result is true, but it is possible to grok the result with only a basic understanding of differentiation and integration. Feynman called this "the Babylonian approach" to mathematics.

    F(t) = integral(a,b) f(t, x) dx
         ~ sum(i) f(t, xi) * Dx

    F'(t) ~ (F(t+Dt) - F(t)) / Dt
          = integral(a,b) f(t+Dt, x)-f(t, x) dx/Dt
          ~ sum(i) (f(t+Dt, xi) - f(t, xi))/Dt Dx
          ~ sum(i) f'(t, xi) Dx
          ~ integral(a, b) f'(t, x) dx