BC TECH
Saved by @ThomassRichards

Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

 Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.
But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework
We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law
But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
Previously used a method called "swapping" with secret parameters
* differential privacy is open and we can talk about privacy loss/accuracy tradeoff
* swapping assumed limitations of the attackers (e.g. limited computational power)
Needed to design the algorithms to get the accuracy we need it and tune the privacy loss based on that.

Change in the meaning of "privacy" as relative -- it requires a lot of explanation and overcoming organizational barriers.
By 2017 thought they had a good understanding of how differential privacy would fit -- just use the new algorithm where the old one was used, to create the "micodata detail file".
Surprises:
* different groups at the Census thought that meant different things
* before, states were processed as they came in. Differential privacy requires everything be computed on at once
* required a lot more computing power
* differential privacy system has to be developed with real data; can't use simulated data to do this because the algorithms in the literature weren't designed for dats anything like as complex as the real data (multiracial people, different kinds of households, etc)
* to understand the privacy/accuracy trade-off requires a lot of runs, representing a *lot* of computer time
Census bureau was 100% behind the move
* initial implementation was by Dan Kiefer, who took a sabbatical
* expanded team to with Simson and others
* 2018 end to end test
* original development was on an on-prem Linux cluster
* then got to move to AWS Elastic compute... but the monitoring wasn't good enough and had to create their own dashboard to track execution
* it wasn't a small amount of compute
* republished the 2010 census data using the differentially private algorithm and then had a conference to talk about it
* ... it wasn't well-received by the data users who thought there was too much error
For example: if we add a random value to a child's age, we might get a negative value, which probably won't happen to a child's age.

If you avoid that, you might add bias to the data. How to avoid that? Let some data users get access to the measurement files [I don't follow]
In summary, this is retrofitting the longest-running statistical program in the country with differential privacy. Data users have had some concerns, but believe it will all come out.
Code is up on github and papers are up online. (@xchatty have some links?)

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH

More from Tech

Daniel Johnson
Daniel Johnson
@DJohnson_CPA
Here’s a SPAC thread covering some basics for new followers. I will pin this to my profile if you want to share to anyone interested in SPACs.

SPAC timelines consist of these stages:
IPO – SPAC raises cash and begins trading as a unit. The cash is placed in Trust.
Searching phase – After IPO, the SPAC management team looks for a company to merge with. This is typically 24 months but can be shorter depending on the SPAC

LOI/Rumor – A letter of intent is announced publicly or Bloomberg/Reuters etc. breaks news of a rumor that a SPAC is close to a deal with a target.

The LOI/rumor stage does not always happen, most go straight to a definitive agreement. Rumors should only be considered to have value if from a trusted news source, internet rumblings are pure speculation. During this stage, a deal can still fall apart and not be signed.

Definitive agreement (DA) – deal officially inked. The SPAC begins filing paperwork with the SEC to have the merger approved to take the target company public. This process typically takes 4+ months after the DA is announced.
TECH
Luca Hammer
Luca Hammer
@luca
Two years ago on a weekend, I built a tool to make it easier to evaluate Twitter accounts. Since then 36590 people used it to analyze 55390 different Twitter accounts.

Over the last months @mmkaradeniz and I made a new version. We launched it last night:

@accountanalysis doesn't use machine learning or AI „magic“. Instead of telling users if an account is authentic or not, it helps them to evaluate the accounts themselves.

It visualizes the different features (date, time, type, app, etc.) of Tweets to make them interpretable. /1

@accountanalysis The core concept is still the same, but it looks much better and is easier to operate. Not only for the users, but us developers as well. Enabling us to continuously roll out new features in the future.

Side-by-side screenshots of the old and new version. /2


@accountanalysis Some people had questions what different charts displayed and how they could be interpreted. There are now explanations for all charts, that can be toggled on and off at any time. /3


@accountanalysis The selected/retrieved Tweet count moved to the top to make it clear that not all Tweets of an account are analyzed. 3200 is the API limit by Twitter. It's possible to get more through the Premium API, but I don't think people would pay $100+ for the analysis of one account. /4
TECH
Advertisement
Corey Gwin
Corey Gwin
@corey_gwin
Great thread full of potential https://t.co/jA8h08M48z ideas! 💡

📸 Social disposable camera app

Create a digital "roll" with friends. Take pictures from the roll. You can't see them until: the roll is used up, a time limit expires, or you get to a specific location.

🎙 Asynch interview platform

Send a guest a video or audio clip asking a question. Guest replies when able with same medium. Repeat. When done, share produced video/podcast.

✅ 24 Hour Startup Checklist/Overlay

A web app to track the progress of your project: ideation, naming, shipping code, launching.

Page can also be a dynamic browser overlay for live streaming.

Have tools for polls, surveys, sharing, launching to various outlets, etc.

👩‍⚖️ Healthcare "Lawyers"

If health insurance screws you over, no one has your back but you. Instead, can pay a small monthly fee to a service to take care of BS like this for you should issues arise.
TECH
Joe Natoli
Joe Natoli
@joenatoli
#UX and #design friends, we need to talk about estimating. I'd like to share some advice that's come up 3 times this week, in hopes it's useful. And it's echoed, by the way, in the BUSINESS OF UX course @EliNatoli and I are teaching at my UX 365 Academy (link at the end).

(1/12)

Avoiding wars with clients is a matter of how you structure your engagements, along with how you spell out what you're doing in your proposals/contracts. That starts with estimating.

The biggest 2 rules I follow are these:

(2/12)

1. I do not EVER estimate a project in full from start-to-finish.

2. Once we're past initial Discovery (see below), I estimate in small chunks, e.g. "here's what will take us to the next iteration/review."

(3/12)

NEVER estimate past the point where you may get new information based on a build/test cycle.

Believe me when I say that you'll be wrong every time. Ask me how I know ;-)

(4/12)

So instead, first, I estimate a Consult/Discovery part that details what I think we need to do to get a handle on what's actually wrong here, and how long that will take.

For example...

(5/12)
TECH
Pratham \U0001f468\u200d\U0001f4bb\U0001f680
Pratham 👨‍💻🚀...
@Prathkum
Positioning in CSS allows you to display your element wherever you want on the screen

But when I was learning it, I found it little bit confusing😅

So in this thread I'll try to explain it in easiest manner with practical implementation. Let's start

THREAD🧵👇


There are 5 values that you can pass in position property

- static
- relative
- absolute
- fixed
- sticky

In this thread we will be focusing on relative and absolute positioning as both are widely used

Let's start with understanding what document flow is?

📌 Elements are displayed on the screen as they written in the HTML document

Consider the following piece of code:

H1, P, H3 and div are displayed on the screen in exact order as they written in the HTML file.


As now you know about document flow, let's start with Relative positioning

📌 Relative Position

- Relative positioning do not take an element out of document flow
- Relative positioning is relative to element's original position which can be changed using offset

🔹 Relative position is relative to itself.

For example: Consider the code and output in the attached image below

As you can see red box is shifted 100px from left because I applied left offset after giving it relative positioning
TECH

You May Also Like

Tom Hirst
Tom Hirst
@tom_hirst
How to create a freelancing website that makes money.

Everything I've learned.

A thread.

As a freelancer,

Your website is everything.

First, prioritise its existence.

Second, prioritise its improvement.

The technology you use is irrelevant.

- WordPress
- Notion
- Carrd
- Wix

It doesn't matter which you choose,

What matters is you have a website.

Pick a platform that you're comfortable with.

If you can:

- Capture leads
- Add content easily
- Have a clear design

You're good.

If your website doesn't get leads,

It's not working.

Don't rest on a website that doesn't work for you.

Improve it until it does.
STARTUPS
Seth Abramson
Seth Abramson
@SethAbramson
(1) Kushner is worth $324 million.
(2) Since 2016, Kushner has connived, with Saudi help, to force the Qataris (literally at a ship's gunpoint) to "loan" him $900 million.
(3) This is consistent with the Steele dossier.
(4) Kushner is unlikely to ever have to pay the "loan" back.


2/ So as you read about his tax practices, you should take from it that it's practices of this sort that ensure that he's able to extort money from foreign governments while Trump is POTUS without ever having to pay the money back. It also explains why he's in the Saudis' pocket.

3/ It's why the Saudis *say* he's in their pocket. It's why emoluments and federal bribery statutes matter. It's why Kushner was talking to the Saudi Crown Prince the day before the murdered Washington Post journalist was taken. It's why the Trump administration now does nothing.
ALL
Advertisement
Jo Luehmann
Jo Luehmann
@JoLuehmann
“Don’t leave the church because of the people who hurt you. Nobody is perfect, only God”

I’ll explain why this comment is not only not helpful at all, but also very harmful.

1/

The comment assumes we can’t tell the difference between people and toxic theology, it assumes our issues are with a few people who are outliers and misrepresented God, and we just seem to think that’s the totality of divinity. Which makes us appear unintelligent and petty.

2/

But, that’s not the case at all. I didn’t leave because a few people hurt me in the name of God, in fact I stayed long enough to get hurt again, and again, and again, and again. Because it’s not a few bad apples hurting people in the name of God what we are dealing with.

3/

Instead we are talking about systemic abuse due to toxic theology that is taught as righteousness.

Go to any white evangelical church today and conduct all the tests you must to ensure only those who are “good Christians,” remain. I guarantee you people will be harmed there.
4/

Not because people just hurt people, not because Christians have good intentions but sometimes make mistakes; instead because the harm is caused due to indoctrination into toxic theology and a belief that their social and theological framework is not only good,

5/
RELIGION
Tej Dosa \U0001f602\U0001f9e0
Tej Dosa 😂🧠...
@ComedicBizman
(A THREAD)

18 Things I Would Do At 18:

I was a dumb 18-year-old. I thought I had the world figured out. I didn't.

I stayed up till the wee hours. Drank every liquor invented.

Partied non-stop. Woke up after noon.

Surfed the web aimlessly.

Read BS self-help.

Repeat.

If I could do it all over again, here's 18 things I would do...

PHASE ONE: GET MY MIND RIGHT

ACTION #1: Break the chains - I wish I made the decision earlier. I didn't. I was scared. Anxious. Nervous. I knew once I made the decision, there was no going back.

Don't be like me.

Make the decision at 18. The decision to pave your own path in life. To go against the herd. To choose your own adventure. To commit to whatever sets your heart on fire.

ACTION #2: Cut off every negative person in your life.

Scroll through the contacts in your phone...

Notice how the names make you feel.

Delete any and all names that fill you with doubt and negativity.

ACTION #3: Condition your mind to embrace the producer mindset instead of the consumer mindset.

Consume 20% of the time. Produce 80% of the time.

Case closed.

ACTION #4: Set an intention to make $10k a month and write it out every MORNING and NIGHT as if you already achieved it (in the past tense).

Visualize yourself already having the money as you write.

Cheesy?

Yes.

Does it work?

Yes.

PHASE TWO: EDUCATION
LIFE
Katie Mack
Katie Mack
@AstroKatie
Light travels at about 1 foot per nanosecond.

Hold your hand up 12 inches from your face: you’re seeing your hand as it was a nanosecond ago. Everything you look at is, to one degree or another, in the past. The farther away in space, the more ancient in time.

You can’t see the Sun as it is now, but you can see it as it was about 8 minutes ago. You can’t see Alpha Centauri now, but you can see it 4.4 years ago. You can see the Andromeda Galaxy as it was 2.5 million years in the past. And so on.

With powerful telescopes, we can see galaxies whose light has been traveling to us for more than 13 billion years. We see them shining in a universe that’s still young, where gravity has just begun to pull matter together into stars and galaxies.

We can see something even more distant, and more ancient, than the first galaxies. If we peer out far enough, in between the galaxies, we can see parts of the Universe that are so far away, it has taken the light from that distance almost the entire age of the cosmos to reach us.
SCIENCE