BC TECH
Saved by @ThomassRichards

Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

 Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.
But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework
We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law
But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
Previously used a method called "swapping" with secret parameters
* differential privacy is open and we can talk about privacy loss/accuracy tradeoff
* swapping assumed limitations of the attackers (e.g. limited computational power)
Needed to design the algorithms to get the accuracy we need it and tune the privacy loss based on that.

Change in the meaning of "privacy" as relative -- it requires a lot of explanation and overcoming organizational barriers.
By 2017 thought they had a good understanding of how differential privacy would fit -- just use the new algorithm where the old one was used, to create the "micodata detail file".
Surprises:
* different groups at the Census thought that meant different things
* before, states were processed as they came in. Differential privacy requires everything be computed on at once
* required a lot more computing power
* differential privacy system has to be developed with real data; can't use simulated data to do this because the algorithms in the literature weren't designed for dats anything like as complex as the real data (multiracial people, different kinds of households, etc)
* to understand the privacy/accuracy trade-off requires a lot of runs, representing a *lot* of computer time
Census bureau was 100% behind the move
* initial implementation was by Dan Kiefer, who took a sabbatical
* expanded team to with Simson and others
* 2018 end to end test
* original development was on an on-prem Linux cluster
* then got to move to AWS Elastic compute... but the monitoring wasn't good enough and had to create their own dashboard to track execution
* it wasn't a small amount of compute
* republished the 2010 census data using the differentially private algorithm and then had a conference to talk about it
* ... it wasn't well-received by the data users who thought there was too much error
For example: if we add a random value to a child's age, we might get a negative value, which probably won't happen to a child's age.

If you avoid that, you might add bias to the data. How to avoid that? Let some data users get access to the measurement files [I don't follow]
In summary, this is retrofitting the longest-running statistical program in the country with differential privacy. Data users have had some concerns, but believe it will all come out.
Code is up on github and papers are up online. (@xchatty have some links?)

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD

More from Tech

Novid Houellebecq (That's Hollaback)
Novid Houellebecq (Tha...
@GarouGothic
I want to explain what happened to tumblr overnight. And why Twitter as reached it's dream (or have come ever so close to it)

Yahoo, who bought Tumblr years ago, used to have a huge adult presence on the early net. They allowed adult groups and what not.

However, people and bots (just like now) misused the service, and Yahoo were forced to make a choice. They made private the groups (and later closed them down and sold some of it to other companies) and then ended their chatrooms on yahoo messenger...

after a incident with one of the chatrooms vid cams. The damage was done, Yahoo Messenger lost a lot of people - and with the closing of the groups - backpage and Craigslist came more important.

Now backpage is no more and Craigslist is slowly passing away. Tumblr had a semi strong community, but once 2014 came around and both porn, and political bots exploded the quality started to go down,
TECH
Devdutta
Devdutta
@Devdutta96
Please please please take your cyber security seriously even if you don’t consider yourself a high risk person. Here are a few easy things to start with. 1/n

Switch from WhatsApp to Signal and enable disappearing messages. Most of us cannot stop using WhatsApp entirely but at least turn off back ups to Google Drive or iCloud. 2/n

Do not have private conversations using the messaging service on any social media platform like Facebook, Instagram or Twitter. 3/n

Switch from Gmail to ProtonMail or any other secure email service provider. 4/n


Switch from Google Docs to CryptPad or RiseUp Pad.
CYBER SECURITY , IT PRIVACY , CYBER SECURITY STEPS
Advertisement
Josh Constine
Josh Constine
@JoshConstine
Facebook lost another 1 million daily users in Europe and stayed flat in North America as scandals and low engagement with teens come back to bite its business https://t.co/O7tfyIw7Fd tip @Techmeme


Facebook still added 37M monthly & 24M daily users thanks to big gains in the Asia-Pacific region, but those users earn it 1/10th as much as US/Can users


The real story dragging on Facebook's share price is that yearly revenue growth has fallen from 59% 2 years ago to 33% today. It's run out of lucrative Western users and News Feed ad space.


Let's remember that Facebook doubled its security staff & cut back on viral videos/clickbait. That drags on its profits & revenue, but are crucial to society. And while Twitter shares soar, it has made no such commitments to fighting harassment & misinfo.
TECH
Taylor Holiday
Taylor Holiday
@TaylorHoliday
1/ What causes long term sustained performance in an ad account?

🧵featuring real examples 👇🏻

If you explore the source of FB ad growth and subsequently revenue growth for eCom brands it is almost never a function of iterative improvements to ad creative or tactics over time.

2/ More often it is a series of moments that unlock an order of magnitude increase in awareness, engagement, traffic and performance.

These moments can be caused by:

A single ad
A big PR moment
A breakthrough campaign
A change in market dynamics
A new product release
Etc.

3/ The problem is they are very hard to predict and create.

I’ll give you an example of a few that happened for us @QALORing that changed our trajectory (and ad account performance) each time...

4/ The first was @andydalton14 wearing a ring on @HBO hard knocks. It was the peak of the series popularity and they did a :30 piece on the ring he was wearing while playing.

See screenshot

Notice the traffic before and after the peak.


5/ This increased organic traffic let us alter our AdWords strategy, extract more post intent demand from new searchers and pull clips of the show to supplement our ad credibility.
TECH
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH

You May Also Like

Lindsey Simmons
Lindsey Simmons
@LynzforCongress
Joshua Hawley, Missouri's Junior Senator, is an autocrat in waiting.

His arrogance and ambition prohibit any allegiance to morality or character.

Thus far, his plan to seize the presidency has fallen into place.

An explanation in photographs.

🧵

Joshua grew up in the next town over from mine, in Lexington, Missouri. A a teenager he wrote a column for the local paper, where he perfected his political condescension.

2/


By the time he reached high-school, however, he attended an elite private high-school 60 miles away in Kansas City.

This is a piece of his history he works to erase as he builds up his counterfeit image as a rural farm boy from a small town who grew up farming.

3/


After graduating from Rockhurst High School, he attended Stanford University where he wrote for the Stanford Review--a libertarian publication founded by Peter Thiel..

4/

(Full Link: https://t.co/zixs1HazLk)


Hawley's writing during his early 20s reveals that he wished for the curriculum at Stanford and other "liberal institutions" to change and to incorporate more conservative moral values.

This led him to create the "Freedom Forum."

5/
HISTORY
Mitesh Patel
Mitesh Patel
@Mitesh_Engr
Again sharing bank nifty intraday weekly straddle. How to play by selling straddle.
Mostly will work on Monday to Wednesday. Sometimes on Friday.
Why to pay your money to learn this if u can get it here.
U need only practice.
Let’s go.

Say bank nifty future is at 32000.
Sell both 32000 call and put.
Considering current volatile market lest say premium on Monday morning is 350 on both sides.
Sold with 700 points combine premium.
If bank nifty will trade in narrow range say +\- 100 hold it.
If moving 200 points

then exit previous sold straddle. Sell new one. Let’s say BN moved +200
Now sell 32200. If bank nifty will move here within range then u will get profit through theta decay. Follow same procedure for next 150-200 pts move.

This is only for single straddle sell position.

Now in second case sell three straddle. 31900/32000/32100
In case of 100 points move no need to change.
If 200 + then future is 32200.
Exit 31900 and sell 31200 straddle.
If moving another 100 then exit 32000 and sell 32300. Continue same with 100 points move.
If no move then

it will consolidate between 32000-32200 or 32100 to 32300 and u will get theta decay.

This is for normal move. Sudden big move may come anytime. So keep SL in system.
If u r selling at 350-350 then keep SL in system 475 for both legs.
Practice it. No need to attend webinar.
BNF , MPATELOPTIONSLEARNINGS , OPTIONSLEARNING
Advertisement
Jaya_Upadhyaya
Jaya_Upadhyaya
@Jayalko1
SRI LALITHAMBIGAI, THIRUMEYACHUR (TN)
#bharatmandir #navratri2021

Kshetram where Shiva is worshipped as Meghanatha and his consort is Lalithambigai seen in Abhay mudra.
Once, a demon Pandasura was harassing the Devas who went to Devi Parashakti for protection. 
@GunduHuDuGa


Devi rose from a Yaga Gunda, mounted on the Sri Chakra Rath with the name Lalithambika, waged a war against Pandasura and destroyed him.  When her fury did not subside, Shiva asked her to go to Earth, assume the name Manonmani, perform penance and shed her fury.


Shiva blessed Devi to be Shanta nayagi. There is a sculpture here depicting Shiva pacifying Devi. If you observe closely, you can see that from your left hand side there will be a smile on Her face and if you see from your right hand side you can see anger in Her face.


Hayagriva taught the greatness of Lalitha Sahasranama to Rishi Agasthya. Pleased with his devotion, Ma Lalithambikai appeared before Agastya. He is believed to have then sung Lalita Navaratnamala in praise of Devi. He has also composed a hymn named Rahasyanamasahasram.
ALL
Erik Torenberg
Erik Torenberg
@eriktorenberg
1/ Some initial thoughts on personal moats:

Like company moats, your personal moat should be a competitive advantage that is not only durable—it should also compound over time.

Characteristics of a personal moat below:


2/ Like a company moat, you want to build career capital while you sleep.

As Andrew Chen noted:


3/ You don’t want to build a competitive advantage that is fleeting or that will get commoditized

Things that might get commoditized over time (some longer than


4/ Before the arrival of recorded music, what used to be scarce was the actual music itself — required an in-person artist.

After recorded music, the music itself became abundant and what became scarce was curation, distribution, and self space.

5/ Similarly, in careers, what used to be (more) scarce were things like ideas, money, and exclusive relationships.

In the internet economy, what has become scarce are things like specific knowledge, rare & valuable skills, and great reputations.
LIFE
STEALTH JEFF
STEALTH JEFF
@drawandstrike
Ok I was wrong about theHouse. 2 years of legislative gridlock = not fun. Few bills passing.

Control of the House is useless when it comes to keeping Trump from declassifying all the SpyGate docs. Or stopping an Inspector General from releasing a report.

Trump still gets control of judicial appointments so we can expect another 100 judges over the next two years. This time there’ll be no McCain or Flake playing the Maverick role with their swing vote.

That new margin in the Senate is huge if another Supreme Court seat comes open.

So from the responses I’m getting, people seem to think if Trump declassifies the Spygate stuff now, nothing happens.

Are you under the impression federal prosecutors have to wait until CONGRESS finishes an investigation and makes criminal referrals before the DOJ can act?

There’s a federal grand jury on McCabe right now. Did Congress ever finish it’s investigation and make a referral to the DOJ against him?

No.

BUT INSPECTOR GENERAL HOROWITZ DID. On finishing his McCabe leak report.

Funny how nobody remembers that.
POLITICS