BC TECH
Saved by @ThomassRichards

Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

 Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.
But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework
We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law
But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
Previously used a method called "swapping" with secret parameters
* differential privacy is open and we can talk about privacy loss/accuracy tradeoff
* swapping assumed limitations of the attackers (e.g. limited computational power)
Needed to design the algorithms to get the accuracy we need it and tune the privacy loss based on that.

Change in the meaning of "privacy" as relative -- it requires a lot of explanation and overcoming organizational barriers.
By 2017 thought they had a good understanding of how differential privacy would fit -- just use the new algorithm where the old one was used, to create the "micodata detail file".
Surprises:
* different groups at the Census thought that meant different things
* before, states were processed as they came in. Differential privacy requires everything be computed on at once
* required a lot more computing power
* differential privacy system has to be developed with real data; can't use simulated data to do this because the algorithms in the literature weren't designed for dats anything like as complex as the real data (multiracial people, different kinds of households, etc)
* to understand the privacy/accuracy trade-off requires a lot of runs, representing a *lot* of computer time
Census bureau was 100% behind the move
* initial implementation was by Dan Kiefer, who took a sabbatical
* expanded team to with Simson and others
* 2018 end to end test
* original development was on an on-prem Linux cluster
* then got to move to AWS Elastic compute... but the monitoring wasn't good enough and had to create their own dashboard to track execution
* it wasn't a small amount of compute
* republished the 2010 census data using the differentially private algorithm and then had a conference to talk about it
* ... it wasn't well-received by the data users who thought there was too much error
For example: if we add a random value to a child's age, we might get a negative value, which probably won't happen to a child's age.

If you avoid that, you might add bias to the data. How to avoid that? Let some data users get access to the measurement files [I don't follow]
In summary, this is retrofitting the longest-running statistical program in the country with differential privacy. Data users have had some concerns, but believe it will all come out.
Code is up on github and papers are up online. (@xchatty have some links?)

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD

More from Tech

James Felton
James Felton
@JimMFelton
Butt plugs were originally sold as a miracle cure for headaches, acne, and insanity

Thread, article here and h/t: @qikipedia :
https://t.co/Ts84xnmWKJ


For a long time, medicine was pre-occupied with the question "can this be solved by putting something in the butt?"

Take, for example, tobacco smoke enemas, in which 18th Century physicians saw drowning victims and attempted to de-deadify them by blowing tobacco smoke up their rectums with a pipe.


Despite having no medical benefit whatsoever, the practice was popular, and enema kits lined the Thames like lifebelts, ready to be used as one final humiliation for somebody who was crap at swimming.

This practice ended sometime after 1800 when it became apparent that it didn't really work, given how the anus famously isn't really connected to the lungs, but doctors weren't quite finished with having a poke around in the old anus to see what happens just yet.
TECH
Greta Musk
Greta Musk
@GretaMusk
🚔 HUGE #Tesla SERVICE PROBLEMS THREAD🚔

You might remember my 3 prior threads on how
TESLA. TREATS. ITS. CUSTOMERS. LIKE. TRASH.

Here's the 4th installment.
@tomkeinan @jonsey_lisa @jwmooc @tchanpoker @bryanthediamond @EconomicManBlog
$TSLA $TSLAQ 1/22


Welcome to Greta's 4th edition of #Tesla customers getting used and abused. Because that's the Elon Musk way.
@coffeebreakls @KocgibiHarun @omaragha @JayGhahari
$TSLA $TSLAQ 2/22


"The best service is no service." - Elon Musk a.k.a. #SpaceKaren
@briansaziz @FarSha998899 @thinktankfour @Billoday1
#Tesla $TSLA $TSLAQ 3/22


These #Tesla customers represent just the very tip of the iceberg. They are ones who have Twitter, have decided to complain about their #TeslaServiceIssues publicly, and were found by yours truly.
@yanismydj @hajelatweets @AlanHeldman @francislongo5 $TSLA $TSLAQ 4/22


Dear #Tesla customers: In California, if your vehicle has been out of service for >30 days total, it's a lemon. You can get punitive damages and attorney's fees. Don't sit around and take Elon's abuse. @13arm13arm @cecimar12 @richardson_skip @shootinglee $TSLA $TSLAQ 5/22
TECH
Advertisement
Nicolas
Nicolas
@necolas
A brief analysis and comparison of the CSS for Twitter's PWA vs Twitter's legacy desktop website. The difference is dramatic and I'll touch on some reasons why.

Legacy site *downloads* ~630 KB CSS per theme and writing direction.

6,769 rules
9,252 selectors
16.7k declarations
3,370 unique declarations
44 media queries
36 unique colors
50 unique background colors
46 unique font sizes
39 unique z-indices

https://t.co/qyl4Bt1i5x


PWA *incrementally generates* ~30 KB CSS that handles all themes and writing directions.

735 rules
740 selectors
757 declarations
730 unique declarations
0 media queries
11 unique colors
32 unique background colors
15 unique font sizes
7 unique z-indices

https://t.co/w7oNG5KUkJ


The legacy site's CSS is what happens when hundreds of people directly write CSS over many years. Specificity wars, redundancy, a house of cards that can't be fixed. The result is extremely inefficient and error-prone styling that punishes users and developers.

The PWA's CSS is generated on-demand by a JS framework that manages styles and outputs "atomic CSS". The framework can enforce strict constraints and perform optimisations, which is why the CSS is so much smaller and safer. Style conflicts and unbounded CSS growth are avoided.
TECH
Silver Kayondo
Silver Kayondo
@SilverKayondo
Last weekend, I made a threat on the ongoing #SocialMedia shutdown in Uganda and some implications on the future of #internet & Uganda's #digital agenda.

The thread attracted a lot of engagement and questions. Tonight, I will share some final thoughts on the subject. (1)

Conceptually, social media sites are the largest on-boarding platforms for internet users in Uganda. Notably, Facebook, WhatsApp, Twitter, Instagram & Snapchat attract the highest internet traffic- which drives demand for other platform services e.g Google and Zoom recently.


So- when we talk about an "open internet", we mean the FULL resources of the internet. Any encumberance on selected applications has ripple effects across the entire network thus jeorpadizing standardization of internet/data transmission which is essential for innovation & growth


Furthermore, shutdowns hinder network interoperability (technical ability to plug/link one digital product or service into another product or service). Interoperability is the heart of the "Internet of things" eg business, devices, networks, services, e-govt, integration etc #IoT


Because the internet is a global resource, shutdowns enhance a digital divide (the gap between demographics and regions that have access to modern ICTs, and those that don't or have restricted access). Ironic that 3rd world countries have the highest number of shutdowns globally.
TECH
Zed A. Shaw, Writer
Zed A. Shaw, Writer
@lzsthw
When you complain about an open source project's management you'll get the reply, "Use something else if you don't like it!" That'd be true except for the tiny problem that *many* projects also strive for complete monopolistic dominance.

Let me tell you about Java in early 2k:

I was programming in Java since it's release, and all through the late 90s into the early 2000s. At first Java was very determined to unseat C++ and it used various propaganda tactics to turn C++ and malloc into a weird enemy for all of us to hate. This worked great!

Everything was fine though because there were plenty of jobs in tech because of the dot-com boom, and then suddenly there were not jobs because of the dot-com bomb.

Overnight it seemed as if the *only* way to get a job was at giant companies, and they *loved* Enterprise Java.

Now, this is the golden ticket for many open source projects and corporations. They all want to be the top dog #1 in the industry for their particular use, and once they gain that position they become abusive by ignoring user needs and extracting wealth from them.

With Java the dominance was so insane that *every* language had to copy Java's weirdness to survive. If you wonder why a language has some odd CamelCase things it's because early Python, Ruby, and others had to copy Java's semantics and style to even be considered "serious".
TECH

You May Also Like

David Rothkopf
David Rothkopf
@djrothkopf
Trump on climate: I don't believe it. Trump on Khashoggi: I don't believe it. Trump on Russia: I don't believe it. Idiocy? A canny game? Doesn't really matter as much as the underlying intellectual autocracy. In this administration only one opinion matters.

It's an assault on facts and reason. It's an assault on good governance. It's an assault on the bureaucracies that are being discounted. It's an assault on science and history. But it is also an assault on one of the underpinnings of democracy.

We live in a system that is grounded on the idea of collaborative government. Leaders may have a final word but even then, there are typically checks and balances. Hopefully, in this case, such checks and balances may work. But they also are being tested.

The president's position that he is smarter than all the world's scientists, than the entire intelligence community, than experts who have studied any issue all their lives, is, of course, asinine. But his belief that government turns solely on his opinion, is monarchic.

Louis XIV reportedly said, "L'etat est moi." That he was the state. Trump asserting that he knows better than all, discounts all advice, that his brain is enough to chart the course for America alone, is essentially saying the same thing.
POLITICS
Ryan Caldbeck
Ryan Caldbeck
@ryan_caldbeck
1/ I am seeing more and more founder secondary in venture rounds (Secondary = founders selling some of their shares before some other shareholders are able). Series B-D. I see both as an investor and through entrepreneur circles.

2/ I like secondary for entrepreneurs. Moderation is key but in a lot of situations I think it helps accelerate the co. Lots of very smart investors disagree. Here are my thoughts.

3/ Magnitude: My basic rule of thumb from what I see is market is 4+ yrs and up to 10% of founder’s equity stake with some $ cap that makes sense given stage etc. (typically <$10m)

4/ The entrepreneurial journey is brutally hard. Giving some financial relief helps remove one piece of pressure. I don’t think that secondary in the magnitude mentioned impacts the drive/persistence of great entrepreneurs.

5/ That secondary means they will be able to just sleep knowing they can pay their kids’ tuition. Secondary will make most founders better at their jobs, thus accelerating the co.
ALL
Advertisement
Zen Black
Zen Black
@z3nblack
1/ Thread: "A Silicon Valley Ponzi Scheme"

Thanks to @chamath for laying this out in Social Capital's 2018 annual letter.

I've always appreciated his outspokenness.

2/ The hardest thing for most startups today is the path to market: first finding product-market fit & a way to reach customers, then building a ruthless machine to acquire, monetize & retain them.

3/ Because of this, when the VC industry invests capital into fast growing startups today, the plurality (if not majority) of invested capital will go into user acquisition and ad spending, for better or worse— usually worse.

4/ Todays massive venture-backed advertising, sales, and user acquisition playbook has morphed into one that champions growth at any cost.

This is creating a big bill that will soon come due...

5/ Ad impressions and click-throughs are bid up to outrageous prices by startups flush with venture money, and prospective users demand more and more subsidized products to gain their initial attention.
TECH , STARTUPS , {TEST FOLDER}
\u092a\u094d\u0930\u0924\u093f\u091c\u094d\u091e
प्रतिज्ञ...
@RamaInExile
#twitterArts
Arts are best form to Express thoughts & devotion. In All civilization Arts played very important role to express sprituality. Tibbeten Tangkhas are prime example .

List of My Paintings & Sketches


प्रलय पयोधि-जले धृतवान् असि वेदम्
विहित वहित्र-चरित्रम् अखेदम्
केशव धृत-मीन-शरीर, जय जगदीश हरे!!


छलयसि विक्रमणे बलिम् अद्भुत-वामन
पद-नख-नीर-जनित-जन-पावन
केशव धृत-वामन रूप जय जगदीश हरे


नंदसि यज्ञ- विधेर् अहः श्रुति जातम्
सदय-हृदय-दर्शित-पशु-घातम्
केशव धृत-बुद्ध-शरीर जय जगदीश हरे


क्षत्रिय-रुधिर-मये जगद् -अपगत-पापम्
स्नपयसि पयसि शमित-भव-तापम्
केशव धृत-भृगुपति रूप जय जगदीश हरे
ALL
Aditya Todmal
Aditya Todmal
@AdityaTodmal
A Thread on the Boss himself @Mitesh_Engr

Mitesh Sir's Positional Option Selling 101:

• How to find direction
• Which options to sell
• How to deploy capital
• Exit criteria
• What ROI he targets weekly
• What % risk he takes

Done with the help of @niki_poojary


How @Mitesh_Engr Sir finds the direction?

• Daily charts S/R
• 75 min charts S/R
• Intraday trend
• Always play directional
• Never trades in strategies


Which options to sell in weekly expiry according to @Mitesh_Engr?

• Weekly candle High/Low
• Sell 1% away options from those
• Exit when levels breached


Position Sizing by @Mitesh_Engr Sir.

How to deploy your capital?

• First sell 20%
• Pyramid the next day
• When to exit
• What to do when view goes wrong
• What to do with idle capital


Some important tweets of @Mitesh_Engr Sir

• What Data to look at
• ROI for safe players per month
• Max risk per day
• Gather knowledge and play directional
• Never play strategies
OPTIONS LEARNING , ALL , MPLEARNINGS