BC TECH
Saved by @ThomassRichards

Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

 Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.
Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.
How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering
We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
Three rights:
* access
* rectification
* deletion

Legal's trying to uphold them, but it's a technical question!

Legal wants to decrease risk but don't know software
The business wants to stay in business and make money. They want to be able to use data for things like placing ads and analysis.
It takes a lot of time to handle these requests, too!

They need a streamlined technical solution.
Program management wants to streamline and make things efficient and predictable... but they don't understand the technical limitation
As a software engineer, you've seen technical debt. So much technical debt. All the weight of the decisions that were made in the past, especially if you scaled without a data plan.

Average SMB has data in 10 different systems.
How do we delete?
Some poor software engineer is trying to track down what data is where?
What even *is* PII? There's no real standard.
What should be returned? What should be deleted.

Make a definition and stick to it.
Some of your databases might use email addresses as a primary key, some user IDs, etc.
1. Define PII
2. Find all the PII
3. Use pseudonymization to replace PII with some kind of random value which can't be tied back to the user

[reminder I am livetweeting this is not me speaking]
How do you do this at scale?
Maybe a centralized team who can handle this?
If you're a small company, plan ahead!
Be careful when you're doing sanitization -- some databases really don't like batch processes and you can make things fall over.
Speed
* you have a timeline -- often 30 or 45 days
* but that's not enough time if you haven't planned for streamlined speed

Ideally you won't need it, but have a backup plan, in case something goes wrong with a slow data system
Plan for a solution that grows with your business, not just a hacked-together series of SQL queries, but instead a centralized portal with extensibility as the business changes and technical systems grow.

... and as new privacy laws come into place
Privacy is way, way more than compliance. But compliance needs to happen.

Let's all do our part

[ end of talk ]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE

More from Tech

Patrick McKenzie
Patrick McKenzie
@patio11
Most software founders, particularly in B2B, need to get radically better at sales. @Steli , who is the best person for explaining the scrappy stages in the beginning and then building out a team with scripts and processes, wrote a guide to:

For technical founders it is irrationally, obscenely hard to reverse years of programming (ba dum bum) that sales is a value-destroying activity. Sales is CLEARLY a value-creating activity, contingent on you have a value-creating product.

The world will not drop what they are doing to adopt your work. This is particularly true in B2B, where simply building a better mousetrap won't overcome the activation energy required to get people with additional non-mice problems to prioritize changing mousetraps today.

This is very non-obvious for founders because founders are not often people who *want* to be sold to. We often come from a background where trying out tools is a bit of a fun hobby. We like looking at all the options, making charts, and ripping out partially complete tests.

"This week I unsuccessfully trialed four software options for automating that thing that has been killing us. Our actual production process remains the same as last week. Don't worry; this was a great use of time." is not a thing you want to write in a progress report to manager.
TECH
Robin Berjon
Robin Berjon
@robinberjon
Recently, the @CNIL issued a decision regarding the GDPR compliance of an unknown French adtech company named "Vectaury". It may seem like small fry, but the decision has potential wide-ranging impacts for Google, the IAB framework, and today's adtech. It's thread time! 👇

It's all in French, but if you're up for it you can read:
• Their blog post (lacks the most interesting details): https://t.co/PHkDcOT1hy
• Their high-level legal decision: https://t.co/hwpiEvjodt
• The full notification: https://t.co/QQB7rfynha

I've read it so you needn't!

Vectaury was collecting geolocation data in order to create profiles (eg. people who often go to this or that type of shop) so as to power ad targeting. They operate through embedded SDKs and ad bidding, making them invisible to users.

The @CNIL notes that profiling based off of geolocation presents particular risks since it reveals people's movements and habits. As risky, the processing requires consent — this will be the heart of their assessment.

Interesting point: they justify the decision in part because of how many people COULD be targeted in this way (rather than how many have — though they note that too). Because it's on a phone, and many have phones, it is considered large-scale processing no matter what.
TECH
Advertisement
foone
foone
@Foone
I went looking for a remote-controlled power switch (the wireless christmas kind, not the modern IoT kind) and didn't find it, but I did find this thing I bought just to figure out why it exists.
It's a timer outlet, but you program it from your phone... but it's not wireless.


Yeah instead it plugs into your phone's HEADPHONE PORT


I got it on sale.
probably because iphone dropped the headphone port and they had to get with the 21st century and make it bluetooth


So inside the box is the device. it's got a little 2-prong polarized outlet with no ground.


on top is the only controls: on/off/timer.
TECH
Aviral Bhatnagar
Aviral Bhatnagar
@aviralbhat
I spent 1.4 lakhs on Zomato alone this year

Once these platforms build a habit, it's hard to leave

Lifetime value of customers is immense, which recover marketing costs and more

These very "loss-making" companies eventually become money-making machines

I love the assumptions people are making here to try to work out how this is possible, but I'll not share the math to just keep this fun.

Few hints: I have excellent cardiovascular fitness, love fine + healthy dining and order with my wife and brother

Guess AOV and order freq
TECH
Digital Strada - Partner for Digital Marketing
Digital Strada - Partn...
@DigitalStrada
🙂 Hey - have you heard of @RevolutApp Business before?

🌐 Great international transfer and 🏦 foreign #exchange rates, and various tools to manage your #business.

👉 https://t.co/dkuBrYrfMq

#banking #fintech #revolut #growth #startups
1/10


One place to manage all things business
Get more from your business account with powerful tools that give you total control over your finances.

👉 https://t.co/dkuBrYrfMq
2/10


Accept payments
online at great rates
Receive card payments from around the world with low fees and next-day settlement.

👉 https://t.co/dkuBrYrfMq
3/10


Send and receive international payments, with no hidden fees
Multi-currency accounts allow you to hold, exchange, send and receive funds in 28+ currencies - always at the real (interbank) exchange rate...

👉 https://t.co/dkuBrYrfMq
4/10


Optimise spend with smart company cards
Spend in over 150 currencies at the real (interbank) exchange rate
Stay in control – issue physical and virtual cards, track spending in real-time for your entire team...

👉 https://t.co/dkuBrYrfMq
5/10
TECH

You May Also Like

WORLD OF SANATAN DHARMA
WORLD OF SANATAN DHARM...
@world_sanatan
UNTOLD STORY OF QUEEN BHAVASHANKARI OF BENGAL - A 🧵u must read

Know the role of Naga Sadhus

PART-1

One of the most underrated empires to ever grace India is the kingdom of Bhurshut from central Bengal.

1/


A medieval powerhouse this kingdom stood firm against the Pathan invasion from Orissa twice, and with each time devastating the enemy forces.

Along with this, we also have to note that this was the time when the empire was under the reign of a widowed queen named Bhavashankari.

She wasn’t even born in a royal family and yet she achieved what most of the kings couldn’t do

This begs the question, why does no one remember this great kingdom?

3/

Bhurshut empire thrived from 15th century till late 18th century as an independent kingdom while acting as tributary state with full autonomy.

4/

What’s even more puzzling is that no one knows about the great queen Bhavanshakari who thrashed the Pathans single handedly without the aid of their allies.

5/
ALL
Simon DeDeo
Simon DeDeo
@SimonDeDeo
"I lied about my basic beliefs in order to keep a prestigious job. Now that it will be zero-cost to me, I have a few things to say."


We know that elite institutions like the one Flier was in (partial) charge of rely on irrelevant status markers like private school education, whiteness, legacy, and ability to charm an old white guy at an interview.

Harvard's discriminatory policies are becoming increasingly well known, across the political spectrum (see, e.g., the recent lawsuit on discrimination against East Asian applications.)

It's refreshing to hear a senior administrator admits to personally opposing policies that attempt to remedy these basic flaws. These are flaws that harm his institution's ability to do cutting-edge research and to serve the public.

Harvard is being eclipsed by institutions that have different ideas about how to run a 21st Century institution. Stanford, for one; the UC system; the "public Ivys".
LIFE
Advertisement
Aditya Todmal
Aditya Todmal
@AdityaTodmal
TradingView isn't just charts

It's much more powerful than you think

9 things TradingView can do, you'll wish you knew yesterday: 🧵

Collaborated with @niki_poojary

1/ Free Multi Timeframe Analysis

Step 1. Download Vivaldi Browser

Step 2. Login to trading view

Step 3. Open bank nifty chart in 4 separate windows

Step 4. Click on the first tab and shift + click by mouse on the last tab.

Step 5. Select "Tile all 4 tabs"


What happens is you get 4 charts joint on one screen.

Refer to the attached picture.

The best part about this is this is absolutely free to do.

Also, do note:

I do not have the paid version of trading view.


2/ Free Multiple Watchlists

Go through this informative thread where @sarosijghosh teaches you how to create multiple free watchlists in the free


3/ Free Segregation into different headers/sectors

You can create multiple sections sector-wise for free.

1. Long tap on any index/stock and click on "Add section above."
2. Secgregate the stocks/indices based on where they belong.

Kinda like how I did in the picture below.
SCREENERS , ALL , TRADINGVIEW
Corey Lynn \U0001f64f\U0001f1fa\U0001f1f8
Corey Lynn 🙏🇺🇸...
@CoreysDigs
1) OBSERVATION: The frequencies are changing. I would have to assess stats on the electromagnetic field to see its fluctuations. All I know is, I am highly sensitive to energy/frequencies, and they are changing, because…

2) 2 Weeks ago, my dog was effected by it as well. He is hearing things that aren’t technically audible. I can tell by his body language and sounds. One week ago I began feeling a pressure in my head and ears. It wasn’t painful at all, but it was intense for a bit.

3) It reminded me of taking off in an airplane a bit. I felt like I was in a vacuum. It went on and off for a couple of days. I’ve picked up on frequencies and high pitched sounds (not audible to most) for 30 years, and today my right ear began to ring for longer than usual.

4) This is nothing unusual for me, with exception of the duration. This happens often with me. No, it’s not tinnitus. Only this time, when I spoke, there was reverb creating a high pitch in my ear from my voice. This lasted for about 30 minutes. It did not hurt, just annoying.

5) So yes, the frequencies are changing. What this means exactly, I am unsure of at the moment. Some will say electromagnetic fields, others will say ascension, and some will say pole shift. I honestly can’t say at this very moment.
SCIENCE
Respectable Lawyer
Respectable Lawyer
@RespectableLaw
There's been a lot of talk about the missionary killed by the natives of North Sentinel Island. They're probably so aggressive because of this weirdo, Maurice Vidal Portman. So here's a big thread about this creep and some facts from my decade-long obsession with the island.


The Sentinelese are often described as “uncontacted,” but this not strictly true. They had a very significant contact in 1880 with Commander Portman.

Portman, the black sheep third son of some minor noble, was assigned by the English Royal Navy to administer and pacify the Andaman Islands, a job he pursued from 1880-1900 with the full measure of his own perversity.


Portman was erotically obsessed with the Andamanese, and he indulged his passion for photography by kidnapping members of various tribes and posing them in mock-Greek homoerotic compositions.


During his 20 years in a sexualized heart of darkness, Portman measured and cataloged every inch of his prisoner’s bodies, with an obsessive focus on genitals.
SOCIETY