BC TECH
Saved by @ThomassRichards

Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

 Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.
Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.
How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering
We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
Three rights:
* access
* rectification
* deletion

Legal's trying to uphold them, but it's a technical question!

Legal wants to decrease risk but don't know software
The business wants to stay in business and make money. They want to be able to use data for things like placing ads and analysis.
It takes a lot of time to handle these requests, too!

They need a streamlined technical solution.
Program management wants to streamline and make things efficient and predictable... but they don't understand the technical limitation
As a software engineer, you've seen technical debt. So much technical debt. All the weight of the decisions that were made in the past, especially if you scaled without a data plan.

Average SMB has data in 10 different systems.
How do we delete?
Some poor software engineer is trying to track down what data is where?
What even *is* PII? There's no real standard.
What should be returned? What should be deleted.

Make a definition and stick to it.
Some of your databases might use email addresses as a primary key, some user IDs, etc.
1. Define PII
2. Find all the PII
3. Use pseudonymization to replace PII with some kind of random value which can't be tied back to the user

[reminder I am livetweeting this is not me speaking]
How do you do this at scale?
Maybe a centralized team who can handle this?
If you're a small company, plan ahead!
Be careful when you're doing sanitization -- some databases really don't like batch processes and you can make things fall over.
Speed
* you have a timeline -- often 30 or 45 days
* but that's not enough time if you haven't planned for streamlined speed

Ideally you won't need it, but have a backup plan, in case something goes wrong with a slow data system
Plan for a solution that grows with your business, not just a hacked-together series of SQL queries, but instead a centralized portal with extensibility as the business changes and technical systems grow.

... and as new privacy laws come into place
Privacy is way, way more than compliance. But compliance needs to happen.

Let's all do our part

[ end of talk ]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD

More from Tech

foone
foone
@Foone
It is 2018 and this error message is a mistake from 1974.
This limitation, which is still found in the very latest Windows 10, dates back to BEFORE STAR WARS. This bug is as old as Watergate.


When this was developed, nothing had UPC codes yet because they'd just been invented.
Back when this mistake was made, There was only one Phone Company, because they hadn't been broken up yet. Ted Bundy was still on the loose. Babe Ruth's home run record was about to fall.

When this bug was developed, Wheel of Fortune hadn't yet aired. No one had seen Rocky Horror. Steven Spielberg was still a little-known directory of TV films and one box-office disappointment. SNL hadn't aired yet. The Edmund Fitzgerald was still hauling iron ore.

WHEN THIS STUPID MISFEATURE WAS INVENTED, THE GODFATHER PART II HAD JUST OPENED IN THEATERS.

So, why does this happen? So Unix (which was only 5 years old at this point) had the good idea of "everything is a file" which mean you could do things like write to sockets, pipes, the console, etc with the same commands and instructions.
TECH
Jessica Guynn
Jessica Guynn
@jguynn
Mark Zuckerberg on NYT story: "To suggest we weren't interested in knowing the truth or wanted to hide what we knew or wanted to prevent investigations is simply untrue."

Facebook says it will take a couple of questions on the article but wants to focus on (looks at notes) its transparency report.

Good luck with that folks.

Now Mark Zuckerberg is running through all the tactics it's deploying to clean up the platform (you know like they should have years ago).

What every Facebook user should be reading in the
TECH
Advertisement
ashkan soltani
ashkan soltani
@ashk4n
BREAKING: @CommonsCMS @DamianCollins just released previously sealed #Six4Three @Facebook documents:

Some random interesting tidbits:

1) Zuck approves shutting down platform API access for Twitter's when Vine is released #competition


2) Facebook engineered ways to access user's call history w/o alerting users:

Team considered access to call history considered 'high PR risk' but 'growth team will charge ahead'. @Facebook created upgrade path to access data w/o subjecting users to Android permissions dialogue.


3) The above also confirms @kashhill and other's suspicion that call history was used to improve PYMK (People You May Know) suggestions and newsfeed rankings.

4) Docs also shed more light into @dseetharaman's story on @Facebook monitoring users' @Onavo VPN activity to determine what competitors to mimic or acquire in 2013.

https://t.co/PwiRIL3v9x
TECH
Austin Energy
Austin Energy
@austinenergy
LIVE: ❄️ City of Austin leadership including @AustinEnergyGM will address the unprecedented severe weather.
💻 Due to tech limitations, it will only be available via Facebook Live here: https://t.co/PchiwUgP0M
We will be live-tweeting in this thread.

Mayor Steve Adler: This will require us all to come together and help one another.
City Manager Spencer Cronk: As a City, we are doing our best to help those in need.

Cronk: Stay off the roads and conserve energy. Every little bit helps.

COA Office of Homeland Security and Emergency Management Director Juan Ortiz: Currently we have a warming center at the Palmer Events Center. You can show up at any time. As of this morning, cold weather shelters remain active. 282 were sheltered overnight.

Ortiz: Urge residents to conserve much power as possible to help with the emergency issues. We are working with critical facilities to ensure that access to those facilities remain open, so ambulances can get in.
TECH
Gbenga Samuel-Wemimo
Gbenga Samuel-Wemimo
@GbengaWemimo
An apostle was addressing his own members
If not for technology, you wouldn't be privy to his discussion with his members
He was sharing with them within the context of their understanding of his message, nature, and personality how he thrived in the middle of a season of casting

down
He mentioned what he achieved and even though it might sound like a boast, he was not boasting to you
He was boasting to his church members and as such, you cannot call it a boast
A father does not need to boast to his children and a shepherd surely does not need to boast to

his sheep
Newspapers needed a scandal and felt the message of the apostle was the right fit in their quest to get eyeballs
You read it and you began to insult the apostle
You, the son of a dog from Abatan refuse dump decided to drag an apostle on Twitter
Do you understand what it

means to be an apostle?
The angels working with an apostle are innumerable, they do not only work at his command, but they also work at his behest!
They are entrusted with the duty of ensuring that the Lordship of his office is respected by both spiritual and mundane entities

In the days of Jesus, many of the Pharisees and religious leaders treated his words and actions the same way many of the gutter bred stone casters with 100 Naira data and stolen or London used phone treated the words of the apostle
Jesus warned them at the time that they were
TECH

You May Also Like

ArmaniTalks \U0001f399\U0001f525
ArmaniTalks 🎙🔥...
@ArmaniTalks
Make them irrelevant > Hold a grudge

Holding a grudge is the easy thing to do.

But holding a grudge is not the right thing to do.

A grudge puts poison in your body & rewires your subconscious mind.

You consume the poison & destroy your reality while your attacker sleeps like a baby.
LIFE
Indian Quant
Indian Quant
@indian_quant
Nano Course On Python For Trading
==========================
Module 1

Python makes it very easy to analyze and visualize time series data when you’re a beginner. It's easier when you don't have to install python on your PC (that's why it's a nano course, you'll learn python...

... on the go). You will not be required to install python in your PC but you will be using an amazing python editor, Google Colab Visit https://t.co/EZt0agsdlV

This course is for anyone out there who is confused, frustrated, and just wants this python/finance thing to work!

In Module 1 of this Nano course, we will learn about :

# Using Google Colab
# Importing libraries
# Making a Random Time Series of Black Field Research Stock (fictional)

# Using Google Colab

Intro link is here on YT: https://t.co/MqMSDBaQri

Create a new Notebook at https://t.co/EZt0agsdlV and name it AnythingOfYourChoice.ipynb

You got your notebook ready and now the game is on!
You can add code in these cells and add as many cells as you want

# Importing Libraries

Imports are pretty standard, with a few exceptions.
For the most part, you can import your libraries by running the import.
Type this in the first cell you see. You need not worry about what each of these does, we will understand it later.
PYTHON , TRADE PYTHON , PYTHON TRADING
Advertisement
Jaya_Upadhyaya
Jaya_Upadhyaya
@Jayalko1
GHATI SUBRAMANYA, DODDABALLAPURA (KAR)
#bharatmandir

One of the most important place for snake worship.
The murtis of Kartikeya and Narasimha are self-manifested.
There is an anthill which is opposite the shrine. Bhaktas pour milk on it as part of rituals.


Here Subramanya performed penance in the form of snake. He sought protection from Narsimha for Nagas from Sri Vishnu’s vehicle Garuda, known for his dislike towards serpents.
The Pushya Suddha Shasti is one of the biggest festivals here believed to be appearance day of Subramanya


It was in this region where Subramanya vanquished Ghatikasura, the demon. Hence called Ghati Subramanya.
Childless couples visit here to seek blessings for getting a child.
The installation of snake murtis near the shrine is believed to be an auspicious act.


The murti of Karthikeya with a seven headed cobra faces eastwards while Narasimha faces westwards.
To ensure that both are visible to bhaktas at the same time, a huge mirror is placed in the rear in the sanctum sanctorum.
ALL
Brittany Packnett
Brittany Packnett
@MsPackyetti
We should stop confusing what someone was doing when we became aware of them with all they are capable of, interested in, or ever hope to be

Let folks have their many talents, interests and gifts. Life is far more fun with variety, loves.

A lot of folks have come to know me as an activist & I’m grateful that folks care to know me at all.

But I wasn’t born in 2014. I was a whole teacher, executive, policy person, speaker, arts and culture lover, reader, writer, woman of faith, fashion and more before 4 yrs ago 🤷🏾‍♀️

We rightfully complain that marginalized people are not allowed to be fully human.

But we internalize and transfer our oppression daily. It’s a smog. We all breathe it in & act it out.

And then tell WoC “girl ain’t you supposed to be a _______? Why you doing ____?”

Can I live?

And don’t go reading anything personal into this-this isn’t about me necessarily and it’s no subtweet (I try hard not to do that.)

I’ve just been observing that behavior more and more lately. Especially when it comes to marginalized folks.

Evolution should be our aspiration.

“Can’t knock the hustle” should be our anthem.

As long as someone isn’t bringing active and continual harm, why can’t they explore their many sides?
SOCIETY
TXgrlWatching\U0001f4bb\u2694\U0001f6e1
TXgrlWatching💻⚔🛡...
@VeritasTXgem
Thread A History lesson for the MOAB:
1. The United States of America is not and has never been a Democracy, we're a Federal Republic tied together by the capital Laws of the Constitution.

Everyone in the country is about to get a harsh lesson on what this really means...

2. In 1871, February 21: Congress Passes an Act to Provide a Government for the District of Columbia, also known as the Act of 1871.

With no constitutional authority to do so, Congress creates a separate form of
government for the District of Columbia.

3. A ten mile square parcel of land (see,
Acts of the Forty-first Congress,” Section 34, Session III, chapters 61 and

4. The act — passed when the country was weakened and financially depleted in
the aftermath of the Civil War — was a strategic move by foreign interests
(international bankers) who were intent upon gaining a stranglehold on the coffers and neck of America.

5. Congress cut a deal w/ the international bankers(Rothschilds of London) to incur a DEBT to said bankers. Because the bankers were not about to lend money to a floundering nation w/out serious stipulations, they devised a way to get their foot in the door of the United States.
HISTORYLESSON