BC TECH
Saved by @ThomassRichards

Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

 Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.
Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.
How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering
We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
Three rights:
* access
* rectification
* deletion

Legal's trying to uphold them, but it's a technical question!

Legal wants to decrease risk but don't know software
The business wants to stay in business and make money. They want to be able to use data for things like placing ads and analysis.
It takes a lot of time to handle these requests, too!

They need a streamlined technical solution.
Program management wants to streamline and make things efficient and predictable... but they don't understand the technical limitation
As a software engineer, you've seen technical debt. So much technical debt. All the weight of the decisions that were made in the past, especially if you scaled without a data plan.

Average SMB has data in 10 different systems.
How do we delete?
Some poor software engineer is trying to track down what data is where?
What even *is* PII? There's no real standard.
What should be returned? What should be deleted.

Make a definition and stick to it.
Some of your databases might use email addresses as a primary key, some user IDs, etc.
1. Define PII
2. Find all the PII
3. Use pseudonymization to replace PII with some kind of random value which can't be tied back to the user

[reminder I am livetweeting this is not me speaking]
How do you do this at scale?
Maybe a centralized team who can handle this?
If you're a small company, plan ahead!
Be careful when you're doing sanitization -- some databases really don't like batch processes and you can make things fall over.
Speed
* you have a timeline -- often 30 or 45 days
* but that's not enough time if you haven't planned for streamlined speed

Ideally you won't need it, but have a backup plan, in case something goes wrong with a slow data system
Plan for a solution that grows with your business, not just a hacked-together series of SQL queries, but instead a centralized portal with extensibility as the business changes and technical systems grow.

... and as new privacy laws come into place
Privacy is way, way more than compliance. But compliance needs to happen.

Let's all do our part

[ end of talk ]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD

More from Tech

Jijo Sunny
Jijo Sunny
@JijoSunny
1/ 👋 Excited to share what we’ve been building at https://t.co/GOQJ7LjQ2t + we are going to tweetstorm our progress every week!

Week 1 highlights: getting shortlisted for YC W2019🤞, acquiring a premium domain💰, meeting Substack's @hamishmckenzie and Stripe CEO @patrickc 🤩

2/ So what is Brew?

brew / bru : / to make (beer, coffee etc.) / verb: begin to develop 🌱

A place for you to enjoy premium content while supporting your favorite creators. Sort of like a ‘Consumer-facing Patreon’ cc @jackconte

(we’re still working on the pitch)

3/ So, why be so transparent? Two words: launch strategy.

jk 😅 a) I loooove doing something consistently for a long period of time b) limited downside and infinite upside (feedback, accountability, reach).
cc @altimor, @pmarca


4/ https://t.co/GOQJ7LjQ2t domain 🍻

It started with a cold email. Guess what? He was using BuyMeACoffee on his blog, and was excited to hear about what we're building next. Within 2w, we signed the deal at @Escrowcom's SF office. You’re a pleasure to work with @MichaelCyger!

5/ @ycombinator's invite for the in-person interview arrived that evening. Quite a day!

Thanks @patio11 for the thoughtful feedback on our YC application, and @gabhubert for your directions on positioning the product — set the tone for our pitch!
TECH
Mike Metzler
Mike Metzler
@MTZLER
I’ve been flooded with Snapchat Spotlight questions after posting I’ve qualified for a payout 4 times. Here are the answers to the most common questions I’ve gotten in my DMs. These answers are my own experience and may differ from others .

Q: How will I know if I am getting paid?
A: You will get a message from Team Snapchat that looks like the below message 2-3 weeks after the snap has gone live. At this point it important that you verify your email address.


Q: How long after I’ve been notified I qualify, will I know for how much?
A: my experience is that usually 7-10 days after you get the qualifying message, you get a message with the amount, it will look like this. This message will include a unique access code for HyperWallet.


Q: How do I set up my HyperWallet?
A: Around three weeks after you get the payment amount you will get an email to your verified email from Snapchat Pay. It will look like this and will require you to fill out some tax forms, takes like 10 min.


Q: How long does it take to actually get the money in my account?
A: it took me like 7 days from when I had my HyperWallet approved before I got the money into my HyperWallet account. I recommend you set up auto withdraw. You can send money to PayPal, Venmo or bank account.
TECH
Advertisement
foone
foone
@Foone
you know how Atari called the Jaguar as a "64bit system", because it had two 32bit CPUs? (or because it had a 64bit bus, but let's not worry about that)
we should apply that logic to the current generation of consoles.
So the Switch is a 256bit console. It's the Nintendo 256.

The Xbox Series X? terrible name.
Better call it the "Xbox 512 Blu-ray".
like the Jaguar CD, the Sega CD... the good old days when consoles had their media type in the name.

Boringly the PS5 is also a Playstation 512 Blu-ray, because both of them are using the same AMD Zen 2 CPU.

The Switch one is weeeird. It's built on an Nvidia Tegra X1, which is an 8 core 64-bit CPU, so that should be 512, right?

Well... no. Four of them can't be used. And later documentation doesn't even mention them.

it's some weird system where the system-on-a-chip has four Cortex-A57 cores and four Cortex-A53 cores but only the A57s are usable?
TECH
James More
James More
@jameore
One of the best decisions I made during a very turbulent 2020 was to leave conventional coding behind and embrace the #nocode movement. @bubble made this a reality. Although my own journey thus far is premature, I’ve learned a lot so here’s a power thread on....


‘How I created @buildcamp sales funnel landing page in under 2hours’.

Preview here 👇

https://t.co/s9P5JodSHe

Power thread here 👇

1. Started with a vanilla bubble app ensuring that all styles and UI elements were removed. Created a new page called funnel and set the page size to 960px as this allows the page to render proportionately on both web and mobile when hitting responsive breakpoints.


2. Began dropping elements onto the page to ‘find the style’. These had to be closely aligned to our @buildcamp branding so included text, buttons and groups - nothing too heavy. Played around with a few fonts, colors and gradients and thus pinned down the following style guide.


3. Started to map out sections using groups as my ‘containers’ to hold the relevant information and imagery needed to pad out the sales pitch. At this point, they were merely blocks of color #ff6600 with reduced opacity set to 5% to ease page flair.
TECH
James Felton
James Felton
@JimMFelton
The Phantom of Heilbronn (or how for 16 years the German police hunted a serial killer who didn't exist)

(Thread, non sweary version here: https://t.co/iDOIhaFgIT)


Between the years of 1993 and 2009, police in Heilbronn, Germany were tracking just about the most elusive serial killer since Ted Cruz.

Known as the Phantom of Heilbronn, or occasionally The Woman Without A Face, she was implicated in so many crimes that the police eventually put out a reward of €300,000 for any information leading to her arrest.

The case that brought her to the media's attention and earned her two ridiculously badass nicknames

(honestly, if you don't want people to do murders you're going to have to come up with less glamorous nicknames - what's wrong with Jack Shitshispants or the Zodiac Cuck)
TECH

You May Also Like

PC\U0001f30e\u262e
PC🌎☮
@pc_432
Moderna CEO Stephane Bancel was previously CEO of bioMerieux in France from 07-10.

Alain Merieux, who owns bioMerieux, was instrumental in the creation of the Wuhan Institute of Virology P4 Lab.

The same people who helped create the virus, also helped to create the vaccines...


Moderna partnered with French Pasteur Institute in 2015 to develop mRNA vaccine technology.

Pasteur Institute partnered with the Wuhan P4 Laboratory in 2017 along with the Merieux Foundation to study emerging viruses...
https://t.co/yFsHwrNYaK
https://t.co/9M5lydBKhM


Nobel prize winning scientist Luc Montagnier asserts that Sars-Cov-2 is man-made and originated from the Wuhan Institute of Virology.

Montagnier did extensive work with the Pasteur Institute in France which was partnered with the Wuhan P4.

Merieux Foundation & the Chinese government have worked together since 1965, and partnered to study emerging pathogens in Africa in 2015.

Their research included "PATHOGENS CARRIED BY BATS" that provoke respiratory diseases.

🚨🚨🚨
https://t.co/gVwpT0ssqI
ALL
Jaya_Upadhyaya
Jaya_Upadhyaya
@Jayalko1
MEENAKSHI AMMAN, MADURAI (TN)
#bharatmandir #navratri2021

A paadal Petra sthalam where Shiva took the form of Sundareswarar (the handsome one) and married Devi Parvati (Meenakshi).
Devi is also known by the name Angayarkanni (mother with the beautiful fish eyes).
@GunduHuDuGa


Devi Meenakshi emerged from yagna fire as a 3 year old girl when Pandyan King Malayadwaja and Kanchanamalai were praying for a child.
It is said that Devi was born with three breasts and there was a prophesy that her superfluous breast would melt away when she met her husband.


Devi ruled over Madurai and captured Indralok. She went on to capture Kailasha. When she saw Shiva, her 3rd breast disappeared and she realised that Shiva would be her consort.
The divine marriage was attended by all Devas and Sri Vishnu (as her brother) gave her hand to Shiva.


It is said that Indra found a swayambhu lingam at Kadamba Vanam. He placed it in Madurai where the kshetram stands. Here, Shiva is seen on the vehicle of Indra.
The Golden Lotus Tank is said to be the place where a golden lotus blossomed for the puja performed by Indra.


The Meenakshi Thirukalyanam festival is celebrated in the Chithirai month to mark the divine marriage of Meenakshi Amman. The festival includes a procession where Meenakshi and Sundareshwara travel in a chariot and Sri Vishnu gives away his sister in marriage to Shiva.
ALL
Advertisement
Corey Lynn \U0001f64f\U0001f1fa\U0001f1f8
Corey Lynn 🙏🇺🇸...
@CoreysDigs
1) OBSERVATION: The frequencies are changing. I would have to assess stats on the electromagnetic field to see its fluctuations. All I know is, I am highly sensitive to energy/frequencies, and they are changing, because…

2) 2 Weeks ago, my dog was effected by it as well. He is hearing things that aren’t technically audible. I can tell by his body language and sounds. One week ago I began feeling a pressure in my head and ears. It wasn’t painful at all, but it was intense for a bit.

3) It reminded me of taking off in an airplane a bit. I felt like I was in a vacuum. It went on and off for a couple of days. I’ve picked up on frequencies and high pitched sounds (not audible to most) for 30 years, and today my right ear began to ring for longer than usual.

4) This is nothing unusual for me, with exception of the duration. This happens often with me. No, it’s not tinnitus. Only this time, when I spoke, there was reverb creating a high pitch in my ear from my voice. This lasted for about 30 minutes. It did not hurt, just annoying.

5) So yes, the frequencies are changing. What this means exactly, I am unsure of at the moment. Some will say electromagnetic fields, others will say ascension, and some will say pole shift. I honestly can’t say at this very moment.
SCIENCE
\u0938\u093e \u0935\u093f\u0926\u094d\u092f\u093e \u092f\u093e \u0935\u093f\u092e\u0941\u0915\u094d\u0924\u092f\u0947
सा विद्या या विमुक्तये...
@raghav_aanya
#ज्योतिष_विज्ञान #मंत्र_विज्ञान

ज्योतिषाचार्य अक्सर ग्रहों के दुष्प्रभाव के समाधान के लिए मंत्र जप, अनुष्ठान इत्यादि बताते हैं।

व्यक्ति के जन्म के समय ग्रहों की स्थिति ही उसकी कुंडली बन जाती है जैसे कि फ़ोटो खींच लिया हो और एडिट करना सम्भव नही है। इसे ही "लग्न" कुंडली कहते हैं।


लग्न के समय ग्रहों की इस स्थिति से ही जीवन भर आपको किस ग्रह की ऊर्जा कैसे प्रभावित करेगी का निर्धारिण होता है। साथ साथ दशाएँ, गोचर इत्यादि चलते हैं पर लग्न कुंडली का रोल सबसे महत्वपूर्ण है।


पृथ्वी से अरबों खरबों दूर ये ग्रह अपनी ऊर्जा से पृथ्वी/व्यक्ति को प्रभावित करते हैं जैसे हमारे सबसे निकट ग्रह चंद्रमा जोकि जल का कारक है पृथ्वी और शरीर के जलतत्व पर पूर्ण प्रभाव रखता है।
पूर्णिमा में उछाल मारता समुद्र का जल इसकी ऊर्जा के प्रभाव को दिखाता है।


अमावस्या में ऊर्जा का स्तर कम होने पर वही समुद्र शांत होकर पीछे चला जाता है। जिसे ज्वार-भाटा कहते हैं। इसी तरह अन्य ग्रहों की ऊर्जा के प्रभाव होते हैं जिन्हें यहां समझाना संभव नहीं।
चंद्रमा की ये ऊर्जा शरीर को (अगर खराब है) water retention, बैचेनी, नींद न आना आदि लक्षण दिखाती है


मंत्र क्या हैं-
मंत्र इन ऊर्जाओं के सटीक प्रयोग करने के पासवर्ड हैं। जिनके जप से संबंधित ग्रह की ऊर्जा को जातक की ऊर्जा से कनेक्ट करके उन ग्रहों के दुष्प्रभाव को कम किया और शुभ प्रभाव को बढ़ाया जाता है।
ALL
EverythingOppresses
EverythingOppresses
@SoOppressed
The first area to focus on is diversity. This has become a dogma in the tech world, and despite the fact that tech is one of the most meritocratic industries in the world, there are constant efforts to promote diversity at the expense of fairness, merit and competency. Examples:

USC's Interactive Media & Games Division cancels all-star panel that included top-tier game developers who were invited to share their experiences with students. Why? Because there were no women on the

ElectronConf is a conf which chooses presenters based on blind auditions; the identity, gender, and race of the speaker is not known to the selection team. The results of that merit-based approach was an all-male panel. So they cancelled the conference.

Apple's head of diversity (a black woman) got in trouble for promoting a vision of diversity that is at odds with contemporary progressive dogma. (She left the company shortly after this

Also in the name of diversity, there is unabashed discrimination against men (especially white men) in tech, in both hiring policies and in other arenas. One such example is this, a developer workshop that specifically excluded men: https://t.co/N0SkH4hR35
TECH