BC WORLD
Saved by @ThomassRichards

In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

 Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]
Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]
But the in-person ballots are complicated, too!
Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
There are reasons to want online voting:
* Citizens living abroad
* Visually impaired and quadriplegic voters need to have assistants that they trust
* Many invalid ballots (even <10%!)
* Physical voting has security problems, too
Like the states of the US, there are cantons in Switzerland, federalized system. The cantons have almost complete control over the elections *except* that the federal system has exclusive control over the security of online voting.
Several cantons have been experimenting, with Geneva being the first, followed by a group of eight cantons.
In 2017 the federal chancellor calls for 2/3 of the cantons to offer internet voting for national elections in 2019. There were not many CS people represented and they declared internet voting "solved".

That was a wakeup for people on internet voting.
Geneva pulled funding after political quarrels... which paved the way for SwissPost.

In 2019 they posted the source code before the election. It didn't take long for several fundamental security flaws to be found.

[ I can't type this fast and find everyone's names sorry]
In the wake of that failure everyone figured out that internet voting was not, in fact, solved. At all.

So they brought in a bunch of experts.
What happens if you get together a bunch of experts? A scientific report!
[If someone has a link, please reply with it]

@ChrFolini was brought in to moderate the workshops... then the pandemic hit. Lots of debate on cryptography, software development, etc.
After all that debate and new work, there is a new report [anyone have a link? @ChrFolini?] in line with the recommendations of the scientists. But we'll need to keep tweaking as tech changes.
Key recommendations:
* Strict hierarchy of recommendations, starting with a verifier model which can be reasoned about, then moving to pseudocode then code. Use formal models.
* Diversity of hard- and soft-ware to resist attacks. It's more expensive, but there are security benefits.

[Boy howdy this is going to be controversial one, depending on how this is set up -- checks of different versions against each other?]
* Maximum level of transparency, especially in development

* Voting security beyond internet voting
Summary:
* Switzerland is a useful testbed for online voting
* Iterative process with strict supervision on federal level
* Expert dialogue with recommendations in 2020
@ChrFolini sees online voting as something which may or may not be securable but it's a political question whether it's introduced... so we'd better work on it.

[paraphrased]
Giving my hands a break, so end of talk as the questions are coming thick and fast (not at all shocking!)

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE

More from World

Fidato
Fidato
@tequieremos
BJP is planning to undertake 'Rath Yatra' in Delhi's riot-affected areas to seek donations for Ram Temple on Feb 1. In 1990, L.K. Advani had launched Rath Yatra from Somnath to Ayodhya.

This thread covers the large scale killing which took place during the Yatra and it's impact.

Between April 1989 and April 1990, 262 people died in Gujarat, mostly were Muslims. In October 1990, days after Advani’s yatra began, 41 were killed in Ahmedabad. The same month, 52 were killed in Jaipur, 20 in Jodhpur, 33 in Lucknow, over 100 in Delhi, 37 in Assam,

[1]


18 in Patna and 165 in Hyderabad. Also in October, a pogrom against Muslims in Bhagalpur, Bihar, saw 960 killed in which 900 were Muslims. In November, 31 were killed in Agra, again mostly Muslim and 13 in Indore. In Dec, 60 were killed in Karnataka and 134 in Hyderabad.

[2]

Many parts of India remained tense for long periods of time. Between April and May 1990, three riots in Kanpur killed 30; between May and November 1991 more than 50 were killed in Varanasi. In May 1991, 26 including 24 Muslims were killed in Vadodara.

[3]

In October 1992, 44 were killed in Sitamarhi. On 6 December 1992, immediately after the Babri Masjid was destroyed, pogroms against Muslims broke out in Surat where 200 died, of whom some 95 per cent were Muslims. In Bhopal in December, 143 were killed.

[4]
WORLD , BLOOD YATRA
Frank Bowman
Frank Bowman
@FOBowman3
1/10 With respect, multiple straw men here:
A) If you mean by "legally questionable" either that Senate is barred by constitution from trying an official impeached while in office, or that there are even very strong arguments against it, I have to differ...


2/10 Constitutional structure, precedent & any fair reading of original intent dictate that argument for jurisdiction is far stronger than argument against. On original intent, see

3/10 If you mean argument against jurisdiction is plausible, sure, it's plausible. It's just weak. In practical fact, Senate can try Trump now, find him guilty & disqualify him from future office if there are sufficient votes. And no court would presume to overturn that result

4/10 b) The argument from resources is awfully hard to take seriously. Fewer than a dozen House members act as Managers for a few weeks. They are staffed, as are Senators hearing case, by folks whose job it is to do stuff like this...

5/10 Yes, Senate floor time will be taken up. But it's past time for us to stop thinking of members of either house as feeble, fluttering, occupants of a nationally-funded convalescent home. There are nearly 500 of these people with 1000s of staff and a bunch of big buildings...
WORLD
Advertisement
Dr. Alexander Hamilton | Alter Ego: AHAM
Dr. Alexander Hamilton...
@DrAlexHamilton
KILLMONGER'S DIARY

Fuck Africa. I'm American. Any African mad at dem words, kick rocks. Don't like it, jump ship. Back 2 Africa. Need receipts. How much yall made off us? U think we didn't know? Mafucka, we the vibranium that made Africa pop. We werent stole. We were sold.

Yall sold us. Then yall hv the audacity 2 come here, pass as American niggas, lecture us about racism & white supremacy, police our emotion, critique our anger & then U have the bravado 2 lecture us about fighting when yall let Europeans come & take yall shit? Fuck out of here.

Immigrants by nature unpatriotic. When times got tough, you left your country. You abdicated the responsibility to make your country better. You didn't fight. You ran. We didn't leave. We stayed. We fighters. Yall runners. Ain't know runner can tell a fighter about a damn thing.

"Erik U dont understand. We wouldve been killed." So the fuck what. We died fo our shit, but yall weren't willing 2 die for yours & now U come here trying 2 cut the line & take our place & Bitch, dont be calling me by my 1st name. We aint cool like that. Thats Mr. Killmonger 2 U.

& we ain' family. I dont play crayola politics so I dont care we got da same skin color. I ain't got no Melanin infatuation like the rest of deese niggas. I's knows what yall done did to us. I gives as much afuck about Africans as George Jefferson gave about Archie Bunker.
SOCIETY , WORLD
Khaled Homoud Alshareef \U0001f1f8\U0001f1e6
Khaled Homoud Alsharee...
@0khalodi0
1️⃣ How the Yemeni Civil War (2014–present) is portrayed in the main stream media


2️⃣ This one is a little different, it hits close to home in many different ways, the Yemeni Civil War is a unique phenomenon in moder warfare, the majority of people don't even know what's really going on and who's fighting who.

3️⃣ The combatants :
Iranian backed Supreme Political Council (Houthis)
  International recognized Government (Hadi-led government)
  South Yemen Nationalists Southern Transitional Council

4️⃣ The (allegedly Turkish and Qatari backed) Islamic State of Iraq and the Levant – Yemen Province (ISIL-YP)
 The (allegedly Iranian and Qatari backed) Ansar al-Sharia and Al-Qaeda in the Arabian Peninsula (AQAP)


5️⃣The so called Supreme political council of Yemen is a Mish mash of bad guys and misfits, Iran supplies the Houthis with arms, drones and ballistic missiles, Hezbollah delivers these arms through shell corporations and Hezbollah operators man the missiles
WORLD
Nicholas Drummond
Nicholas Drummond
@nicholadrummond
BRITSH ARMY HEADCOUNT REDUCTION (Thread)
Looking back at personnel cuts made in 2010, a reduced Army of 82,000 didn’t help Britain regain its financial strength, it simply signified a hollowing-out of our ability to defend ourselves.
(1 of 25)


It destroyed the credibility of David Cameron’s Coalition Government then and even more so in hindsight. It was military illiteracy on a grand scale. The problem wasn’t so much the reduction itself, but the fact that there was no real strategy behind it, no future plan.
(2 of 25)

Back in 2010, the UK's involvement Iraq and Afghanistan didn’t really serve our national interests (See Ben Barry’s book). If these conflicts were sub-optimal uses of the Army, they raised the important question of what the Army’s underlying raison d’être should be.
(3 of 25)


We hope the Integrated Review will provide a concrete response to this. In the meantime, the Integrated Operating Concept has been much talked about, but we have been left in the dark about what it signifies in terms of strategic priorities and a reconfigured force.
(4 of 25)


The resulting strategy will obviously be threat-driven with Russia, China, North Korea and Iran representing near-peer threats and Islamic terror groups in Africa and the Middle East posing an asymmetric threat. This suggests a mix of high-end and light forces.
(5 of 25)
WORLD

You May Also Like

Kitze @ \U0001f1e9\U0001f1ea\ufe0f
Kitze @ 🇩🇪️...
@thekitze
To people who are under the impression that you can get rich quickly by working on an app, here are the stats for https://t.co/az8F12pf02

📈 ~12000 vistis
☑️ 109 transactions
💰 353€ profit (285 after tax)

I have spent 1.5 months on this app. You can make more $ in 2 days.

🤷‍♂️


I'm still happy that I launched a paid app bcs it involved extra work:

- backend for processing payments (+ permissions, webhooks, etc)
- integration with payment processor
- UI for license activation in Electron
- machine activation limit
- autoupdates
- mailgun emails

etc.

These things seemed super scary at first. I always thought it was way too much work and something would break. But I'm glad I persisted. So far the only problem I have is that mailgun is not delivering the license keys to certain domains like https://t.co/6Bqn0FUYXo etc. 👌

omg I just realized that me . com is an Apple domain, of course something wouldn't work with these dicks
MAKERS
UN Watch
UN Watch
@UNWatch
The UN just voted to condemn Israel 9 times, and the rest of the world 0.

View the resolutions and voting results here:

The resolution titled "The occupied Syrian Golan," which condemns Israel for "repressive measures" against Syrian citizens in the Golan Heights, was adopted by a vote of 151 - 2 - 14.

Israel and the U.S. voted 'No' https://t.co/HoO7oz0dwr


The resolution titled "Israeli practices affecting the human rights of the Palestinian people..." was adopted by a vote of 153 - 6 - 9.

Australia, Canada, Israel, Marshall Islands, Micronesia, and the U.S. voted 'No' https://t.co/1Ntpi7Vqab


The resolution titled "Israeli settlements in the Occupied Palestinian Territory, including East Jerusalem, and the occupied Syrian Golan" was adopted by a vote of 153 – 5 – 10.

Canada, Israel, Marshall Islands, Micronesia, and the U.S. voted 'No'
https://t.co/REumYgyRuF


The resolution titled "Applicability of the Geneva Convention... to the
Occupied Palestinian Territory..." was adopted by a vote of 154 - 5 - 8.

Canada, Israel, Marshall Islands, Micronesia, and the U.S. voted 'No'
https://t.co/xDAeS9K1kW
SOCIETY
Advertisement
itrade(DJ)
itrade(DJ)
@ITRADE191
Here is the detailed information of about strategy,

Entry time : 9.30 - 10
Exit : Upto you

Strategy :
Sell weekly ATM CE & PE at almost equal price
For ex : Sell Nifty 17250 CE at 50 and Nifty 17250 PE at 48 so it will become short straddle

Buy monthly ATM or near ATM CE & PE at matching price (5-10 points diff should be fine) as hedge
For ex : Buy Nifty 17250 CE at 150 and Nifty 17300 PE at 155 so it will become long straddle.

Weekly Short straddle + Monthly Long straddle

Adjustment:

• If you feel slightly bullish/bearish then no adjustment needed
• If Nifty moves 50 up or down and sustain then just simply roll up or down half of qnty and keep rest of the quantity. If market goes up or down further then roll up or down rest.

• If Nifty moves one side or about to breach BEP then add equal amount of lot. This can balance tested side. For ex: If I bought 17300 CE 4 lot as hedge then add 4 lot so you will have only one side risk . Note: Remember to keep SL at cost price (only for additional lot bought)

Capital requirement:
2.2 L for 4 lot
Adjustment requires additional capital upto 1L

Note : High risk high reward strategy, please don’t execute until you fully understand. Kindly do paper trading or backtest.
RR : 1:1
POP : 45-55%
OPTIONSLEARNINGS , ALL
Sahil
Sahil
@sahilypatel
Want to do an MBA for free ?

A thread 👇

1) Leadership: Foundations of Teamwork and Leadership

School: wharton

2) Marketing: Marketing Management

School: wharton

3) Microeconomics: Microeconomics for Managers

School:

4) Financial Theory

School:
ALL , MBA , MBA SERIES
Danielle \U0001f1e7\U0001f1f4
Danielle 🇧🇴...
@dinkydani21
❤✈️🌎 2 years ago today @JamesIvings and I sold all our belongings and left the UK to travel for a year. We've never been happier and we have no plans to ever return there 🙂

Thread 👇

Since then we've started a remote web dev company @SquarecatWebDev and been lucky enough to have completed several freelance projects 💻 that have kept us on the road.

In the last few months we've become a huge part of this amazing new Maker community and have found so many new friends from @makerskitchen, @women_make_ and several others! 🥰

We love travelling together (even if I'm only a glorified laptop watcher 😒) but we're both much happier being able to share our ideas outside of our own little bubble and our products have benefitted too!

Here's to another year of nomading with my favourite person and to the Maker community continuing to grow with our help! Maybe one day we'll all get to meet each other ✌️ 💛
LIFE