BC WORLD
Saved by @ThomassRichards

In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

 Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]
Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]
But the in-person ballots are complicated, too!
Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
There are reasons to want online voting:
* Citizens living abroad
* Visually impaired and quadriplegic voters need to have assistants that they trust
* Many invalid ballots (even <10%!)
* Physical voting has security problems, too
Like the states of the US, there are cantons in Switzerland, federalized system. The cantons have almost complete control over the elections *except* that the federal system has exclusive control over the security of online voting.
Several cantons have been experimenting, with Geneva being the first, followed by a group of eight cantons.
In 2017 the federal chancellor calls for 2/3 of the cantons to offer internet voting for national elections in 2019. There were not many CS people represented and they declared internet voting "solved".

That was a wakeup for people on internet voting.
Geneva pulled funding after political quarrels... which paved the way for SwissPost.

In 2019 they posted the source code before the election. It didn't take long for several fundamental security flaws to be found.

[ I can't type this fast and find everyone's names sorry]
In the wake of that failure everyone figured out that internet voting was not, in fact, solved. At all.

So they brought in a bunch of experts.
What happens if you get together a bunch of experts? A scientific report!
[If someone has a link, please reply with it]

@ChrFolini was brought in to moderate the workshops... then the pandemic hit. Lots of debate on cryptography, software development, etc.
After all that debate and new work, there is a new report [anyone have a link? @ChrFolini?] in line with the recommendations of the scientists. But we'll need to keep tweaking as tech changes.
Key recommendations:
* Strict hierarchy of recommendations, starting with a verifier model which can be reasoned about, then moving to pseudocode then code. Use formal models.
* Diversity of hard- and soft-ware to resist attacks. It's more expensive, but there are security benefits.

[Boy howdy this is going to be controversial one, depending on how this is set up -- checks of different versions against each other?]
* Maximum level of transparency, especially in development

* Voting security beyond internet voting
Summary:
* Switzerland is a useful testbed for online voting
* Iterative process with strict supervision on federal level
* Expert dialogue with recommendations in 2020
@ChrFolini sees online voting as something which may or may not be securable but it's a political question whether it's introduced... so we'd better work on it.

[paraphrased]
Giving my hands a break, so end of talk as the questions are coming thick and fast (not at all shocking!)

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.


But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework


We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law

But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
TECH , TEACH
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH

More from World

Defense News Nigeria
Defense News Nigeria
@DefenseNigeria
The Balkanization of Africa has long been a strategic aim of several foreign powers. As Zbigniew Brzezinski, a US foreign policy theoretician and top adviser to US President Barack Obama stated, a divided and warring Nigeria ultimately serves the interests of the United States.


The initial intention of the powers that be in covertly supporting Boko Haram was to destabilize Nigeria, trigger sectarian divisions and violence, and then rush in to ‘save’ Nigeria under the banner of military assistance and humanitarian aid. Today the powers that be


..has essentially created a conflict intervention industry. Some are testing and exhibiting new weapons system. Others are flexing their diplomatic influence. Private military contractors are securing lucrative contracts, with Russia leading the pack in this field with its


"Little green men" in Libya and Mozambique. Not to be left out Eric Prince, the founder of U.S based Blackwater, travelled to Abuja where he met with Nigeria's President and offered to destroy Boko Haram for a fee of US$1.5 billion. That offer was rejected. See the dynamics?

They criticized Eeben Barlows STTP involvement in Nigeria and then used the back door to try cut a $1.5 billion deal with the Nigerian government. Abuja chose the South African based Special Tasks, Training, Equipment and Protection (STTEP) International Ltd.
WORLD
Kab
Kab
@Kabamur_Taygeta
#NEIOH

1. Beloved Ones!

We Have Important Matters To Discuss With You!  If You Believe This Is A Joke, You Should Leave Now. We Do Not Joke When It Comes To This Planet. AKATU Will Lighten Things To Cheer You. What We Share Now Will Inform You.
SOCIETY , WORLD
Advertisement
Defense News Nigeria
Defense News Nigeria
@DefenseNigeria
Could Turkish drones be the silver bullet in Nigeria's decade long war against insurgency. Turkey has in recent years become a major player when it comes to the world of drones. Weve seen what Turkish drones did in Syria.


In Libya, in what can be described as the largest drone war in the world we saw how the LNA's goal of seizing the capital Tripoli abruptly ended after Turkeys intervention with its Bayraktar drones. There is no doubt these drones will be of immense value to the Nigerian military


The relatively flat featureless terrain of the northeast means that ground units are easily spotted, with few natural barriers to hide. The Alpha jets and L-30ZA are valuable yet limited by numbers. Besides they antiquated platforms.

While manned fighter aircraft have been used for most part of the war the NAF needs to start considering the employment of unmanned aerial vehicles on a strategic level. UAVs are useful for several reasons. Not only do they provide valuable information about the enemy

..that can be spotted from standoff distances, they are able to attack targets immediately with a far higher rate of success. In the event a drone is shot down...BIG DEAL !..the pilot is safe, back at base and able to pilot the next drone that takes off.
WORLD
Elijah J. Magnier
Elijah J. Magnier
@ejmalrai
13 years ago, Imad Mughnieh was unlawfully assassinated in #Damascus. Both the CIA and the Mossad claimed credit. Haj Imad managed to survive for 25 years away from his killers (incl some Arab States) and transformed #Hezbollah to another level of deterrence against #Israel.+


He introduced changes within #Hezbollah structure and was known to be fair with all militants. He has created an innovation sector within Hezbollah and handsomely paid for any qualified person to materialise new ideas related to science, health and military fields.+

During the last year, around 2006-2007, Haj Imad became more visible domestically and regionally. He was the one meeting political and military leaders, including allies and his name became more known as the "assistant of the Jihadi council Leader (Sayyed Nasrallah) +

#Hezbollah has lost an important leader and a very close friend and companion to Sayyed Nasrallah. However, Hezbollah moved from domestic to regional power, operating in #Lebanon to defend the country from #Israel's intentions and imposed deterrence that Israel has lost. +

#Hezbollah moved to #Syria to the request of the Syrian President Bashar al-Assad & to #Iraq when Prime Minister Nuri al-Maliki asked the help of Hezbollah against #ISIS and to #Yemen to the request of Sanaa' government to stand against a very large coalition led by US and Saudi.
WORLD , ALL
hornsby
hornsby
@ybsnroh
This thread was inspired by @PrinceGanaku. He made a legal argument pushing back against the legalization of homophobia, which some like @konkrumah have happily advocated.

I come from an academic background in social and political philosophy. I wanna make a moral argument 1/x.

Homosexuality is better defined as sexual attraction in homogeneity. The claims made against this phenomenon have been drawn anywhere from biological science to majoritarianism in democracy. I would like to pick and tackle three of these: science, religion and majoritarianism

The search for what makes one gay, sensationally-named the Gay Gene, has dominated the scientific discourse on the matter. Science is reductionist materialism

The attraction btwn man and woman is thought to have been reduced to a material cause in our being so what about gays?

But have we really reduced heterosexual attraction to its material cause in our biology? The best answer is no.

I would encourage anyone to seek this: "what is the cause of heterosexual attraction" and I would confidently tell you that the science is inconclusive

We don't know

We have no idea WHY usually, those we call male are attracted in sexual biological and neurological terms to those we call female.

We know HOW it happens. That is to say we can explain observable phenomena like hormones and receptors moving but we don't know WHY men like women.
WORLD

You May Also Like

Amit Schandillia
Amit Schandillia
@Schandillia
[THREAD: HISTORY OF THE HINDU TEMPLE]
1/102
Four hours south of Aswan in Lower Nubia, right by the Nile, is a region dotted with temple complexes built more than 3,000 years ago. Some like the temples of Amada, Derr, and Beit el-Wali go as far back as 1500 BC.


2/102
A little further south, not far from the border with Sudan, is another complex dedicated to Ramses II, Hathor, and Nefertari in the village of Ipsambul, better known locally as Abu Sunbul and internationally as Abu Simbel. These go back to the 13th century BC.


3/102
Djeser-Djeseru, also known as the mortuary temple of Hatshepsut in Upper Egypt also dates to 1400 BC. Over 500 years older is the nearby Mentuhotep II, also a mortuary temple. Both were dedicated to the cult of Amun Ra, besides their respective pharaohs.


4/102
Far older is the Ġgantija complex of Malta. Going as far back as 3600 BC, this one comprises of two temples entirely made of stone and enclosed in a stone wall. From the figures therein, it's understood to be a site of some kind of a fertility cult worship.


5/102
Dating from the same period are the limestone megaliths of Ħaġar Qim and Mnajdra, both said to have once hosted ritualistic sacrifices as part of the same fertility cult worship as found in the Ġgantija complex. Malta has some of the oldest temple complexes in Europe.
RELIGION
foone
foone
@Foone
So there's a class of puzzles called "river crossing puzzles" which involve having to cross a river on a boat/bridge containing some set of individuals/items with restrictions on which ones can be on the boat/left on each shore, right?

and the most common subclass of these problems is the one where you have 3 items/animals to cross with.
This is alternatively called the "fox, goose, and bag of beans" or "wolf, goat, and cabbage" puzzle.

the idea is that your boat can only carry one item at a time, but if you leave the wolf/fox unattended with the goat/goose, the wolf/fox will eat the goat/goose.
and similarly, the goose/goat will eat the beans/cabbage if left alone

so you have to set up a set of actions that never leaves either side of the river in one of the lose-states.

the solution to this variant being:
1. take the goat/goose over
2. return empty
3. take the wolf/fox over
4. return with the goat/goose
5. take the cabbage/beans over
6. return empty
7. take the goat/goose over
GAMES
Advertisement
John Papa
John Papa
@John_Papa
Choosing the Right JavaScript Framework

Thanks for joining me @pluralsight to talk about javascript frameworks. We had 150+ awesome questions, so I'll try to answer the ones I couldn't get to online right here in a tweet stream

Watch the video -->
https://t.co/G7zeiKhXme


Q. Do arrow functions really make dealing with JavaScript's "this" keywords easier?

A. Yes! When using arrow functions, the scope of "this" is effectively passed in from the outer scope. See here in this REPL

1/n


Q. Where does Polymer fit in? Is it considered a framework like the others?

A. @Polymer is an excellent way to create web components, which are ideal for creating sets of interactivity that can be shared in web apps.

2/n

Q. Have we gone framework crazy?

A. At one time, quite possibly. A few years back we literally had framework overload. I feel it really has solidified into a few very strong choices.

3/n

Q. [Is] there no more need for @polymer?

A. See my previous question on this ... but in general, I think there is a lot of room for Web Components with frameworks.

4/n
ALL
Mitesh Patel
Mitesh Patel
@Mitesh_Engr
Again sharing bank nifty intraday weekly straddle. How to play by selling straddle.
Mostly will work on Monday to Wednesday. Sometimes on Friday.
Why to pay your money to learn this if u can get it here.
U need only practice.
Let’s go.

Say bank nifty future is at 32000.
Sell both 32000 call and put.
Considering current volatile market lest say premium on Monday morning is 350 on both sides.
Sold with 700 points combine premium.
If bank nifty will trade in narrow range say +\- 100 hold it.
If moving 200 points

then exit previous sold straddle. Sell new one. Let’s say BN moved +200
Now sell 32200. If bank nifty will move here within range then u will get profit through theta decay. Follow same procedure for next 150-200 pts move.

This is only for single straddle sell position.

Now in second case sell three straddle. 31900/32000/32100
In case of 100 points move no need to change.
If 200 + then future is 32200.
Exit 31900 and sell 31200 straddle.
If moving another 100 then exit 32000 and sell 32300. Continue same with 100 points move.
If no move then

it will consolidate between 32000-32200 or 32100 to 32300 and u will get theta decay.

This is for normal move. Sudden big move may come anytime. So keep SL in system.
If u r selling at 350-350 then keep SL in system 475 for both legs.
Practice it. No need to attend webinar.
BNF , MPATELOPTIONSLEARNINGS , OPTIONSLEARNING
David Rothkopf
David Rothkopf
@djrothkopf
Pretending that voting for Trump or denying climate change or suggesting the solution to every problem is more guns is a legitimate point of view, worthy of respect is not "how America works." It is how it dies.

People in a free society are entitled to any point of view no matter how obviously wrong or outlandish or destructive provided they do not impose their views on others.

But suggesting that something ignorant or divorced from reality warrants the same kind of treatment in public debate as something based in fact or at least credible is absurd and when done on behalf of a society in public media or academic settings it is self-destructive.

We would not grant media coverage or much bandwidth at all to a group that argued that unicorns exist or that there was a pot of gold at the end of the rainbow. Yet views like denying climate change or basing policy decisions on sweeping, obvious lies, are just as unsound.

Somewhere, somehow, judgments must be made. Some behaviors are wrong and must be condemned. Someone must challenge lies and demand facts. Coddling people who embrace idiocies does not help them no matter how loudly they demand to be coddled.
POLITICS