It may be expensive to update an existing code base
That's rather the point, though, isn't it. Deleting your order history etc is not a feature that many of the off-the-shelf web stores have. Hopefully they will eventually, so at least new small businesses won't find it onerous to comply.
As for keeping that information reasonably secure - if you can't be bothered to spend the time and effort to do that (as most current sites can't), you have no business collecting it in the first place.
You know, I'm fine with some small mom-and-pop web store not being experts at this sort of thing. Small target for hackers anyhow. They won't be doing their own CC processing anyhow, so no worries there.
I think "Friday" by Robert Heinlein would be a more likely outcome with the United States breaking up into smaller countries.
Nah, not likely. If all goes as planned, California will succeed. The next week it will be conquered by the might of the US military. The following week draconian reparations and tribute will be imposed, such that Cali residents pay enough taxes that the rest of the US pays none. Still one country, though.
Yep. Now we can only hope that more markets follow in their footsteps and make it impossible for such sites to stay in business at all. It's not like compliance is hard - just stop recording information about your visitors. Unless of course your business model depends on spying on your visitors, in which case good riddance.
Or, you know, keeping a customer's order history, so that you can provide customer service and process returns. Would you prefer that only Amazon-sized companies have the resources to be able to sell things online?
Generalization fail. The rich get richer because of regulatory capture - the more you regulate, the more the largest companies benefit, and the harder it is for the little guy to make good. Business regulation causes social immobility - might still be worth in in some cases, but don't pretend the cost isn't real.
If you're a mom-and-pop soap shop, you don't employ any technical people - there's Bob's cousin who's "good with computers" who made your web site a couple years back. You don't ship outside the US, but people from the EU might still visit your web site.
This is indeed onerous regulation for a business at this scale. Geoblocking fixes it for you.
Now if you're a mom-and-pop soap in the EU, you use a vendor who takes care of this shit for you, and you just hope you won't go to jail because you once threw out a mailing label without shredding it first. Sure the regulation is still onerous, but you won't notice any more than a fish notices water.
The point is: do they all have the same frequency, without precision manufacturing? If so, "same" to how many significant digits?
I've always been amused by the fact that cesium clocks are exact (by definition), yet the underlying mechanism is random. I guess the variance is far below what anyone would ever care about.
The US has "Professional Engineer" as a separate thing. It's kind of a joke to qualify for, but the point of it is you lose it if you sign of on something stupid, so it does serve a useful function. BTW, "electrician" and "electrical engineer" are unrelated fields in the US. Electricians memorize the hundreds of pages of the national electric code, while EEs design circuit boards. Any idiot with a degree can be an EE, but a master electrician is a professional. Sounds like the rest of the world has it backwards.
Looks like the kind of problem that can only be settled by a statistical survey of dictionaries! Your definition seems to be about half of them, so half the population are wrong-headed freaks such as yourself. Amusingly, this one explicitly includes higher education.
Well, I don't know how generally true that is, but certainly in Math there is a class of old, unsolved problems that professors don't want to be seen as working on, as they are assumed to be a waste of time and thus it's somewhat embarrassing to be working on them. Obviously, that concern doesn't apply to anyone who doesn't have "math professor" as their day job.
Electric furnaces are a thing, but are silly from an efficiency perspective. Something like half of consumed industrial power is "primary thermal", meaning fuel burned directly for heat, no electricity involved.
Consumer and commercial power may one day be provided entirely by solar with batteries, but not industrial power (well, not Earthbound industry, orbital one day). Maybe one day fusion will stop being 20 years away.
There are quite a few SC bots written in-house by professional players (well, mostly former professionals, who reach their elderly late-20s and aren't fast enough any more). It would be very interesting to see how a machine learning-based bot competes against bots coded with specific human-like strategies. Both would have unlimited APM, so no advantage there, but how would the machine learning bot play? I'd imagine micro would be similar, as there's apparently one best way to do that, but macro? That's closer to poker than speed chess.
We haven't found out yet what others will apply this to, but I think it's too early to conclude it'll be "nothing".
Turn-based positional board games are all of a kind, as far as machine learning is concerned.
OTOH, that StarCraft bot mentioned in TFS is a different kind of problem solving. It would be quite interesting to see how a machine learning-based bot stands up against the in-house bots written by professional players.
C'mon, you said "there's no way around this", and I just pointed out "yes, there is a way around this", where it would be safe to log whatever. And if you were using JS to hash client-side, you could just do it the right way instead.
If you really want to solve this kind of problem with client-side JS, you can indeed solve it that way, and make it safe to log everything sent. I think that's solving the wrong problem, but you could.
Protip: when you don't understand the words being used in the post you're responding to, you might develop the habit of looking them up, rather than continuing to demonstrate your ignorance.
FFS, at least understand what a replay attack is, and what a non-replay-able protocol is, before wittering on about them.
Yes, yes, which is why a method of authentication that is not replay-able is preferred, all things being equal. You're missing the point of "zero-information" protocols: log whatever you want, or send it in the clear, it gives an outsider zero information that's of any future use.
Let's say your password is X, and you hash it locally to Y. You still have to send Y to the server to be validated. There's no way around this.
You don't ever need to send the password, X or Y, if you can depend on running some JS on the client: just use a zero-knowledge proof of identity. However, it's pointless overkill, as man-in-the-browser attacks are more common than MITM attacks these days. Complicated login approaches don't really help against the common attack, so there's little point in getting clever - just make sure you're using HTTPS and POST not GET.
No, you've missed my point entirely. What AlphaGo, or any other sort of machine learning, does not posses is "general intelligence". General intelligence is the ability to solve problems of a kind not encountered before.
Machine learning takes data which has been translated to an input vector, applies a bunch of linear algebra (or similar transforms), and gets an output vector. It's trivial to translate a chessboard or go board to an input vector, and the output vector to a move. What's missing is the rest of the chain: how to set up that translation, even in such trivial cases. How to generalize from a problem you've solved, to a somewhat-similar new problem.
For example, AlphaGo can't use a camera and robotic arm to play Go. As these are solved problems, it could be so enhanced. But training the additional AI components to do that wouldn't give it the ability to play any other game the same way,.
Do you see the point? It can't generalize. A board game with specific pieces in specific places for which you pick a move is very similar in input and output to any other such game, it's only the transform that varies. That's the only sort of thing it can do. It can't read the rules of a game to learn to play. It can't benefit from books on strategy. It can't do anything but optimize its current-board-to-next move function, and it can't even recognize that a new game is similar to a game it knows, so maybe start from there - it can only optimize in one specific way.
Yes, but 'i' is self-descriptive when used as an index. Bro, do you even math? Of course, it's become quite rare to iterate through a container that way, so it's a bit of a moot point.
Slashdot Mirror
Not of the body! Not of the body!
Evil tab users must be purged! M-x Untabify!
It may be expensive to update an existing code base
That's rather the point, though, isn't it. Deleting your order history etc is not a feature that many of the off-the-shelf web stores have. Hopefully they will eventually, so at least new small businesses won't find it onerous to comply.
As for keeping that information reasonably secure - if you can't be bothered to spend the time and effort to do that (as most current sites can't), you have no business collecting it in the first place.
You know, I'm fine with some small mom-and-pop web store not being experts at this sort of thing. Small target for hackers anyhow. They won't be doing their own CC processing anyhow, so no worries there.
I think "Friday" by Robert Heinlein would be a more likely outcome with the United States breaking up into smaller countries.
Nah, not likely. If all goes as planned, California will succeed. The next week it will be conquered by the might of the US military. The following week draconian reparations and tribute will be imposed, such that Cali residents pay enough taxes that the rest of the US pays none. Still one country, though.
Yep. Now we can only hope that more markets follow in their footsteps and make it impossible for such sites to stay in business at all. It's not like compliance is hard - just stop recording information about your visitors. Unless of course your business model depends on spying on your visitors, in which case good riddance.
Or, you know, keeping a customer's order history, so that you can provide customer service and process returns. Would you prefer that only Amazon-sized companies have the resources to be able to sell things online?
Generalization fail. The rich get richer because of regulatory capture - the more you regulate, the more the largest companies benefit, and the harder it is for the little guy to make good. Business regulation causes social immobility - might still be worth in in some cases, but don't pretend the cost isn't real.
If you're a mom-and-pop soap shop, you don't employ any technical people - there's Bob's cousin who's "good with computers" who made your web site a couple years back. You don't ship outside the US, but people from the EU might still visit your web site.
This is indeed onerous regulation for a business at this scale. Geoblocking fixes it for you.
Now if you're a mom-and-pop soap in the EU, you use a vendor who takes care of this shit for you, and you just hope you won't go to jail because you once threw out a mailing label without shredding it first. Sure the regulation is still onerous, but you won't notice any more than a fish notices water.
Yes, freedom can cost money.
Freedom is more important.
The point is: do they all have the same frequency, without precision manufacturing? If so, "same" to how many significant digits?
I've always been amused by the fact that cesium clocks are exact (by definition), yet the underlying mechanism is random. I guess the variance is far below what anyone would ever care about.
The US has "Professional Engineer" as a separate thing. It's kind of a joke to qualify for, but the point of it is you lose it if you sign of on something stupid, so it does serve a useful function. BTW, "electrician" and "electrical engineer" are unrelated fields in the US. Electricians memorize the hundreds of pages of the national electric code, while EEs design circuit boards. Any idiot with a degree can be an EE, but a master electrician is a professional. Sounds like the rest of the world has it backwards.
Looks like the kind of problem that can only be settled by a statistical survey of dictionaries! Your definition seems to be about half of them, so half the population are wrong-headed freaks such as yourself. Amusingly, this one explicitly includes higher education.
Only in the same way that math is a subfield of biology, since it's done by humans.
He's not paid to publish math papers, is the point.
No matter how much sense a definition makes in your own head, that's not how language works.
"Professional" means "you get paid to do this", and nothing else. He's not an math prof, so he's an amateur.
Well, I don't know how generally true that is, but certainly in Math there is a class of old, unsolved problems that professors don't want to be seen as working on, as they are assumed to be a waste of time and thus it's somewhat embarrassing to be working on them. Obviously, that concern doesn't apply to anyone who doesn't have "math professor" as their day job.
Ha! This is why I wear a concrete helmet (and codpiece) to go with my concrete shirt!
Electric furnaces are a thing, but are silly from an efficiency perspective. Something like half of consumed industrial power is "primary thermal", meaning fuel burned directly for heat, no electricity involved.
Consumer and commercial power may one day be provided entirely by solar with batteries, but not industrial power (well, not Earthbound industry, orbital one day). Maybe one day fusion will stop being 20 years away.
There are quite a few SC bots written in-house by professional players (well, mostly former professionals, who reach their elderly late-20s and aren't fast enough any more). It would be very interesting to see how a machine learning-based bot competes against bots coded with specific human-like strategies. Both would have unlimited APM, so no advantage there, but how would the machine learning bot play? I'd imagine micro would be similar, as there's apparently one best way to do that, but macro? That's closer to poker than speed chess.
We haven't found out yet what others will apply this to, but I think it's too early to conclude it'll be "nothing".
Turn-based positional board games are all of a kind, as far as machine learning is concerned.
OTOH, that StarCraft bot mentioned in TFS is a different kind of problem solving. It would be quite interesting to see how a machine learning-based bot stands up against the in-house bots written by professional players.
C'mon, you said "there's no way around this", and I just pointed out "yes, there is a way around this", where it would be safe to log whatever. And if you were using JS to hash client-side, you could just do it the right way instead.
If you really want to solve this kind of problem with client-side JS, you can indeed solve it that way, and make it safe to log everything sent. I think that's solving the wrong problem, but you could.
Protip: when you don't understand the words being used in the post you're responding to, you might develop the habit of looking them up, rather than continuing to demonstrate your ignorance.
FFS, at least understand what a replay attack is, and what a non-replay-able protocol is, before wittering on about them.
Yes, yes, which is why a method of authentication that is not replay-able is preferred, all things being equal. You're missing the point of "zero-information" protocols: log whatever you want, or send it in the clear, it gives an outsider zero information that's of any future use.
Let's say your password is X, and you hash it locally to Y. You still have to send Y to the server to be validated. There's no way around this.
You don't ever need to send the password, X or Y, if you can depend on running some JS on the client: just use a zero-knowledge proof of identity. However, it's pointless overkill, as man-in-the-browser attacks are more common than MITM attacks these days. Complicated login approaches don't really help against the common attack, so there's little point in getting clever - just make sure you're using HTTPS and POST not GET.
Well, give them credit: they're actually doing something vaguely useful with "AI". Don't see that every day.
No, you've missed my point entirely. What AlphaGo, or any other sort of machine learning, does not posses is "general intelligence". General intelligence is the ability to solve problems of a kind not encountered before.
Machine learning takes data which has been translated to an input vector, applies a bunch of linear algebra (or similar transforms), and gets an output vector. It's trivial to translate a chessboard or go board to an input vector, and the output vector to a move. What's missing is the rest of the chain: how to set up that translation, even in such trivial cases. How to generalize from a problem you've solved, to a somewhat-similar new problem.
For example, AlphaGo can't use a camera and robotic arm to play Go. As these are solved problems, it could be so enhanced. But training the additional AI components to do that wouldn't give it the ability to play any other game the same way,.
Do you see the point? It can't generalize. A board game with specific pieces in specific places for which you pick a move is very similar in input and output to any other such game, it's only the transform that varies. That's the only sort of thing it can do. It can't read the rules of a game to learn to play. It can't benefit from books on strategy. It can't do anything but optimize its current-board-to-next move function, and it can't even recognize that a new game is similar to a game it knows, so maybe start from there - it can only optimize in one specific way.
Yes, but 'i' is self-descriptive when used as an index. Bro, do you even math? Of course, it's become quite rare to iterate through a container that way, so it's a bit of a moot point.