Yes, trying to help missing and exploited children is the height of evilness.
Seriously, I saw the headline and started to get pissed off, and continued getting angrier until I got to the line that says "Google and a few other companies have "voluntarily" agreed to use a database of image hashes from the National Center for Missing and Exploited Children (NCMEC) to help the agency find exploited children."
Then I said "Oh, well, I agree with that. Automatically identifying kiddie porn and reporting it to the relevant agency makes a lot of sense." There is room for badness and abuse there, of course, but in the absence of any evidence of badness or abuse, I'm willing to give the NCMEC the benefit of the doubt, and assume that they only provide image hashes of actual exploited children, and that they handle subsequent investigations with appropriate regard to civil liberties and due process. (Cue someone to point out some case in which an overzealous law enforcement official did not demonstrate such appropriate regard; if data shows the NCMEC's program creates many such situations, I'll change my opinion about the NCMEC.)
Yes, yes, "but what about the children!" is a dangerously overused argument, and blindly accepting any encroachment that can be justified as protecting kids is a very, very bad idea. But the reason it's such a powerful argument is that there are a lot of cases where it's a legitimately compelling argument. I think identifying child pornography sites on the web is such a case, and this article just says that there are people in the relevant division of Google who agree with me.
(Disclaimer: I work for Google. I'm also an old-time cypherpunk and an ardent supporter of civil liberties, and generally very suspicious of centralized power in any form (though I worry a bit more about entities who also have the power to jail or kill me). I also don't want to live in Somalia. Generally, any view taken to its logical extreme becomes nonsense, and thoughtful balance is always required. I actually have a high degree of confidence that most of my Google colleagues do think carefully about these things, because I know I do, and so do the people I interact with directly. So, those are my biases, consider my comments in that light. Or just assume that anyone who works for Google and comments publicly is a shill, an SJW, and an asshole for believing that all advertising isn't immoral and evil. Your choice, though if you choose the latter perhaps you need to think more about my "thoughtful balance" point.)
Chrome OS is made to run one application: Google Chrome. If you want to run an application other than Google Chrome, you need a different operating system.
That's one view. Another is that the web is the platform that matters. I'm finding that there's less and less that I can't do with web apps -- particularly when you include Chrome apps that can work just fine offline (though the amount of time that I am offline is similarly decreasing). This, of course, is the ChromeOS team's view.
Also, don't forget that Chromebooks can now also run Android apps. That's still a little rough around the edges, but getting better, fast, and Android app developers are starting to target ChromeOS.
Those business deals employed tens of thousands of people and generated billions in economic activity. None of that happens if he didn't risk that capital instead of putting it all in a "safe" index fund.
Umm, where do you think money invested in stocks goes? Into employing people and generating economic activity! (Note that the path is not direct; except in IPO investments, but that doesn't change the outcome, or even the goal). Trump senior's money would have generated more jobs and more economic activity if it had been invested where it could be directed more intelligently, generating higher returns -- those higher returns being a result of the greater economic activity produced.
I would assume the same for electric vehicles - a switch to electric resistance heating.
The Nissan Leaf definitely has only a heat pump. Earlier models used resistive heating (exclusively), but switched to a heat pump for efficiency. And in my experience it works just fine down to about -10F (the coldest I've driven in). In fact, the model with the heat pump keeps me warmer at low temperatures than the previous version did.
I just checked, though, and Tesla uses a resistive 400V, 10A resistive heater, not a heat pump.
Also, most electric cars have resistive heating circuits in the seats. It's clearly more efficient to keep the passengers warm via direct contact, rather than warming the cabin air. With the seat heaters on, you can keep the cabin air a few degrees cooler and still be comfortable.
Anyway, what I can assuredly detect in one word, Google can sufficiently detect (at scale) from the Limburger-loud signature of a hundred words.
Nice assertion. Can you back it up? You're assuming that scale can make up for lack of human intelligence. That may be possible, but it's hardly obvious.
And that's not even counting the entire social graph, wherein the same Looney Tunes are always hanging around the same goat-skin bags of 100-proof moonshine, by all the sketchiest Stargates to nowhere good, all operated by all the same sketch money changers.
User clustering, is easy, yes. There are lots of good statistical and NN-based methods for identifying clusters. The question is how do you then decide what the clusters mean? And keep in mind that this isn't a one-time problem; the wackos will evolve their techniques. They don't even have to be smart, they just have to try different stuff and then do more of what works, until it stops working.
It's a huge red flag the the vendor in this ad is directing our attention to a meaningless mathematical proof of perfection in their product.
Note that it's not an ad, they're not a vendor, and EverCrypt is not a commercial product. This work is the result of an academic research project, from a Carnegie-Mellon professor, his PhD student, and a researcher employed by Microsoft.
... that will cast doubt on every other cryptographic proof.
If you were going to wave a rag in front of the hacker "bull" then claiming some code was proven secure is just the way to do it.
Sure, and when some clever hacker shows that there are right triangles whose legs can be squared and summed to something other than the square of the hypotenuse, it will cast doubt on every other mathematical proof.
If you describe anything I've produced as shit, crap, stupid or any other derogatory words, I will take it as an insult and so will most people in the world.
Okay, but if it's legitimately crap, then that's your problem, and Linus' job is to tell you it's crap, though it's much better not to use those words, but instead say what, specifically, is wrong with it. That's both less offensive and provides you with actionable feedback. But still, you're likely to feel it as an insult.
However, I've also had the experience, many times, of seeing code that is so bad, in so many ways, that I don't even know where to start. In cases like that, a complete enumeration of the faults would consume a large amount of my time and it's very unlikely that the investment of my time would be repaid. Worse, a partial enumeration of the flaws would provoke the author to fix the specific things I mentioned and then expect that the code is now good. Or, worse, they'd waste my time and theirs arguing with my points, because they don't fully understand them. In many such cases, it would take me far less time to simply rewrite the code myself than to teach the author everything they need to do it better, even assuming they're willing to listen.
In cases where the author is a junior engineer on my team, it's worth my time to work laboriously through this process with them. Or a student in my class. Or even a promising stranger, if they're willing. In other cases... no. And if I'm not willing to do the work of completely enumerating the problems and working through the fixes with the author, and if telling them about a few problems and then stopping would be counterproductive, the best option is just to tell them, gently but firmly, that what they're trying to do is beyond their skill level. In other words, that their code is crap. What happens next is on them.
I think Linus regularly finds himself in this position, often enough that I can sympathize with his decision to just call the code stupid crap (or worse). That doesn't mean I agree with it, but I can sympathize.
YouTube could break the echo chamber effect by recommending good quality videos on the same topic. If someone is interested in vaccinations, there's no reason to just recommend conspiracy videos on the topic.
Okay.
There are 400 hours of video uploaded to YouTube every minute.
How does YouTube decide what each video is about and which ones offer high-quality, balanced information on that topic, and which ones contain conspiracy theories?
More generally, the problem with the labor theory of value is that it ignores the value of knowledge. The theory was defined in the context of a stable agrarian society with minimal industry, where the knowledge of how to produce things was fairly uniformly distributed, and innovation was so rare as to be negligible. With no differentials in knowledge to speak of, the output levels were entirely determined by the materials available and the labor applied.
As soon as you recognize that knowledge has value, though, it's trivial to see why the labor theory falls on its face. Invent a way to make widgets with half the materials and half the labor and you're producing twice as much as your competitor for the same cost. More subtly, but perhaps more importantly, discover a situation where some unavailable (or nonexistent!) good or service is needed, and arrange to remedy that need, and you may have generated 10X or 100X value. Knowing where to apply resources to maximize their utility can generate incredible returns to multiple segments of society, often with no losers.
A less-obvious result of ignoring the value of knowledge is that the labor theory is inherently zero-sum. To produce more widgets you have to shift labor away from making whatsits, so you make less of them. But the reality is that you can often create a way to make whozits which can be used to dramatically increase the efficiency of producing both widgets and whatsits, so by taking labor away to produce an entirely new thing, you actually produce more of everything. Such positive-sum outcomes are actually more common than not.
As a philosopher, Marx had some moderately-interesting ideas. As an economist, his ideas were just plain wrong.
I don't think there's an EV on the market that doesn't have battery heaters. Even the first-gen Nissan Leaf, which mostly ignored battery thermal management, included battery heaters. Insulation, not so much.
Some of the heat could come from the warm electric motor and the warm battery but likely the vehicle will have an electric resistance heater.
No, you get basically no significant heat from the motor or battery, because they don't produce much waste heat. So essentially all cabin heat comes from the battery. I think heat pumps are more common than resistive heat, though.
In places where summer temperatures are very high, such as the American southwest, air conditioning will be a necessity, also reducing travel distances from a full charge.
Not much. There is obviously some expenditure of energy for cooling, but the effect on range is really quite small. This is different from ICE vehicles, where running the AC does have a significant impact on fuel economy. I think the reason for the difference is that the ICEV's AC has to fight heat from the engine.
Basically, ICE waste heat gives you "free" cabin heating during the winter and makes your AC work extra hard during the summer. Battery electric vehicles have no significant waste heat so heating does cost you range in the winter, but cooling has only minimal impact during the summer.
I work in academia, and Google+ is continuing on, zombie-like, there as part of G Suite for Education. It’s the worst of both worlds - a small user base means Google will pay absolutely no attention to it
I think it's more likely that it will evolve towards becoming more of an enterprise-focused communications tool. The internal G+ is heavily used by a lot of Google employees, and I believe it's used quite a bit by many GSuite customers outside of education.
...or even better a third party authorized by the government.
Common rules that all social media sites need to adhere to, enforced by third-party bodies, to control the spread of harmful content
And, exactly, who will decide what "harmful content" is.
I think this is exactly the point. Right now it's increasingly looking like society -- and government -- are demanding that Facebook decide what "harmful content" is, and Facebook doesn't want that responsibility. And, honestly, do we really want Facebook to take it? I don't. I don't want government to do it either, but Zuckerberg's point is that if there's any appropriate body for making these decisions, it's governmental, not private enterprise.
I suspect that Zuckerberg doesn't want the government taking this role either, but by pointing out that private industry absolutely should not be doing it, he's attempting to redirect all of the complaints that Facebook isn't doing an adequate job onto government. If he's successful at redirecting the public debate away from what Facebook should do and to what government should do, then the heat will be off of Facebook... and I think it's also pretty likely that the conclusion will be that since it's not private industry's job and we don't want government to do it, that means we don't want anyone to do it.
I could see buying a Porsche or similar mid to high-five figures sports car and never taking it more than five over the speed limit.
That's like buying a video game and only playing through the tutorial.
Nonsense. Different people have different goals, and many people buy fast cars without intending to drive fast, but no one buys video games intending to play only the tutorial.
The article is about Google reducing the number of malware installs by 20%. That's not a big number, and that's APK level bragging. It means Google's solution doesn't work.
It's a huge number, if sustained year over year in the face of innovative malware authors. This is an arms race, and Google is staying ahead, and widening the lead.
Is this architecture susceptible? Can I look at the gears during a speculative execution branch and read protected data?
No speculative execution, but I'm sure you can read protected data right from the gears.
I'm replying mostly because this reminded me of another computer you can read data from. If anyone gets the chance, they should absolutely see the Harwell Dekatron computer on display at the UK National Museum of Computing's functional vintage computers display in (next to?) Bletchley Park. The museum is next to the "main" Bletchley Park exhibits, in a building that was probably the world's first data center.
There's lots to see there but best of all is the Harwell Dekatron machine, the world's oldest still-operational computer. It's a decimal computer, not binary, and each all of the registers and memory are made up of odd vacuum tubes with 10 cathodes in them, called "dekatrons". The tubes are mounted in the machine so the tops face outward, and you can literally read the (base 10) value in each memory location by looking at which portion of the tube is lit up. The machine is typically running in single step mode, with the running program printed on a card. They'll hand you the single-step control button and you can step through the code one instruction at a time, looking at the register values, seeing the adder function, watching values moved to and from working memory.
Most computer science and computer engineering students (well, many) have had the experience of building a tiny computer from solid state logic gates and being able to write and run small programs on it. That's cool, but being able to actually see the operation in real time is really incredible. And I really mean "see" since all of the data is represented by glowing cathodes right in front of your eyes.
If single-stepping through instructions while watching the data flow from one place to another isn't enough, you can also flip the machine into another mode that single-steps through microcode. You can watch each step of the adding process, for example.
If you're a nerd like me, do be sure to go on a day when there won't be lots of other people there. I got to spend two full hours by myself with the machine; I didn't have to share it with anyone because no one else was there. It was awesome.
As a cryptography and crypto history buff, I actually went to Bletchley Park to see Turing's Bombe, etc. And I did, and it was great. But next time I go I won't bother with that, I'll go straight to the vintage computers display.
GIF is laughably outdated - it only supports 256 discrete colors picked from a regular 24-bit color palette in a weak non-lossy compression format.
Even worse, when used for animations it provides no inter-frame compression at all. Each frame is run-length encoded separately. It's horribly inefficient as a still format, and even worse for animations.
The Google Play Protect team knows that at any given time, their PHA stats are wrong -- are too low -- because they can only count PHA installs that they know about. In fact, the known PHA install rate on any given day, say, March 29th, is zero, because Play doesn't allow installation of known PHAs, but it will rise over time as PHAs are discovered.
This is part of the reason that the stats for a given year are only released at the end of the first quarter of the next year, to give time for PHA discovery to correct the stats upward. Even so, there are likely some that were installed in 2018 that haven't been discovered yet, so today's 2018 stats are a bit too low... but this is the case every year.
However, the team and their systems get better every year, so the upward-revision-over-time actually decreases, and it's likely that in addition to being lower than previous years, the 2018 numbers are a better estimate of reality; closer to correct. It's likely that the year-over-year decrease actually underestimates the amount of improvement.
Keeping malware out of the Play Store is actually an insanely hard problem, because it inherently conflicts with keeping the Play Store open. Google could lower the numbers quite a bit more by taking Apple's walled-garden approach, with developer account fees and pre-approval inspection processes (even that is not perfect -- the Apple App Store has not been malware-free). Note that it's also not a "static" problem; it's an arms race. Malware authors continue inventing new techniques, but the Play Protect team is improving their detection techniques faster.
and doesn't require completely overhauling our understanding of how the universe works.
If I were to bet on precisely where we are getting this question wrong, this would be where I threw my money.
The problem with this view is that it's completely unproductive. Okay, so you start by throwing out everything from Newton onwards? What do you replace it with? Something different, sure, but where do you even start to figure out what the shape of that replacement is? And in the meantime how do you calculate rocket trajectories, etc.? Well, obviously you have to continue using what you threw out, so you didn't actually throw it out, did you?
No, the best bet is to continue using what we have that appears to work in all of the other cases and trying to fill in the holes. Maybe the effort to find dark matter and dark energy to explain the discrepancies won't work, but even if it doesn't, maybe the search will show us something else that begins to give us a clue about how to fix the models.
This sounds about like what I would do. you don't buy a fast car without actually planning to try to get it up to speed every now and then.
Speak for yourself. I have a Tesla Model S that has never been over 85 mph (speed limit is 80 mph), and likely never will. The smooth, rapid and instantly-responsive acceleration are a big part of the reasons I like the car, so the car's power is important to me, but the top speed is not. I could see buying a Porsche or similar mid to high-five figures sports car and never taking it more than five over the speed limit.
Slashdot Mirror
Or as I have renamed them, "Be Evil"
Yes, trying to help missing and exploited children is the height of evilness.
Seriously, I saw the headline and started to get pissed off, and continued getting angrier until I got to the line that says "Google and a few other companies have "voluntarily" agreed to use a database of image hashes from the National Center for Missing and Exploited Children (NCMEC) to help the agency find exploited children."
Then I said "Oh, well, I agree with that. Automatically identifying kiddie porn and reporting it to the relevant agency makes a lot of sense." There is room for badness and abuse there, of course, but in the absence of any evidence of badness or abuse, I'm willing to give the NCMEC the benefit of the doubt, and assume that they only provide image hashes of actual exploited children, and that they handle subsequent investigations with appropriate regard to civil liberties and due process. (Cue someone to point out some case in which an overzealous law enforcement official did not demonstrate such appropriate regard; if data shows the NCMEC's program creates many such situations, I'll change my opinion about the NCMEC.)
Yes, yes, "but what about the children!" is a dangerously overused argument, and blindly accepting any encroachment that can be justified as protecting kids is a very, very bad idea. But the reason it's such a powerful argument is that there are a lot of cases where it's a legitimately compelling argument. I think identifying child pornography sites on the web is such a case, and this article just says that there are people in the relevant division of Google who agree with me.
(Disclaimer: I work for Google. I'm also an old-time cypherpunk and an ardent supporter of civil liberties, and generally very suspicious of centralized power in any form (though I worry a bit more about entities who also have the power to jail or kill me). I also don't want to live in Somalia. Generally, any view taken to its logical extreme becomes nonsense, and thoughtful balance is always required. I actually have a high degree of confidence that most of my Google colleagues do think carefully about these things, because I know I do, and so do the people I interact with directly. So, those are my biases, consider my comments in that light. Or just assume that anyone who works for Google and comments publicly is a shill, an SJW, and an asshole for believing that all advertising isn't immoral and evil. Your choice, though if you choose the latter perhaps you need to think more about my "thoughtful balance" point.)
Chrome OS is made to run one application: Google Chrome. If you want to run an application other than Google Chrome, you need a different operating system.
That's one view. Another is that the web is the platform that matters. I'm finding that there's less and less that I can't do with web apps -- particularly when you include Chrome apps that can work just fine offline (though the amount of time that I am offline is similarly decreasing). This, of course, is the ChromeOS team's view.
Also, don't forget that Chromebooks can now also run Android apps. That's still a little rough around the edges, but getting better, fast, and Android app developers are starting to target ChromeOS.
Those business deals employed tens of thousands of people and generated billions in economic activity. None of that happens if he didn't risk that capital instead of putting it all in a "safe" index fund.
Umm, where do you think money invested in stocks goes? Into employing people and generating economic activity! (Note that the path is not direct; except in IPO investments, but that doesn't change the outcome, or even the goal). Trump senior's money would have generated more jobs and more economic activity if it had been invested where it could be directed more intelligently, generating higher returns -- those higher returns being a result of the greater economic activity produced.
I would assume the same for electric vehicles - a switch to electric resistance heating.
The Nissan Leaf definitely has only a heat pump. Earlier models used resistive heating (exclusively), but switched to a heat pump for efficiency. And in my experience it works just fine down to about -10F (the coldest I've driven in). In fact, the model with the heat pump keeps me warmer at low temperatures than the previous version did.
I just checked, though, and Tesla uses a resistive 400V, 10A resistive heater, not a heat pump.
Also, most electric cars have resistive heating circuits in the seats. It's clearly more efficient to keep the passengers warm via direct contact, rather than warming the cabin air. With the seat heaters on, you can keep the cabin air a few degrees cooler and still be comfortable.
Anyway, what I can assuredly detect in one word, Google can sufficiently detect (at scale) from the Limburger-loud signature of a hundred words.
Nice assertion. Can you back it up? You're assuming that scale can make up for lack of human intelligence. That may be possible, but it's hardly obvious.
And that's not even counting the entire social graph, wherein the same Looney Tunes are always hanging around the same goat-skin bags of 100-proof moonshine, by all the sketchiest Stargates to nowhere good, all operated by all the same sketch money changers.
User clustering, is easy, yes. There are lots of good statistical and NN-based methods for identifying clusters. The question is how do you then decide what the clusters mean? And keep in mind that this isn't a one-time problem; the wackos will evolve their techniques. They don't even have to be smart, they just have to try different stuff and then do more of what works, until it stops working.
It's a huge red flag the the vendor in this ad is directing our attention to a meaningless mathematical proof of perfection in their product.
Note that it's not an ad, they're not a vendor, and EverCrypt is not a commercial product. This work is the result of an academic research project, from a Carnegie-Mellon professor, his PhD student, and a researcher employed by Microsoft.
If you were going to wave a rag in front of the hacker "bull" then claiming some code was proven secure is just the way to do it.
Sure, and when some clever hacker shows that there are right triangles whose legs can be squared and summed to something other than the square of the hypotenuse, it will cast doubt on every other mathematical proof.
If you describe anything I've produced as shit, crap, stupid or any other derogatory words, I will take it as an insult and so will most people in the world.
Okay, but if it's legitimately crap, then that's your problem, and Linus' job is to tell you it's crap, though it's much better not to use those words, but instead say what, specifically, is wrong with it. That's both less offensive and provides you with actionable feedback. But still, you're likely to feel it as an insult.
However, I've also had the experience, many times, of seeing code that is so bad, in so many ways, that I don't even know where to start. In cases like that, a complete enumeration of the faults would consume a large amount of my time and it's very unlikely that the investment of my time would be repaid. Worse, a partial enumeration of the flaws would provoke the author to fix the specific things I mentioned and then expect that the code is now good. Or, worse, they'd waste my time and theirs arguing with my points, because they don't fully understand them. In many such cases, it would take me far less time to simply rewrite the code myself than to teach the author everything they need to do it better, even assuming they're willing to listen.
In cases where the author is a junior engineer on my team, it's worth my time to work laboriously through this process with them. Or a student in my class. Or even a promising stranger, if they're willing. In other cases... no. And if I'm not willing to do the work of completely enumerating the problems and working through the fixes with the author, and if telling them about a few problems and then stopping would be counterproductive, the best option is just to tell them, gently but firmly, that what they're trying to do is beyond their skill level. In other words, that their code is crap. What happens next is on them.
I think Linus regularly finds himself in this position, often enough that I can sympathize with his decision to just call the code stupid crap (or worse). That doesn't mean I agree with it, but I can sympathize.
YouTube could break the echo chamber effect by recommending good quality videos on the same topic. If someone is interested in vaccinations, there's no reason to just recommend conspiracy videos on the topic.
Okay.
There are 400 hours of video uploaded to YouTube every minute.
How does YouTube decide what each video is about and which ones offer high-quality, balanced information on that topic, and which ones contain conspiracy theories?
More generally, the problem with the labor theory of value is that it ignores the value of knowledge. The theory was defined in the context of a stable agrarian society with minimal industry, where the knowledge of how to produce things was fairly uniformly distributed, and innovation was so rare as to be negligible. With no differentials in knowledge to speak of, the output levels were entirely determined by the materials available and the labor applied.
As soon as you recognize that knowledge has value, though, it's trivial to see why the labor theory falls on its face. Invent a way to make widgets with half the materials and half the labor and you're producing twice as much as your competitor for the same cost. More subtly, but perhaps more importantly, discover a situation where some unavailable (or nonexistent!) good or service is needed, and arrange to remedy that need, and you may have generated 10X or 100X value. Knowing where to apply resources to maximize their utility can generate incredible returns to multiple segments of society, often with no losers.
A less-obvious result of ignoring the value of knowledge is that the labor theory is inherently zero-sum. To produce more widgets you have to shift labor away from making whatsits, so you make less of them. But the reality is that you can often create a way to make whozits which can be used to dramatically increase the efficiency of producing both widgets and whatsits, so by taking labor away to produce an entirely new thing, you actually produce more of everything. Such positive-sum outcomes are actually more common than not.
As a philosopher, Marx had some moderately-interesting ideas. As an economist, his ideas were just plain wrong.
Eventually? Some EVs have that now.
I don't think there's an EV on the market that doesn't have battery heaters. Even the first-gen Nissan Leaf, which mostly ignored battery thermal management, included battery heaters. Insulation, not so much.
Some of the heat could come from the warm electric motor and the warm battery but likely the vehicle will have an electric resistance heater.
No, you get basically no significant heat from the motor or battery, because they don't produce much waste heat. So essentially all cabin heat comes from the battery. I think heat pumps are more common than resistive heat, though.
In places where summer temperatures are very high, such as the American southwest, air conditioning will be a necessity, also reducing travel distances from a full charge.
Not much. There is obviously some expenditure of energy for cooling, but the effect on range is really quite small. This is different from ICE vehicles, where running the AC does have a significant impact on fuel economy. I think the reason for the difference is that the ICEV's AC has to fight heat from the engine.
Basically, ICE waste heat gives you "free" cabin heating during the winter and makes your AC work extra hard during the summer. Battery electric vehicles have no significant waste heat so heating does cost you range in the winter, but cooling has only minimal impact during the summer.
I work in academia, and Google+ is continuing on, zombie-like, there as part of G Suite for Education. It’s the worst of both worlds - a small user base means Google will pay absolutely no attention to it
I think it's more likely that it will evolve towards becoming more of an enterprise-focused communications tool. The internal G+ is heavily used by a lot of Google employees, and I believe it's used quite a bit by many GSuite customers outside of education.
...or even better a third party authorized by the government.
And, exactly, who will decide what "harmful content" is.
I think this is exactly the point. Right now it's increasingly looking like society -- and government -- are demanding that Facebook decide what "harmful content" is, and Facebook doesn't want that responsibility. And, honestly, do we really want Facebook to take it? I don't. I don't want government to do it either, but Zuckerberg's point is that if there's any appropriate body for making these decisions, it's governmental, not private enterprise.
I suspect that Zuckerberg doesn't want the government taking this role either, but by pointing out that private industry absolutely should not be doing it, he's attempting to redirect all of the complaints that Facebook isn't doing an adequate job onto government. If he's successful at redirecting the public debate away from what Facebook should do and to what government should do, then the heat will be off of Facebook... and I think it's also pretty likely that the conclusion will be that since it's not private industry's job and we don't want government to do it, that means we don't want anyone to do it.
Interesting! I missed that part of the spec. Thanks.
You can't generally work around a patent by implementing the patented functionality in software rather than hardware, or vice versa.
Bullshit.
Patents are "gotten around" every single day by someone finding an alternative method to achieve the same goal.
That is perfectly legal
Using the same method but doing it in software rather than hardware (or vice versa), is not "finding an alternative method".
I could see buying a Porsche or similar mid to high-five figures sports car and never taking it more than five over the speed limit.
That's like buying a video game and only playing through the tutorial.
Nonsense. Different people have different goals, and many people buy fast cars without intending to drive fast, but no one buys video games intending to play only the tutorial.
The article is about Google reducing the number of malware installs by 20%. That's not a big number, and that's APK level bragging. It means Google's solution doesn't work.
It's a huge number, if sustained year over year in the face of innovative malware authors. This is an arms race, and Google is staying ahead, and widening the lead.
Is this architecture susceptible? Can I look at the gears during a speculative execution branch and read protected data?
No speculative execution, but I'm sure you can read protected data right from the gears.
I'm replying mostly because this reminded me of another computer you can read data from. If anyone gets the chance, they should absolutely see the Harwell Dekatron computer on display at the UK National Museum of Computing's functional vintage computers display in (next to?) Bletchley Park. The museum is next to the "main" Bletchley Park exhibits, in a building that was probably the world's first data center.
There's lots to see there but best of all is the Harwell Dekatron machine, the world's oldest still-operational computer. It's a decimal computer, not binary, and each all of the registers and memory are made up of odd vacuum tubes with 10 cathodes in them, called "dekatrons". The tubes are mounted in the machine so the tops face outward, and you can literally read the (base 10) value in each memory location by looking at which portion of the tube is lit up. The machine is typically running in single step mode, with the running program printed on a card. They'll hand you the single-step control button and you can step through the code one instruction at a time, looking at the register values, seeing the adder function, watching values moved to and from working memory.
Most computer science and computer engineering students (well, many) have had the experience of building a tiny computer from solid state logic gates and being able to write and run small programs on it. That's cool, but being able to actually see the operation in real time is really incredible. And I really mean "see" since all of the data is represented by glowing cathodes right in front of your eyes.
If single-stepping through instructions while watching the data flow from one place to another isn't enough, you can also flip the machine into another mode that single-steps through microcode. You can watch each step of the adding process, for example.
If you're a nerd like me, do be sure to go on a day when there won't be lots of other people there. I got to spend two full hours by myself with the machine; I didn't have to share it with anyone because no one else was there. It was awesome.
As a cryptography and crypto history buff, I actually went to Bletchley Park to see Turing's Bombe, etc. And I did, and it was great. But next time I go I won't bother with that, I'll go straight to the vintage computers display.
Stopping the widespread use of "GIF" to mean "video" should be the topic here, not the proper way to pronounce GIF.
Mod parent up. If there's any point to discussing the usage of the GIF acronym at all, this is it.
GIF is laughably outdated - it only supports 256 discrete colors picked from a regular 24-bit color palette in a weak non-lossy compression format.
Even worse, when used for animations it provides no inter-frame compression at all. Each frame is run-length encoded separately. It's horribly inefficient as a still format, and even worse for animations.
If Google's solution still leaves 80% of the malware out there, it's not really successful in any practical way
You should re-read the summary. The PHA install rate was 0.08%, not 80%. The "20% reduction" is because the last year's PHA install rate was 0.1%.
Except for... well, y'know those mentioned 5 posts back https://tech.slashdot.org/stor...
The Google Play Protect team knows that at any given time, their PHA stats are wrong -- are too low -- because they can only count PHA installs that they know about. In fact, the known PHA install rate on any given day, say, March 29th, is zero, because Play doesn't allow installation of known PHAs, but it will rise over time as PHAs are discovered.
This is part of the reason that the stats for a given year are only released at the end of the first quarter of the next year, to give time for PHA discovery to correct the stats upward. Even so, there are likely some that were installed in 2018 that haven't been discovered yet, so today's 2018 stats are a bit too low... but this is the case every year.
However, the team and their systems get better every year, so the upward-revision-over-time actually decreases, and it's likely that in addition to being lower than previous years, the 2018 numbers are a better estimate of reality; closer to correct. It's likely that the year-over-year decrease actually underestimates the amount of improvement.
Keeping malware out of the Play Store is actually an insanely hard problem, because it inherently conflicts with keeping the Play Store open. Google could lower the numbers quite a bit more by taking Apple's walled-garden approach, with developer account fees and pre-approval inspection processes (even that is not perfect -- the Apple App Store has not been malware-free). Note that it's also not a "static" problem; it's an arms race. Malware authors continue inventing new techniques, but the Play Protect team is improving their detection techniques faster.
and doesn't require completely overhauling our understanding of how the universe works.
If I were to bet on precisely where we are getting this question wrong, this would be where I threw my money.
The problem with this view is that it's completely unproductive. Okay, so you start by throwing out everything from Newton onwards? What do you replace it with? Something different, sure, but where do you even start to figure out what the shape of that replacement is? And in the meantime how do you calculate rocket trajectories, etc.? Well, obviously you have to continue using what you threw out, so you didn't actually throw it out, did you?
No, the best bet is to continue using what we have that appears to work in all of the other cases and trying to fill in the holes. Maybe the effort to find dark matter and dark energy to explain the discrepancies won't work, but even if it doesn't, maybe the search will show us something else that begins to give us a clue about how to fix the models.
This sounds about like what I would do. you don't buy a fast car without actually planning to try to get it up to speed every now and then.
Speak for yourself. I have a Tesla Model S that has never been over 85 mph (speed limit is 80 mph), and likely never will. The smooth, rapid and instantly-responsive acceleration are a big part of the reasons I like the car, so the car's power is important to me, but the top speed is not. I could see buying a Porsche or similar mid to high-five figures sports car and never taking it more than five over the speed limit.