Well, I agree that the standard model feels more than a bit like a trained classificator after overfitting, i.e. it matches all reliable observations (except this new one), but it does not seem to capture a clean, simple and elegant underlying model. In laymen's terms, it is a bit like describing each field of a chess-board by its color, and neighbors, sometimes even with various pieces on it or next to it, instead of saying "8x8, alternate black and white". A reason is that a "clean, simple and elegant" model may still be very complex and may need one exceptional person investing half a lifetime into it and getting lucky in addition. So it can be anything from "to be submitted tomorrow" to "well, maybe in the next few 100 years". It could even be "already published with some flaws that can be fixed, but unrecognized as of now".
One problem and one reason why things are going slow now is that basically all the easy experiments that people have thought of so far have been done (for variable values of "easy", building something like the LHC is not that easy in absolute terms...), and barring some really new ideas for experiments, more difficult and expensive ones are needed to find contradicting evidence. The only thing that I see maybe contributing something in the near future may be the quantum-computing experiments, but only if they run into hard boundaries or limitations that are unexpected.
Indeed. And there is room for inaccuracies, as all measurements contain errors and some of these can just mean the model is not exact. However, the better the model, the better we can predict things without actually needing to do them. This is money well spent.
There is VI and Emacs and Joe (for the WordStar shortcut users like me), and a ton of others. What else is needed? This seems like complete nonsense to me.
First, there is nothing besides weak AI (i.e. the "AI" with no "I", better called "automation"). Second, it is not "exploding". There have been no fundamental breakthroughs for quite a while. There have been gradual speed-improvements, but they are, well, gradual. The only thing that has been "exploding" is the hype about AI, i.e. this is nothing but a bubble of hot air.
Of course some people will get rich from this, but there will be no fundamentally new products or services from this anytime soon.
Your understanding is correct. Chess is very much _not_ vulnerable to brute-force. It is far too complex for that and you cannot model the other side, i.e. the problem itself is not subject to a winning strategy computed by brute-force. My guess is that whoever wrote that has no clue what "brute force" means in CS.
You seem to be unaware of the state-of-the art in encryption. Today, you want > 250 bits of key entropy to be long-term secure. These are infeasible to break with digital computers in this universe (not enough matter, energy and time until heath-death) and even with quantum-computers (should they ever be useful for anything, currently they are not and they may well scale so badly that they never will be).
The one thing you can brute-force in modern crypto done right is bad passwords. But that is about it.
Indeed. The problem is not having high intelligence. Many people have that. The problem is what to apply it to and in which fashion. That is a problem _outside_ of intelligence, as intelligence cannot simply be applied to everything. The pre-selection is critically needed or intelligence gets overloaded and becomes useless. Yet most people, including highly intelligent ones, routinely fail at this task.
Well, this person was not a world-class expert at strong AI. Highly capable experts in one field can make completely ridiculous statements when they lose sight of the limits of their expertise.
However, I think he was talking about soviet-style "plan economy" (does not work), and that may indeed have been easier to implement than playing chess.
With a famous name, but no clue what he is talking about when it comes to AI. I find this really pathetic. Whatever happened to actually listening to the experts in that subject area?
That is 2 years for "same minor version". In most cases you can just move to a newer minor kernel without any problem. This is not a Windows-like set-up.
And if you had some actual understanding of the matter at hand, you would not post such nonsense. Here is a hint: A kernel is not an OS and what MS supports today does not have the same kernel that it had 15 years back.
If you disagree, please do show me a practical way how to write completely secure code.
There is no need for that and asking for it shows you are a novice at software security. In actual reality it just needs to be harder to break in than what your target adversary can do or can afford. That is often pretty easy to reach, given competent architects, designers and implementers. The real problem is that most software is written by incompetent people without the first clue about security. Hence breaking in is often excessively simple. Just look at the recent Intel vulnerability (management engine) or all those router vulnerabilities.
Indeed. Devops has basically failed (not many people that can do it and those that can have already done it before). Agile is mainly a method of making sure management does not stand in the way of developers too much, but again, it needs highly competent people to work well.
As such, claiming the failure of two hype-movements is responsible for insecure software is excessively stupid or a marketing lie. I suspect the later.
That is BS. The CMU guides are pretty reasonable, but they cover maybe 10% of the problem. And people that have what it takes to write secure code do not actually need them.
This is not a problem that will be fixed by "best practices" anytime soon.
Same here. Because in actual reality it is mostly managers that have failed to hire competent people and then give them the time to create secure code.
You and I know what best practices are, so why the fuck don't we "AI" the computing devices?
Oh, very simple: Because it is not possible today and it may never be possible. Strong AI is a dream/nightmare, but not anything that we can reasonably expect to ever exist at this time. There is actually no indication that it is even possible in this universe. And should it be possible, it may well come with self-awareness and free will and may flat-out refuse to work for you.
That is unmitigated nonsense. FOSS software is used, sometimes heavily, in industries where there is strong liability for security breaches, for example banking, medical, insurances, etc.
And from those lying though their teeth. Otherwise there would be no need for "loud voices", as convincing arguments would be available. For a ban on secure encryption, no convincing arguments exist, and such a ban would be excessively destructive to a modern economy.
My guess is this committee asked some actual experts, unlike fundamentally stupid and power-hungry people like May, Trump, etc. like to do.
And then your DHCP-setup changes unexpectedly. If you survive, I am sure they will find you a nice, permanent space in prison, as you surely are a terrorist that blew himself up by being stupid.
Do real, clean shutdowns every time. Yes, it is more effort, but you can either have security or convenience, not both. Apart from that, backups. You may want to put everything important in an SVN or GIT repository and sync whenever you are online.
Well, I agree that the standard model feels more than a bit like a trained classificator after overfitting, i.e. it matches all reliable observations (except this new one), but it does not seem to capture a clean, simple and elegant underlying model. In laymen's terms, it is a bit like describing each field of a chess-board by its color, and neighbors, sometimes even with various pieces on it or next to it, instead of saying "8x8, alternate black and white". A reason is that a "clean, simple and elegant" model may still be very complex and may need one exceptional person investing half a lifetime into it and getting lucky in addition. So it can be anything from "to be submitted tomorrow" to "well, maybe in the next few 100 years". It could even be "already published with some flaws that can be fixed, but unrecognized as of now".
One problem and one reason why things are going slow now is that basically all the easy experiments that people have thought of so far have been done (for variable values of "easy", building something like the LHC is not that easy in absolute terms...), and barring some really new ideas for experiments, more difficult and expensive ones are needed to find contradicting evidence. The only thing that I see maybe contributing something in the near future may be the quantum-computing experiments, but only if they run into hard boundaries or limitations that are unexpected.
Indeed. And there is room for inaccuracies, as all measurements contain errors and some of these can just mean the model is not exact. However, the better the model, the better we can predict things without actually needing to do them. This is money well spent.
Waahahha, too late: https://www.youtube.com/watch?...
There is VI and Emacs and Joe (for the WordStar shortcut users like me), and a ton of others. What else is needed? This seems like complete nonsense to me.
First, there is nothing besides weak AI (i.e. the "AI" with no "I", better called "automation"). Second, it is not "exploding". There have been no fundamental breakthroughs for quite a while. There have been gradual speed-improvements, but they are, well, gradual. The only thing that has been "exploding" is the hype about AI, i.e. this is nothing but a bubble of hot air.
Of course some people will get rich from this, but there will be no fundamentally new products or services from this anytime soon.
Your understanding is correct. Chess is very much _not_ vulnerable to brute-force. It is far too complex for that and you cannot model the other side, i.e. the problem itself is not subject to a winning strategy computed by brute-force. My guess is that whoever wrote that has no clue what "brute force" means in CS.
Indeed. That nicely sums it up why computers playing Chess or Go are pretty meaningless stunts.
Of course, the AI fanatics will not even understand what you are talking about.
You seem to be unaware of the state-of-the art in encryption. Today, you want > 250 bits of key entropy to be long-term secure. These are infeasible to break with digital computers in this universe (not enough matter, energy and time until heath-death) and even with quantum-computers (should they ever be useful for anything, currently they are not and they may well scale so badly that they never will be).
The one thing you can brute-force in modern crypto done right is bad passwords. But that is about it.
Indeed. The problem is not having high intelligence. Many people have that. The problem is what to apply it to and in which fashion. That is a problem _outside_ of intelligence, as intelligence cannot simply be applied to everything. The pre-selection is critically needed or intelligence gets overloaded and becomes useless. Yet most people, including highly intelligent ones, routinely fail at this task.
Well, this person was not a world-class expert at strong AI. Highly capable experts in one field can make completely ridiculous statements when they lose sight of the limits of their expertise.
However, I think he was talking about soviet-style "plan economy" (does not work), and that may indeed have been easier to implement than playing chess.
With a famous name, but no clue what he is talking about when it comes to AI. I find this really pathetic. Whatever happened to actually listening to the experts in that subject area?
That is 2 years for "same minor version". In most cases you can just move to a newer minor kernel without any problem. This is not a Windows-like set-up.
You seem to be unaware that you can use a newer Kernel with an older installation and usually that just works.
And if you had some actual understanding of the matter at hand, you would not post such nonsense. Here is a hint: A kernel is not an OS and what MS supports today does not have the same kernel that it had 15 years back.
The sheer stupidity of some people...
And that is complete nonsense, because 1) it is not doable and 2) it would not result in secure software if it were doable.
If you disagree, please do show me a practical way how to write completely secure code.
There is no need for that and asking for it shows you are a novice at software security. In actual reality it just needs to be harder to break in than what your target adversary can do or can afford. That is often pretty easy to reach, given competent architects, designers and implementers. The real problem is that most software is written by incompetent people without the first clue about security. Hence breaking in is often excessively simple. Just look at the recent Intel vulnerability (management engine) or all those router vulnerabilities.
Indeed. Devops has basically failed (not many people that can do it and those that can have already done it before). Agile is mainly a method of making sure management does not stand in the way of developers too much, but again, it needs highly competent people to work well.
As such, claiming the failure of two hype-movements is responsible for insecure software is excessively stupid or a marketing lie. I suspect the later.
That is BS. The CMU guides are pretty reasonable, but they cover maybe 10% of the problem. And people that have what it takes to write secure code do not actually need them.
This is not a problem that will be fixed by "best practices" anytime soon.
Same here. Because in actual reality it is mostly managers that have failed to hire competent people and then give them the time to create secure code.
It's a goddam computer.
You and I know what best practices are, so why the fuck don't we "AI" the computing devices?
Oh, very simple: Because it is not possible today and it may never be possible. Strong AI is a dream/nightmare, but not anything that we can reasonably expect to ever exist at this time. There is actually no indication that it is even possible in this universe. And should it be possible, it may well come with self-awareness and free will and may flat-out refuse to work for you.
That is unmitigated nonsense. FOSS software is used, sometimes heavily, in industries where there is strong liability for security breaches, for example banking, medical, insurances, etc.
And from those lying though their teeth. Otherwise there would be no need for "loud voices", as convincing arguments would be available. For a ban on secure encryption, no convincing arguments exist, and such a ban would be excessively destructive to a modern economy.
My guess is this committee asked some actual experts, unlike fundamentally stupid and power-hungry people like May, Trump, etc. like to do.
And then your DHCP-setup changes unexpectedly. If you survive, I am sure they will find you a nice, permanent space in prison, as you surely are a terrorist that blew himself up by being stupid.
Well, your lifetime spot in federal prison is already reserved. Just hope they do not make you a "terrorist".
Do real, clean shutdowns every time. Yes, it is more effort, but you can either have security or convenience, not both. Apart from that, backups. You may want to put everything important in an SVN or GIT repository and sync whenever you are online.