1. 3

    Matt Blaze’s response (https://twitter.com/mattblaze/status/839910176916385794):

    “Interesting stat: they found ~6% of stockpiled vulnerabilities were independently rediscovered within a year. Q is what that tells us.”

    “Note that 6% seems small, but it’s basically a lower bound - no way to know about vuls found and kept secret by others.”

    “My sense is that this space is highly non-uniform, so over-interpreting the 6%/yr number is probably unwise. Need to find more factors.”

    “Not-very-bold prediction: the RAND study will be widely cited to make categorical statements that support opposite conclusions.”

    1. 3

      The FBI file makes depressing reading for critics of Gamergate. It is heavily redacted, so we don’t know why prosecutors did not pursue any of the cases.

      Yes, it is indeed depressing knowing that you can’t get the people you don’t like and who say things to you don’t appreciate to get sucked into the whirling maw of the American penal system. We should certainly fix that bug!

      Twitter, Google, and Microsoft all cooperated in the investigation, and subpoena warrants were served by a grand jury. This was taken seriously by the FBI, even if nothing ultimately came of it.

      Good to hear that the private sector surveillance apparatus is doing their part on the war on meanies.


      Can we…not…rehash Gamergate shit here? Like, that’s the very definition of nontechnical content that everybody has strong opinions about and which nobody will convince anybody else of anything about. Both sides are still claiming victory (because if you repeat a lie often enough on the internet, you become the winner), both sides engage in shitty harassment, both sides have questionable ideologies, etc.

      It’s a tire fire. Stop adding tires, and don’t start one here.

      EDIT: And flagged troll, by some coward. You do realize that every time you abuse the troll flag it loses its effectiveness right? Users who might otherwise be like “hm, maybe that post was over the line, lemme reconsider” eventually just go “meh well looks like somebody disagreed with me whatever”. If you overuse words, they lose meaning. Have you learned nothing in the last year?

      1. 24

        Dude. Don’t play that “both sides are just the same” equivocation bullshit here. The “oh the prison-industrial complex is so awful, anyone who tries to use it to stop people making endless death threats is clearly the bad guy” look isn’t a good one either. (I note in passing that the “appeal to consequences” is in the big list of argumentative fallacies on Wikipedia.)

        What happened to these particular women was wrong. Full stop. You can make all the arguments you like about other individuals (and I have seen testimony I personally believe that some pro-GG individuals were on the receiving end of some pretty nasty harassment) but none of that will change that basic fact. Either own it, or accept that you’ll get labelled as a troll & a bigot, because if you minimise what happened to these people then that’s what you are.

        1. 3

          I at no time have said that what happened to the victims on either side was anything but wrong.

          I’ve pointed out at some modest length that both sides have done things I find reprehensible (as well as some things I think are admirable), and that neither side should be taking up space on a forum for discussing the practice of technology.

          I’m sorry I’m not blindly advocating in support of your preferred…whatever it is you believe. Go punch some Nazis and feel better, I guess? ¯\_(ツ)_/¯

          1. 9

            Umm. The tags on this post are “culture” and “law”.

            Very clearly this article is at the intersection of “culture” and “law” with “technology”.

            Hit “Filters” at the top of the page, tick “culture” and “law” click and save….. and none of your space will be occupied, and your sock will remain un-angered by the passing debates on the subject.

            Admittedly that forum mechanism is a little crude in that I believe it would filter (“culture” || “law”), and not (“culture” && “law”).

            But anyway, “law” is one of those things that tends to tick along unnoticed until it makes you angry.

            1. -3

              The “literally full of ants” line in your bio now makes total sense.

              (And now I’m wondering whether that little ad hominem at the end there was a classic example of projection in action.)

          2. 15

            both sides have questionable ideologies, etc

            Are you saying social justice and feminism are a “questionable ideology”? Or referring to something else here?

            (I agree that the US prison-industrial complex is horrific and any justice obtained through it is tainted by that)

            1. 5

              The people who claim those movements as their own are definitely responsible for immense amounts of narrow-mindedness, bullying, prejudice, and indeed inability to see people who disagree with them on the smallest point as human. It’s the common disease of any -ism, and they’re no less prone to it than any other.

              1. 7

                Are you saying social justice and feminism are a “questionable ideology”?

                At the risk of being motte-and-bailey’d, I’m going to say that, yes, what many people in 2017 self-refer to as “social justice” and “feminism” are extremely questionable, and in fact are actually antithetical to their purported goals of fairness and equality.

                To preempt any comments to the effect of “Those are just the extremists; most feminist/social justice activists actually only believe <reasonable thing>”; you are incorrect. I am a student at a liberal university in a liberal town, so I interact with these people every day. I get to see them “in the bailey”, so to speak.

                1. [Comment removed by author]

                  1. 3

                    Do not make extreme claims without writing politely and sourcing yourself…you hurt your cause.

                    EDIT: fixed incorrect character terminating sentence.

                    1. 1

                      I was going to give long list of sources… Then I remembered it will only be downvoted so no one can see it. And it’s not going to go through anyones indoctrination anyway. So I am not gaoing to waste more than 10 minutes on this. Learn to research things yourself. And if you want more MAINSTREAM FEMINIST GOLD just go read jezebel or watch lacy green.

                      If you are going to read anything - read this:

                      “listen and believe when it’s good for us”


                      Also briana vu forgot to logout while trolling herself on steam. Yes, I will say it - all of gamergate “threats” are third party trolls or them thretening themselves for victim points and free ticket to UN panel.

                      Feminism and male DV shelters:


                      Erin Pizzey - read up on her attempt to open dv shelter for men.


                      Whole “it’s ok to show man being beaten by woman on tv” trope. Feminists are wery fine with it and even defencive when someone challenges it. Just speak with feminist. examples - https://www.youtube.com/playlist?list=PL9AB8387A4AB3EEC5

                      fgm is bad but mgm is ok

                      Go to nerest feminist and ask them why they are not against mgm since fgm is nearly extinct. Get called mra/sexist/etc.

                      Or just ask feminists about it on some feminist redit.

                      “misrepresenting studies like wage gap” Economics 101 http://www.washingtonexaminer.com/harvard-prof.-takes-down-gender-wage-gap-myth/article/2580405

                      “prefential treatment in only good things”

                      If you need sources for this then you are indoctinated completely. No hope.


                      women get lower sentences for same crimes : http://www.huffingtonpost.com/2012/09/11/men-women-prison-sentence-length-gender-gap_n_1874742.html and feminists still want all female prisons to be closed: https://www.theguardian.com/commentisfree/2016/jun/01/why-we-should-close-womens-prisons-and-treat-their-crimes-more-fairly equality.

                      1. 1

                        The DailyMail is not a trustworthy source. On anything.

                        The rest of your Gish Gallop requires a deeper responses, which is the point of the GG of course - to spam your opponents with factoids that each require a deeper conversation to unpick and then claim victory when they are unable to refute every single one of your points.

                        I would like to make one general point though: why is it the responsibility in your view that feminists have to campaign on those issues that affect men? Why can’t the men’s rights activists campaign on these issues that matter to them? After all, that’s exactly what feminists have done for decades: campaigned about those issues that they believed negatively affected women’s lives. Instead, every time I hear about the things that are wrong from a men’s rights activists it all seems to include some part about how women have done all these terrible things and should be righting all these wrongs for them. It’s childish & lazy: If you want to fix something, you have to actually do something about it: engage politically, make the argument, convince the wider society that change is necessary. All that hard, difficult, activist stuff.

                      2. -2

                        These are not extreme claims. These are things acepted by mainstream feminists. Some of them don’t even need to be sourced (ever heard feminist screaming for gender quota on oil rigs?). For the hell of it I will drop bunch of sources once I am not on mobile (just to see even more downwotes from sjws).

                        And that post was not inpolite. Unless knowing that sjws will downwote is offensive to non psychic people.

                  2. 7

                    Threading the needle very finely here, so please don’t jump to conclusions: are you saying that supportings of honesty in games journalism (hah) and protection of established culture (hah hah) are “questionable ideologies”?

                    Of course not! However, one will invariably then point to the acts of harassment and vile speech used to silence others. And then somebody on the other side can point out the counterdoxxing, social media hate mobbing, organized blacklists (GGautoblocker, etc.) and cultural erasure being done too.

                    Unfortunately we can’t judge both sides by their best actors, and both sides' ideologies clearly support actors doing shitty things when it suits their cause despite having some reasonable or even positive ideas in other areas. We don’t get to cherrypick, and that’s why I call both questionable.

                    (And to answer your original query, since both tents of social justice and feminism are quite large, including calls to do things like eradicate the male sex, yes, I find them questionable. I similarly find most forms of chauvinism, capitalism, communism, socialism, and most other -isms suspect. Such is the lot of the skeptic.)

                    1. 10

                      We don’t get to cherrypick


                      including calls to do things like eradicate the male sex

                      You don’t consider picking a piece of satire authored in 1967 cherry-picking?

                      “The Manifesto is widely regarded as satirical, but based on legitimate philosophical and social concerns” - https://en.wikipedia.org/wiki/SCUM_Manifesto

                      1. 8

                        You’re selectively quoting that source, because of course it’s helpful to distance the movement from the crazies. We can snipe sources and quotes back and forth, but dismissing that document as merely “satire” is revisionist history: at the very least, given the fact that the author shot Andy Warhol because she felt he had too much control over her, it’s unlikely. Satirists typically don’t shoot people.

                        You don’t consider picking a piece of satire authored in 1967 cherry-picking?

                        I’d be happy to link to a lot of the good stuff done by feminists and socjus folks, but people somehow never have trouble remembering that.

                        More generally, it’s marvelously convenient to say “oh no, that was all just satire/a lone actor/a fringe element” and then act offended when the other side does the same thing when questioned about their extremists.

                        That’s what I mean by not cherrypicking–you don’t get to pick the subset of the ideological practitioners that support things in an agreeable way. We condemn the folks who raised money to stop bullying and have valid concerns about losing a safe space because some of them also made bomb threats.

                        Why shouldn’t we have the same concern about the side that, while it supports good work on diversity and inclusiveness and social justice stuff also engages in the same shitty terrible behavior they complain about?

                        I’m not for either side. I support neither organized bullying, nor lying, nor mob justice. I don’t have to be a fascist buzzcut evil MRA goon to see that there is a lot of making fun of awkward nerds by belittling their choice of cultural touchstones. I don’t have to be a trans rainbow-haired SJW ally to see that there is a lot of truly vile harassment and just awful, awful stuff being written by people that should probably just shut up and go back to enjoying their vidya.

                  3. 4

                    Yes, it is indeed depressing knowing that you can’t get the people you don’t like and who say things to you don’t appreciate to get sucked into the whirling maw of the American penal system. We should certainly fix that bug!

                    If you don’t like that it’s a crime to make death threats write to your congressmen. Until then it’s reasonable and yes correct to expect that a good and sane law like this be upheld. It might be a surprise to you but people get murdered every year, many of them after threats!

                    1. [Comment removed by author]

                      1. 2

                        If you don’t want politics then filter the culture tag.

                        extreme intolerance of opposing opinions

                        The debate about racism, sexism, etc–where everyone could come into a discussion with an open mind and without strong opinions–was a long time ago. This is war. Nobody on either side cares about tolerating the other side and honestly why should they. Casualities of war include getting downvoted (here), getting doxxed, getting fired (Eich), getting physically assaulted (Richard Spencer), or even getting shot (anti-Milo protester at UW). If you don’t care enough to suffer the consequences, then just don’t engage.

                        1. 4

                          Surely there is more to culture than politics? Surely a politics tag would have no place here?

                          1. [Comment removed by author]

                            1. 5

                              Beware that when we add a tag for something, we’re saying “hey, we want more of this content here”.

                              Given the flamebait nature of politics, it may be worth it to not normalize such behavior.

                              Alternately, maybe it’s worth a containment tag with heavy penalties. Remember, most users probably don’t filter.

                          2. 3

                            Nobody on either side cares about tolerating the other side and honestly why should they.

                            Clearly some do, unfortunately–especially people who are on neither of the major sides of whatever.

                            then just don’t engage.

                            If a bunch of jerks show up in my favorite bar and start yelling at each other about politics, I’m going to want them thrown out. I feel the same way about our community here–there is no reason to assume that we have to tolerate this kind of nonsense.

                            We don’t have to sit and be collateral damage in the culture war. We can try to be Switzerland.


                            One more point–the culture tag need not talk about politics. Things as simple as “how do we treat our fellow developers during project post-mortems”, “how should we promote our workplace mores”, “let’s reflect on what culture we seem to exude”, and so forth can all be talked about productively without falling into the sturm und drang of the times.

                            1. 4

                              To paraphrase a quote mis-attributed to Trotsky: “You may not be interested in politics, but politics is interested in you.”

                              Politics is people negotiating how to define the rules by which a society governs itself without resorting to violence. You can no more escape it than you can escape people. Moaning about that fact doesn’t actually achieve anything. (Trotsky was quite happy to resort to violence which didn’t turn out well for anyone, including him in the end…)

                              1. 2

                                Your post seems to be exclusively about lobste.rs, while the part of my post you quoted was about the tech industry as a whole. Whether or not this specific community disallows political posts doesn’t change that this is a war, and that people not invested in the conflict should steer clear. For the record, I personally like the tech-related political content here.

                                We don’t have to sit and be collateral damage in the culture war. We can try to be Switzerland.

                                This side isn’t very popular here, or on any other forum. Whenever something with even the slightest hint of political content hits the front page, you make a post that gets downvoted, and a post rebuking you that gets highly upvoted. I’m not going to make an exhaustive list, but there’s an example in this thread, and here’s another recent example.

                                Feel free to ignore my advice. Continue to waste your time making posts whining about the hostility of the industry, while the rest of the world leaves you behind. People, in general, care about politics.

                                1. 3

                                  People, in general, care about politics.

                                  People, in general, care about sex–and yet we’ve somehow mostly restrained ourselves from posting pornography on the front page. :|

                              2. [Comment removed by author]

                                1. 0

                                  I’m just saying how it is. You and everyone else disengaged from politics posting this “why can’t we all get along” shit don’t seem to understand that politics is war. People aren’t going to stop caring intensely about social issues so you might as well adapt.

                                  I do care enough to suffer the consequences; that doesn’t mean the consequences should be my livelihood and passion!

                                  So, in other words, you don’t care enough to suffer the consequences.

                                  I think we absolutely can come together in discussion with an open mind, if we persist.

                                  This isn’t going to happen because you don’t share the same goals. I can’t speak for the right, but people on the left do not want a “workforce with diverse perspectives” where “diverse perspectives” includes, say, racism. The left wants to utterly crush racism. If you care enough to fight the left on this then you will have to join the war.

                                  1. 1

                                    There is a war, but the sides aren’t what you think they are. The good news is that you’re winning it, handily. The bad news is that the losing side consists of those people who are capable of conceptualizing people who disagree with them as actual human beings who don’t inherently deserve suffering despite their flaws.

                            2. 4

                              Can we…not…rehash Gamergate shit here?

                              Uh… on this comment thread you were the first person to bring it up…

                              1. 4

                                Did you read the title of the story?

                                1. 3

                                  The submission was GG stuff. My post was an appeal to avoid what will doubtless end as another tiresome dragon.

                                  1. 2

                                    Your post caused this, which is likely why you were marked troll.

                                    1. 1

                                      I’d amassed several troll downvotes before a single reply happened, as a matter of fact.

                              1. 1

                                Needs “practices” tag?

                                1. 2

                                  Like Alan Turing and Dana Scott, Smullyan’s Ph.D advisor was Alonzo Church.

                                  1. 4

                                    Some useful comments on HN: https://news.ycombinator.com/item?id=13519421

                                    1. 2

                                      If you know some probability theory, I highly recommend “A Personal Viewpoint on Probabilistic Programming” as an intro to programming that makes probabilistic reasoning accessible and elegant.

                                      1. 9

                                        Ask Lobste.rs: Any videos you particularly liked? If so, why?

                                        1. 6

                                          I really liked “End-to-end encryption: Behind the scenes” – it was quite a well-coordinated performance. :-)

                                          1. 3

                                            “Rusty Runtimes: Building Languages In Rust” by Aditya Siram.

                                            Aditya implements a klambda-to-Rust compiler in Rust! Very cool. Also exciting because klambda is what powers the Shen lisp language.

                                            1. 2

                                              Here’s one list of recommendations.

                                              1. [Comment removed by author]

                                                1. 3

                                                  I talk about metrics and monitoring a bit after the extended pumpkin metaphor, in case you bailed before I got to that.

                                              1. 3

                                                The Art and Science of Cause and Effect by Judea Pearl. For practical purposes, it’s to jumpstart Papers We Love Philly again. For self-edification, I’m trying to understand the philosophical foundations for a theory of causal inference from the perspective of a computer scientist/statistician.

                                                1. 1

                                                  Cool article but “ml” in lobste.rs means this ml: https://en.wikipedia.org/wiki/ML_(programming_language)

                                                  Could also use the “hardware” tag since raspberry pis are used.

                                                  1. 10

                                                    I don’t normally post in these threads, so I’ll cover a few months instead.

                                                    work: I spent 7 months at a PrettyBigCo that develops financial tools and it made me depressed. Sitting in a room with hundreds of people all day every day was making me physically ill constantly too which didn’t help things. I wasn’t able to attend the therapy sessions the NHS offered me (because they clashed with work lol) so I quit.

                                                    I’m moving to Helsinki mid September to join Umbra 3D. They have more meaningful work and don’t have an open plan office so that should work out better. I am a little worried I didn’t take enough time off, and that the stress of 1) moving to another country 2) with like two hours of daylight will leave me feeling like crap again.

                                                    !work: now I’m not encumbered by employment I can start fixing the issues in my open source projects that other people have noticed.

                                                    I also spent some time getting my game engine to compile on Windows. I’ve been trying to keep all the obviously platform specific code separate from my game code, but of course there was all kinds of less obvious crap, like the lack of err.h, windows.h taking my keywords (NEAR, FAR, ERROR which I was using as a replacement for err), and ming giving me stupid errors (e.g. undefined reference to '__gxx_personality_seh0' - which was fixed by disabling exceptions or thread-safe statics or something…). I would like to get some kind of networking in next, because I think that will make it feel much more like an actual playable game.

                                                    Finally, I’m in SF for the next three weeks. I’d love to get recommendations on what to do here!

                                                    1. 3

                                                      Hey, congrats on getting more meaningful work. I wish you the best.

                                                      1. 2

                                                        Graphics and 3D is fun! I’m glad you found something enjoyable to work on.

                                                        PM me if you can talk more about it, or if they’re looking for remote contract work. :)

                                                        1. 2

                                                          Alcatraz is totally worth the hassle. Walk through GG Park to the ocean; it’s spectacular. Eat a burrito from Farolito at 24th & Mission. Check out the Marin headlands; the views from there are otherworldly. Head up to Twin Peaks – great way to see how small the city actually is. If you need to be down in the valley for any reason, be sure to drive 280, particularly in the morning.

                                                          1. 1

                                                            If you like tech meetups (on meetup.com), SF is fill of them. Probably has a bunch just on 3d and graphics!

                                                            1. 1

                                                              Some of my favorite things in SF from my visit this year, aside from the wonderful views, were going to Giants baseball games, City Lights bookstore, and the beer bars (Toronado and Mikkeller).

                                                            1. 2

                                                              Just completed a first working hack of training a Neural Network ATARI Pong agent with Policy Gradients from raw pixels with Tensorflow. Now, I’m trying to learn more Reinforcement Learning Theory, deciding between learning a little Elixir or Idris, and stressing out about how to keep Papers We Love Philly alive before the semester starts (any suggestions appreciated!).

                                                              1. 6

                                                                Uncool, I had work to do today, people.

                                                                1. 2

                                                                  You knew the risks when you joined lobste.rs.

                                                                  1. 1

                                                                    Got it. Sorry for the mistake. I will propose adding an AI , Artificial Intelligence, or Machine learning to the community as such tags are not currently available.

                                                                    1. 2


                                                                    1. 12

                                                                      Trying to organize the first Papers we Love - Philadelphia 2016 meeting among other things.

                                                                      1. 2

                                                                        I was excited and expected this to be for 2016, not 2015!

                                                                        1. 2

                                                                          updated title

                                                                        1. 3

                                                                          A response to the “scary” comment by one of the hackers in the hack details comment section:

                                                                          “The reality for the vast majority of people is that there are substantially easier ways to get data off their computers. If your computer has an internet connection of any time, there are thousands more attacks which are easier to implement, faster, longer range and more reliable than this. This is only really useful when it comes to air-gapped computers, with no network connectivity at all. The idea came from this paper, so it has been possible & published for a while now: http://usenix.org/system/files/conference/usenixsecurity15/sec15-paper-guri-update.pdf

                                                                          1. 3

                                                                            Since you can reconstruct screen images from flicker patterns on the wall behind, determine keystrokes from the distinctive sound they make, infer encryption keys from accurate power measurements, measure internal state by the sounds emitted by a circuit, send and receive data using ultrasound—RF from internal circuitry seems like a fairly benign side channel.

                                                                          1. 1

                                                                            This reminds me of the book Head First Java. They sometimes also anthropomorphized Java objects and tried to make the reader feel guilty about “abandoning” the object to the “heartless” gc.

                                                                            1. 9

                                                                              I strongly disagree with any department that is selling a “Computer Science education” acting like a vocational school and offering employment classes. I’m probably just out of touch, but that isn’t what it is about.

                                                                              1. 6

                                                                                I don’t think CS should turn into vocational education, but an elective seminar on “typical CS interviews” doesn’t bother me much, and still seems pretty far from turning the degree program into a coding-camp style thing. Elective seminars on a range of topics are already pretty common, e.g. I took one where we just prepared for and then competed in the ACM programming competition. You could even throw in some interdisciplinary critique if you wanted: teach students how to prepare for typical tech interview questions, but at the same time, use that as a springboard to critically discuss CS hiring processes.

                                                                                1. 5

                                                                                  I mean, it’s nice to believe that everyone paying hundreds of thousands of dollars for an education is doing so for the goal of self-betterment, with no thought of it ever being financially break-even. I think perhaps there are academics who do believe this. I’m not sure what else to say. :)

                                                                                  1. 3

                                                                                    The nice thing about making decisions based on principle is that one does not have to concern themselves with what people are doing now. :)

                                                                                    But, seriously, I don’t think that because the educational system in the US is already a vocational system means the best thing to do is go deeper.

                                                                                    The biggest bullshit part is that the US is already a post-scarcity country, it just refuses to go with it. There is no need for highly educated people to go to school just to learn how to get a job except for that they have decided to do that.

                                                                                    1. 2

                                                                                      Those are fair points. I’m certainly in favor of dismantling the social structures that lead to people spending a great deal of money on higher education when it isn’t in line with their actual desires.

                                                                                  2. 2

                                                                                    Tell that to Stanford and MIT:

                                                                                    “”“ Addendum on 2015-10-20: readers from the Internets have pointed out that several schools do indeed offer such elective courses (e.g., Stanford and MIT). ”“”

                                                                                  1. 6

                                                                                    Some notable takeaways: “There are ideas in SICP that people are acting as if they just discovered today. (That said, the early expressions of these ideas are not always the best, and so the past should be a source of inspiration, but we should be careful not to get stuck there.)”

                                                                                    “If you didn’t have fun, we were doing it wrong.”