BC TECH
Saved by @ThomassRichards

Last up in Privacy Tech for #enigma2021, @xchatty speaking about "IMPLEMENTING DIFFERENTIAL PRIVACY FOR THE 2020

 Differential privacy was invented in 2006. Seems like a long time but it's not a long time since a fundamental scientific invention. It took longer than that between the invention of public key cryptography and even the first version of SSL.
But even in 2020, we still can't meet user expectations.
* Data users expect consistent data releases
* Some people call synthetic data "fake data" like
"fake news"
* It's not clear what "quality assurance" and "data exploration" means in a DP framework
We just did the 2020 US census
* required to collect it by the constitution
* but required to maintain privacy by law
But that's hard! What if there were 10 people on the block and all the same sex and age? If you posted something like that, then you would know what everyone's sex and age was on the block.
Previously used a method called "swapping" with secret parameters
* differential privacy is open and we can talk about privacy loss/accuracy tradeoff
* swapping assumed limitations of the attackers (e.g. limited computational power)
Needed to design the algorithms to get the accuracy we need it and tune the privacy loss based on that.

Change in the meaning of "privacy" as relative -- it requires a lot of explanation and overcoming organizational barriers.
By 2017 thought they had a good understanding of how differential privacy would fit -- just use the new algorithm where the old one was used, to create the "micodata detail file".
Surprises:
* different groups at the Census thought that meant different things
* before, states were processed as they came in. Differential privacy requires everything be computed on at once
* required a lot more computing power
* differential privacy system has to be developed with real data; can't use simulated data to do this because the algorithms in the literature weren't designed for dats anything like as complex as the real data (multiracial people, different kinds of households, etc)
* to understand the privacy/accuracy trade-off requires a lot of runs, representing a *lot* of computer time
Census bureau was 100% behind the move
* initial implementation was by Dan Kiefer, who took a sabbatical
* expanded team to with Simson and others
* 2018 end to end test
* original development was on an on-prem Linux cluster
* then got to move to AWS Elastic compute... but the monitoring wasn't good enough and had to create their own dashboard to track execution
* it wasn't a small amount of compute
* republished the 2010 census data using the differentially private algorithm and then had a conference to talk about it
* ... it wasn't well-received by the data users who thought there was too much error
For example: if we add a random value to a child's age, we might get a negative value, which probably won't happen to a child's age.

If you avoid that, you might add bias to the data. How to avoid that? Let some data users get access to the measurement files [I don't follow]
In summary, this is retrofitting the longest-running statistical program in the country with differential privacy. Data users have had some concerns, but believe it will all come out.
Code is up on github and papers are up online. (@xchatty have some links?)

[end of talk]

More from Lea Kissner

Lea Kissner
Lea Kissner
@LeaKissner
Next up at #enigma2021, Sanghyun Hong will be speaking about "A SOUND MIND IN A VULNERABLE BODY: PRACTICAL HARDWARE ATTACKS ON DEEP LEARNING"

(Hint: speaker is on the

In recent years ML models have worked from research labs to production, which makes ML security important. Adversarial ML research studies how to mess with ML

For example by messing with the training data (c.f. Tay which became super-racist super-fast) or by foiling ML models by changing inputs in ways humans can't see.


Prior work considers ML models in a standalone, mathematical way
* looks at the robustness in an isolated manner
* doesn't look at the whole ecosystem and how the model is used -- ML models are running in real hardware with real software which has real vulns!


This talk focuses on hardware-level vulnerabilities. This is particularly interesting because these can break cryptographic guarantees (because those are outside of their threat models)
e.g. fault injection attacks, side-channel attacks
SCIENCE
Lea Kissner
Lea Kissner
@LeaKissner
We're kicking off the Privacy Tech session at #enigma2021 with Mitch Negus speaking about "NO DATA, NO PROBLEM—GIVING NUCLEAR INSPECTORS BETTER TOOLS WITHOUT REVEALING STATE

A nuclear catastrophe hasn't occurred... yet. So we need to stay vigilant. Nuclear inspectors go in according to treaties to check what's going on and check compliance with treaty rules.

But as sophisticated analytics become more common, states will only want to share the minimum amount of information necessary under the treaty.

But perhaps we can use MPC -- secure multi-party computation

Yao's garbled circuits were first demonstrated on the millionaire's problem -- figuring out who's richer without revealing actual amounts.

Used for other things like cryptocurrency these days.

Can we use this for nuclear inspection?

MPC can be used to compute anything computed by a computer [but it's expensive!]
TECH
Advertisement
Lea Kissner
Lea Kissner
@LeaKissner
Last talk about Securing Democracy at #enigma2021: @jackhcable speaking about "THE FULL STACK PROBLEM OF ELECTION

Let's imagine that elections use all the security measures security people have been advocating: risk-limiting audits, paper ballots, etc. Would people trust the elections more?

Jack would argue no. Most people don't understand this stuff and most of the claims people are making can't be disproven. And are massively bogus already.

Georgia did a full recount on paper ballots and it very much didn't stop people from doubting the election!

Are election security results in vain? The point of election security is to convince the loser they lost.

No! Have to focus on the whole stack, from election infrastructure to campaigns to people and mis/dis-informaton


One takeaway from the talk: the parts of the stack must work in tandem. Can't fight misinformation in a vacuum, but must build on other election security measures.
POLITICS
Lea Kissner
Lea Kissner
@LeaKissner
Next up in Privacy Technology at #enigma2021, Kelly Huang from @ethyca speaking about "GONE, BUT NOT "FORGOTTEN"—TECHNICAL & PRACTICAL CHALLENGES IN OPERATIONALIZING MODERN PRIVACY

Just imagine there's a global pandemic forcing everyone to stay home and buy their stuff over the internet. And you've been working on your sanitization-on-demand startup. You've got more users than you can count! ... literally, because your data's all over.

Now you're a multi-national international country with privacy issues because your information is all over the place.

Now a user writes to request you delete their data. Where is it? How do you do that? Who's responsible for privacy in your business.

How do you operationalize privacy rights?

Primary stakeholders:
* Legal
* Business
* Engineering

We spend a lot of time on Twitter analyzing the legal rulings, but it's harder where the "rubber meets the code" 🥁
TECH
Lea Kissner
Lea Kissner
@LeaKissner
In more Securing Democracy at #enigma2021, @ChrFolini talking about "THE ADVENTUROUS TALE OF ONLINE VOTING IN

Switzerland is a direct democracy where citizens get to vote at least 4x/year, with a lot of mail-in voting. We have a long history of online voting.

Disclaimer: THIS IS NOT SWEDEN.

[I get the picture that @ChrFolini has had to explain the difference several times.]


Process around mail-in ballots.

[tl;dr it's very complicated and wasn't threat-modeled until recently]


But the in-person ballots are complicated, too!


Most security folks don't think that we can't make a secure online voting system.

@ChrFolini says this is because of encryption
[Note: this is not the main reason that a lot of people cite -- we're more worried about things like malware but it's complicated]
WORLD

More from Tech

Alex Stamos
Alex Stamos
@alexstamos
The entire discussion around Facebook’s disclosures of what happened in 2016 is very frustrating. No exec stopped any investigations, but there were a lot of heated discussions about what to publish and when.


In the spring and summer of 2016, as reported by the Times, activity we traced to GRU was reported to the FBI. This was the standard model of interaction companies used for nation-state attacks against likely US targeted.

In the Spring of 2017, after a deep dive into the Fake News phenomena, the security team wanted to publish an update that covered what we had learned. At this point, we didn’t have any advertising content or the big IRA cluster, but we did know about the GRU model.

This report when through dozens of edits as different equities were represented. I did not have any meetings with Sheryl on the paper, but I can’t speak to whether she was in the loop with my higher-ups.

In the end, the difficult question of attribution was settled by us pointing to the DNI report instead of saying Russia or GRU directly. In my pre-briefs with members of Congress, I made it clear that we believed this action was GRU.
TECH
Kelly Ellis
Kelly Ellis
@justkelly_ok
So, I want to talk about how sexual harassment and fair pay are linked at Google (and beyond), because I think that's an angle that isn't being highlighted enough in the coverage of these walk-outs. I'm going to frame it largely around my personal experience there. Thread.

When I was sexually harassed by the director of the area I was working in, I was afraid to report it because I was worried that "getting him in trouble" would result in the subtle retaliation of missed leadership opportunities.

I wanted to continue working on the team I was on, because I'd gained a lot of very deep knowledge and expertise in that area, as well as reputation and camaraderie with the other folks working in that area. I didn't want to make the situation more "difficult."

To get promoted at Google, several need to happen: 1. you need opportunities for ownership and leadership above your current level (basically, opportunities to show you're working at the next level you're trying to get promoted to). The work you're "assigned" has a big impact.

2. You need glowing reviews from peers, *at or particularly above the level you're hoping to get promoted to.* Basically, you need people a lot more senior than you to say you're doing awesome work.
TECH , SOCIETY
Advertisement
Biz Stone
Biz Stone
@biz
Originally, tweet length was 160 minus username length. One day, I turned to Jack and pointed out that I got one more character than him. He said, "That's not fair. We should standardize." I agreed. He said, "How about 140?" I said, "Sure." And he updated the code.

Last year, we upgraded tweet length to 280 and guess what? Use of 'please' is up 54% and 'thank you' is up 22%. I love that! Also, people are asking more questions and having more conversations. All this, and the majority of tweets are still under 140. It worked.
TECH
Mateusz Czeladka | Plan \u20b3
Mateusz Czeladka | Pla...
@matiwinnetou
(1) Since some people laugh at Cardano project and it's peer review aspect, let me share a story from work for all of you
(2) There is company called Databricks and they open sourced recently a technology called: https://t.co/gpZyKKiMVD . This technology is super important

(3) In BigData delta allows one to perform DELETE and MERGE operations contrary to Hadoop + Hive where this is not possible, seeking through many partitions finding customer data to remove and then rewriting it is not only expensive as an operation but also very dangerous

(4) This promising technology is something that many companies, which have big data turn into as they need to be GDPR compliant.
(5) I was always reading and accepting all details from their website as given and the "truth"

(6) There is however an amazing Principal Developer at our company that found some of the claims from their website as dubious, e.g. ACID claims on such a distributed file system
(7) It turns out this is not the first time this company advertises something that is simply not true

(8) on another occasion this company made untrue claims about Cassandra database and this then became source of disputes e.g by dr. @martinkl - my fave expert in distributed systems
(9) All professional developers also know of course famous Jepsen tests ->
TECH
Jen \u26a1
Jen ⚡
@leoniedelt
Been reading up a lot about these jabs, esp as I know they are going to be a condition of a return to normality

Was on a zoom call last evening with a testing company that had some fascinating evidence on protection etc.

I have more reading to do.

I do not want to be coerced into something I don't want, BUT i want normal back as soon as possible.

Basically i'm at the point in my isolation and thinking that I'll take whatever just so this bullshit can end.

That is a desperate mindset, but so is 12 months of being cut off from the world.

All i have is what goes round and round in my head.

There's no one else to help balance it.

So i'm in group 6, and my surgery are doing group 6 right now. And i am at the point i want to do it to get it DONE.

And also to study what happens. Because i have that kind of mind.

I remember Pandemrix.

But we live with risk every day.

I risk my life climbing walls with only a harness around my waist to catch me as i lean back and fall off

And rational risk assessment is at the heart of everything going wrong these last 12 months
TECH

You May Also Like

Anu Satheesh \U0001f1ee\U0001f1f3
Anu Satheesh 🇮🇳...
@AnuSatheesh5
Yoga Ramar Temple
#Nedungunam
#TamilNaduTemples 🚩

Yoga Ramar Temple is located near Thiruvannamalai. Shri Rama is seated with eyes closed, without any weapons. Mata Sita  pointing to the feet of Rama telling that  everyone is safe at his feet. Lakshmana standing near Shri Rama


Hanuman is seen chanting Vedas obediently sitting before Shri Rama.

Sthala Puranam says that, Sukabrahma Maharishi had been doing Tapasya here, for the darshan of Sri Rama. Prabhu Shri Ram, pleased with his tapasya, came here after Rama Ravana yudham. Since Rama was returning


after the war, he did not have any weapons with him.

Another gopuram called Kili Gopuram is there for Sukabrahma Maharishi. There is a hill nearby called Dheergachala. According to Sthala puranam, Sri Padham of Prabhu Rama are found on the top of the hill


It is said that this is the place where Shri Rama gave darshan to Suka Maharishi. Nedumgunam means which shows all qualities of Shri Rama who is Maryadha purushottam. Shri Ramanavami is very famous here.

Jai Sri Ram
🙏🕉🙏
ALL
Adam McKay
Adam McKay
@GhostPanther
1) My Stan Lee story happened when I was in 5th grade. I was visiting NYC with my Dad and had read the address for Marvel in the comics I read constantly. I begged my Dad to take me and to his credit he did. And guess what? It was just an office.

2) We were down in the lobby and I was kind of crushed. I don’t know what I expected, The Thing and the Yancy Street Gang to be sitting around smoking cigars? Anyway, my Dad was taking a beat to figure where we were going next and a guy came up to us.

3) He was wearing a white shirt and tie and said to Dad “Is he disappointed because. The Marvel offices were just offices?” My Dad said yes and then the guy who had gray around his temples and a mustache said “hold on a second” and opened one of those office mailboxes with a key.

4) He then handed me a thick stack of EVERY SINGLE MARVEL COMIC COMING OUT THE NEXT MONTH. “Here you go. Keep reading Marvel comics” he said and then walked off. I left in a daze and about 15 minutes later it hit me “Gray around the temples, mustache... That was Stan Lee!”

5) Later when I wrote on the Ant Man movie I told Kevin Feige the story, the year, look of the guy etc and Kevin said “That’s exactly the kind of thing Stan would do and he would have been there then. That was him.” Rest In Peace Stan Lee and thank you for the comics.
CULTURE
Advertisement
Bharadwaj
Bharadwaj
@BharadwajSpeaks
Today is Jayanti of Ahilyabai Holkar

She was a widow who became Malwa's greatest queen. Defended our country & personally led armies into battle.Never plundered anyone. Developed Malwa into a prosperous kingdom. Rebuilt temples destroyed by Mughals. Built Dharmashalas at Tirthas


Unfortunately, her memory has been blemished by inaccurate representations in modern popular media.

The serial "Punyashlok Ahilyabai" depicts her as ultra secularist feminazi icon who questions Hindu rituals & Pandits while patronising Sufis.

This is far from historical truth!


Ahilyabai was born on May 31 1725 to Patil Mankoji Shinde.

She was from Dhangar clan(classified as OBC today). While Dhangars were traditionally into herding, they took up arms & held several military /civil roles in various eras of history(especially during Maratha resurgence)


In 1737, when she was 12, Ahilyabai Holkar was married to Khanderao , son of Subedar Malhar Rao Holkar.

By the time she was married, fortunes of Holkar family had already waxed.

Malhar Rao was a Subedar of territory comprising 30 Parganas yielding a revenue of at least 7 Lakh


In 1741, when Ahilyabai was newly married, her father -in-law Malhar Rao Built Indore palace & ordered the kanungo to populate the settlement with a promise of protection to traders.

This began rise of Indore from its background as modest trading town Indrapuri to a great city
ALL
Egypedia
Egypedia
@Egypediax
Ancient Egypt was the most advanced civilization in the ancient world. Why was Egypt so special?

There are so many firsts in Egypt that we all know about, and that makes Egypt unique. For example, the Sumerians did not build the pyramids of Egypt.


Save as history
HISTORY
Suhas S. Hardutt
Suhas S. Hardutt
@HarduttSuhas
THE BATTLE OF PRATAPGARH (10 Nov, 1659)

Chhatrapati Shivaji Maharaj's impeccable military genius and matchless courage humbled the Adil Shahi Sultanate.

The beginning of what was to come later for the M0ghuls from one of the most indefatigable defenders of Dharma!

(Thread)


Shivaji’s growing influence in Maval region, made him a threat to the Adil Shahi ruler of Bijapur who sought to restrain him. The man who was given the responsibility of this mission, was their commander, Afzal Khan. Afzal was a formidable warrior known for his ruthlessness.(1)

His strategy was to bring Shivaji out into the plains, where he held an advantage, compared to the rocky Deccan terrain. Afzal attacked the holy town of Pandharpur, and later demolished the temple of Bhavani at Tuljapur to instigate Shivaji in a bid to bring him out.(2)

Shivaji was angry but remained patient. Knowing that he could not defeat Bijapuri Sultanate in an open battle, Shivaji moved to Pratapgarh fort, located on rocky heights, surrounded by thick forests of Jawali.(3)

This set the pattern for future Maratha attacks, using guerrilla warfare against larger invading armies rendering them ineffective in unfavorable terrain.(4)
HISTORY