I used to have an eBay account, and at some point, despite not having used it for a year or so, I got an email saying I was permanently banned from eBay.
No appeal, no reasons given, no possible way to create another account.
Just. Banned.
The companies need to be big enough to provide the amazing services they do, but once they are large enough they will never care about individuals.
My internal model of large companies is that they are intelligent, psychopathic aliens. The people in them are like cells in our body, important for the function, but with no agency, and they are not who you are dealing with.
You're dealing with the company, and it's an inhuman, psychopathic alien.
PayPal permanently blocked my account and all of its connected cards and bank accounts after I sent them my passport for some verification (I don't remember why). It was because a lifetime ago I had opened my PayPal account as a minor.
"... our 11-yo shared a Google Slides deck titled "The New Chat Room" that is approximately 500 slides long, where each slide is students in his class posting pop culture pictures &/or memes & using the Slides comments to chat with each other about them..."
My understanding is that there is a difference between the concept of a Zero-Knowledge Proof (ZKP), and then the applications that such a thing is possible.
In the example given, I can prove that N is composite without revealing anything (well, almost anything) about the factors. But in practice we want to use a ZKP to show that I have specific knowledge without revealing the knowledge itself.
For example:
You can give me a graph, and I can claim that I can three-colour it. You may doubt this, but there is a process by which I can ... to any desired level of confidence ... demonstrate that I have a colouring, without revealing what the colouring is. I colour the vertices RGB, map those colours randomly to ABC, and cover all the vertices. You choose any edge, and I reveal the "colours" (from ABC) of the endpoints. If I really can colour the graph then I will always be able to reveal two different colours. If I can't colour the graph then as we do this more and more, eventually I will fail.
So you are right, but the message of the post is, I think, still useful and relevant.
Suppose the graph admits only 4+ colorings, but when attempting a 3-coloring it's possible for only one edge to be misaligned. Then (A) you need O(n_edges) calls to the oracle to gain any confidence about the 3-colorability of a 3-colorable graph (else you might be easily duped by the one misaligned edge), and (B) in so doing, you learn almost all of the structure of the graph (since you have way more random calls than there are edges).
Restating, not only is the ZK algorithm slow, but by the time you have confidence in the ZK proof you also have additional knowledge about the structure whose properties you're proving.
In the version I'm discussing, both parties already know the graph, so your point (B) seems irrelevant. The interrogator needs to know the graph in order to specify an edge (and to know that they've done so), so I'm not sure of the precise version you are thinking of.
Put point (A) is relevant ... certainly each call only provides a small amount of additional confidence, so a lot of calls might be required. Even so, the system seems sound to me, and I'd appreciate any details of ways in which it is not.
The key insight is that Colin can show you a red-green-blue coloring of the graph, and flip the whole graph secretly, so it's blue-red-green instead when you look at an individual section, but really the graph is yellow-pink-orange colored. Even after showing you all the intersections of the graph individually in the red green blue coloring to satisfy that he can 3-color it, you still have no idea what is yellow pink or orange on his copy of the graph.
Ah, I see. This is not an example of a ZKP, because you are relying on a third party who has full knowledge of the coloring, which is wherever you have drawn your coloring.
No, that is not the case. The process does not rely on a third party.
Person A provides person B with the graph.
Person B claims to have coloured it.
Person A demands that they prove it.
Person B hides the colouring
Repeatedly:
* Person A points at an edge
* Person B reveals that the endpoints are differently coloured
* Person B re-hides the colouring and permutes the colours
If person B does not have a colouring, with probability 1 this process will fail and person A will know that person B does not have a colouring.
But if person B does have a colouring then each step will succeed, and by repeating the process person A can achieve any desired degree of confidence that person B must, indeed, have a colouring.
This process can be made digital rather than physical, and no third party need be involved. As a sketch of one step:
* Person B colours the graph
* For each vertex, person B generates a long random string, pre-pends the colour, applies a cryptographically strong hash function to that, and sends the result to A. This "Fixes and hides" the colouring
* Person A asked for two "colours" to be revealed
* Person B provide the associated "colour and random string"s, the pre-images of the requested hashes
* Person A checks the hashes and now knows the colours of those two vertices.
Should I write this up "properly"? It's already discussed elsewhere on the 'net.
The version I'm describing has it physically sitting in front of you at the time, so you can see that the colours haven't been changed "on the fly" after you pick an edge. In this version:
(A) I colour it;
(B) I cover the vertices so you can't see any of them, but I can no longer change them;
(C) You choose the edge, and I reveal the endpoints.
Converting this to a digital version requires further work ... my intent here was to explain the underlying idea that I can prove (to some degree of confidence) that I have a colouring without revealing anything about it.
So just off the top of my head, for example, I can, for each vertex, create a completely random string that starts with "R", "G", or "B" depending on the colour of the vertex. Then I hash each of those, and send you all of them. You choose an edge and send me back the two hashes for the endpoints, and I provide the associated random strings so you can check that the hashes match.
This reminds me of the "Where's Waldo (Wally in UK)" example:
You can prove that you found Wally with a large piece of paper with a hole in it. You move the hole over Wally, and the person you're sitting with can see you found it, but he's no wiser about where.
Another way is to get them to put marks/signatures over the back of the blank. Overlay to e blank, and cut Wally out of it where he occurs on the actual page and give them the cutout.
Too late for anyone to see this comment, and it's just a trivial bugbear of mine, but the article has this:
> "... meaning a radio signal will take a full 24 hours—a full light-day—to reach it."
They don't mean "a full light-day" ... they mean "a full day". They're talking about the time it will take, and "light-day" is the distance it's travelling.
A trivial type error that a compiler would barf on, that people will gloss over and not notice, but which niggles at me.
Sorry ... I now return you to your regular programming.
I rarely post this, I usually just let things go. But quoting from the guidelines[0]:
On-Topic: Anything that good hackers would find interesting. That includes more than hacking and startups. If you had to reduce it to a sentence, the answer might be: anything that gratifies one's intellectual curiosity.
Off-Topic: Most stories about politics, or crime, or sports, or celebrities, unless they're evidence of some interesting new phenomenon. Videos of pratfalls or disasters, or cute animal pictures. If they'd cover it on TV news, it's probably off-topic.
It may be true, and it's in the news, but I don't see how it "gratifies one's intellectual curiosity."
In Germany, it is the law. § 44b UrhG says (translated):
(1) Text and data mining is the automated analysis of one or more digital or digitized works to obtain information, in particular about patterns, trends, and correlations.
(2) Reproductions of lawfully accessible works for text and data mining are permitted. These reproductions must be deleted when they are no longer needed for text and data mining.
(3) Uses pursuant to paragraph 2, sentence 1, are only permitted if the rights holder has not reserved these rights. A reservation of rights for works accessible online is only effective if it is in machine-readable form.
There is no way that you can sue the people responsible for DDoSing your system. Even if you can find them ... and you won't ... they're likely as not either not in your jurisdiction (they might be in Russia, or China, or Bolivia, or anywhere) and they will have a lot more money than you.
People here on HN are laughing at the UKs Online Safety Act for trying to impose restrictions on people in other countries, and yet now you're implying that similar restrictions can be placed on people in other countries and over whom you have neither power nor control.
No appeal, no reasons given, no possible way to create another account.
Just. Banned.
The companies need to be big enough to provide the amazing services they do, but once they are large enough they will never care about individuals.
My internal model of large companies is that they are intelligent, psychopathic aliens. The people in them are like cells in our body, important for the function, but with no agency, and they are not who you are dealing with.
You're dealing with the company, and it's an inhuman, psychopathic alien.
reply