Hacker News new | past | comments | ask | show | jobs | submit | floober's comments login

> And yes, in finance, the correlations between asset classes shoot up toward 1 in periods of crisis (black swan event) . Hence, the research for tail-hedging strategies...

Related to what you said here, I was surprised there wasn't a comparison with Vine Copulas in the paper or thread! But this is pretty far outside of my realm of expertise, so maybe it shouldn't be surprising.


Efficiently? Maybe. Providing the same type trust and guarantees? Probably not. A public, append-only Merkle tree just has a lot of interesting properties and I think there are spaces where they are useful.


> So they set out to describe it as „an accident“ because „blameless post-mortems“ are something people really like?

As someone who has operated bug bounty programs, understanding what processes might have prevented things from going off the rails _in spite of_ internal actors with different motivations is very helpful to me. Placing all of the blame on an individual removes the opportunity to improve things.


> Placing all of the blame on an individual removes the opportunity to improve things.

It seems to me that there's another option. Describe the problem thusly:

> A Lyft employee grabbed our data storage access keys from Github. He, or someone else then used these keys to grab PII that Uber was legally required to safeguard. Uber management and/or legal actively worked to cover all of this up and mislead the FTC about the nature and size of the breach.

>

> Given these facts, what processes and procedures can we change or create to ensure that the PII we're charged with safeguarding remains safe and guarded, that any threat to or breach of said information is detected as soon as is reasonably possible, and that any attempts of management and/or legal to cover up any such incidents are detected and reported to the appropriate authorities?


But the bug bounty policy was very clear on all of this and this extortionist never concealed his intentions. And all this text can come up with is "what if we loop in even more people". Indeed this description made it very clear that the existing processes were intentionally subverted; what can more processes do for avoiding that when it happens by decision of the CSO and CEO?


An example of a complicating factor identified by this postmortem is that the CSO was simultaneously a Dep. GC, and was made a DGC in part to facilitate direct reporting relationships with the CEO that ended up short circuiting the normal GC process.

Further factors identified in the postmortem involve responses given to the FTC that weren't properly vetted, but easily could have been by a typical counsel's team.


This looks fantastic! I'm working on a desktop app and I've been struggling with the extensibility story in the back of my mind for a couple of weeks now.

Thanks for building this!

edit: For what it's worth, the use case and value of something like this was immediately apparent to me.


Awesome! We'd love to see what you end up building, and if you use Extism please let us know what you find missing...

> For what it's worth, the use case and value of something like this was immediately apparent to me.

Thank you for saying so. Negative feedback doesn't bother me (I appreciate anyone taking time to speak up), but it's also usually the only kind you get on the Internet :) so we appreciate hearing that. Translating ideas into words is hard, especially in software.


For me, I use the simple stuff (Semigroup, Monoid, Monads, Functors, ..) the most. Often times I'll be reasoning about a problem I'm working on in Haskell and realize it is a monad and I can reuse all of the existing monadic control structures. It is also helpful the other way, where you start working with someone else's code and seeing that it is a e.g. Monad immediately tells you so much concrete info about the structure, where in a less structured language you might need to reed through a bunch of docs to understand how to manipulate some objects. The "killer app" is all of that extra structure shared throughout all of the codebases.


Same here. I drank the cool aid a few years back, and started using fp-ts in my frontend projects, hoping to use algebraic data types regularly. But today all I use is the Monad. I can't find any motivation to write abstract algebra to build UI widgets.


> I can't find any motivation to write abstract algebra to build UI widgets

This made me chuckle, because I am at this very moment trying to apply the "tagless final style" described here[0] to a custom GUI in a personal-for-fun-and-learning ocaml project : )

[0] https://okmij.org/ftp/tagless-final/course/optimizations.htm...


I would imagine in the current climate the properties are operating at a profit, don't you?


Hard to say, it only takes one month without a tenant to lose money. You better have the cash flow to counter that. The landlords I know (not a representative sample) all have lost a lot of money as covid meant they couldn't evict tenants that were not paying rent. There are programs to get some back, but if you evict before getting money you get nothing.

In the long run you make a lot of money, but it is a long time before profits are enough to live off of. For the first years the money goes to paying the bank, insurance, taxes, and if you are lucky there is enough left to cover basic repairs.


What about incitement to violence?


That's already illegal, report it to the police


"Some guy in Russia told all the white men to rise up and kill all the jews and blacks"

The police "again, that's the 23rd time today"

This kinda breaks down at the global scale. I can call for violent acts at your front door from a continent away with impunity.


The main issue is violent acts, not the call for them. Whoever does something violent will not do so with impunity.


See, when you live a privileged and safe life these are some of the lies you believe. You are protected by your position in wealth, race, and maybe location. You're not black, or Jewish, or a unionist, and its all a big surprise when the angry mob does come for you. You yell "this is against the law!" And then only realize the person posting the hateful redeoric online was the officer that should be protecting you.

The fascists call for violence is always a joke to them, until the moment it is not.


Through the fog of purple prose and judgment based on your assumptions and theories of ethnic classification, you seem to be claiming that the police will protect us from speech but not from violence. I don't see how that could possibly add up.


Right? Also these companies probably hired a lot of folks during the pandemic, and also relaxed their performance criteria while everyone was adjusting to remote work... So this just sounds like some folks are being caught off guard by the fact that yes, there are real performance expectations and you might not be meeting them.


Why would a crime (especially one external to the university) be better handled by the university than the legal apparatus?


Because it would be better for the university to talk to and then exit misbehaving students from the school rather than throwing them to the legal system. Also you probably misunderstood what sending a message like this to the dean would accomplish.


These are adults, not minors. They have the rights of adults and are expected to behave like adults, and they also receive the consequences of adults. Being the members of a 40k/semester institute, whether that is a university or a country club, should not excuse you from your criminal behavior.


I think my solution is more parsimonious, and obviously, if the dean doesn't respond you just move on to the police.


But when someone commits a crime, we're not interested in being more parsimonious.

We're interested in achieving justice. Justice which is defined by our democratically determined court system.

Why do you think being parsimonious is a better objective than being just?


If someone is a member of the local golf club, should the golf club be called to met out punishment if the member swindles some pensioners out of their savings?


I'm not sure why the college would even propose such an arrangement. Do they actually want to be held accountable regarding their response to students who break the law, particularly if it is ohff campus? Do they want to deal with lawsuits from those who are shown the door? (In this case, it may have been cheaper but it sounds like it has more to do with the college administration stepping in when they should have simply told the affected students to legal aid.)

The legal system is far from perfect, but it is often better than the alternative.


Agreed. If you're an individual who wants to work this hard, hopefully you can find a team of like-minded folks who will work hard with you and make sure that it is structured in a way that you all reap the benefits.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: