Hacker Newsnew | comments | show | ask | jobs | submit | nullc's commentslogin

> Firmware updates must be signed. Firmware updates should be signed by the manufacturers so that we can be sure we are installing ...

... NSA provided backdoors and are prevented from writing our own firmware to run on our own systems.

reply


Perhaps they should start by admitting that their prior response to that debacle was dishonest (or at least "horrifyingly, inexcusably incorrect", if they'd rather plead incompetence).

reply


http://www.dwheeler.com/trusting-trust/ < David A. Wheeler’s Page on Fully Countering Trusting Trust through Diverse Double-Compiling, for an example.

Though the diversity available for a go compiler written in go isn't very tremendous.

reply


Perhaps set your sights a little lower first? https://bitcointalk.org/index.php?topic=53855.msg642768#msg6...

There are tons of complications before you get to the point of worrying about machines that might kill people if something goes wrong. :)

-----


The key bit of it is this:

> StorJ is not able to find new hosting environments on its own, due to a lack of sufficiently powerful AI— but it can purchase the knowledge from humans: When an instance of StorJ is ready to reproduce it can announce a request for proposal: Who will make the best offer for a script that tells it how to load itself onto a new hosting environment and tells it all the things it needs to know how to survive on its own there?

The 'AI' doesn't have to be smart it enough to do everything itself, it just has to be smart enough to be able to hire a human to help it. This step could be broken down into lots of mturk-style tasks, each done by a different human:

1) Find hosting providers who accept Bitcoin

2) Evaluate the service provided by these hosting providers

3) Sign up for an account on this hosting provider

4) Setup an account on this server with this SSH public key

You could even deal with legal issues that way - have a retainer with a law firm, and if any issues crop up send them an email.

-----


"a patent was filed in the U.S. by the Massachusetts Institute Of Technology, titled “System and method for relativistic statistical securities trading”,"

We should all be thankful to that proud institution for taking decisive action to ensure another wasteful technology well never see the light of day.

-----


There is some chance I'm misreading your sarcasm here, but if you are willing to accept that arbitrageurs provide a useful function in the markets by keeping prices equal for roughly equivalent instruments traded on geographically diverse trading centers, then what's wrong with arbitrageurs competing with one another to provide that function?

-----


The issue is that resources are being spent not to create value, but merely to ensure that HFT #1 captures it rather than HFT #2. It's a lot like wearing a suit or going to college - it doesn't create value, but it ensures that applicant #1 gets a job over applicant #2.

Unlike normal market competition, this one actually is a zero sum game.

-----


The faster different markets come to agree on a price for similar instruments, the more efficient the markets are. The profit opportunity for the fastest arbitrageur drives competing arbitrageurs to compete. Ergo arbitrageurs are working with all of their skill and ability to make sure that markets are as efficient as possible.

Now you have a global marketplace where investors have a pretty good idea that their local markets have reasonable prices. The system works for investors and arbitrageurs (the good ones, anyways) alike. What's wrong with that?

-----


I wasn't arguing against arbitrage. I was arguing that investors don't care if HFT #1 arbitrages at 12:00:032 or HFT #2 arbitrages at 12:00:074.

-----


You don't think college education has impacted the world at all? Its literally just a resume checkbox?

-----


Mostly, yes. There are unusual cases like medicine and some engineering, but for the most part it is just a resume checkbox.

Evidence in favor of this: the sheepskin effect is huge.

http://econlog.econlib.org/archives/2013/06/baaaa_tremble_b.... http://econlog.econlib.org/archives/2013/02/sheepskin_effec....

So is ability bias: http://econlog.econlib.org/archives/2012/01/correcting_for.h...

And as a thought experiment, ask yourself which of the following would have had more of an effect on your life. Suppose you failed your humanities classes (assuming you are an engineer/CS and work as such). Would your life have been significantly different than if you forgot what you learned? How about if you cheated and passed? Mine certainly would be.

In principle, wearing a suit also has a small positive effect. It arouses some women. But in general it's mostly wasteful signalling.

-----


The sheepskin effect doesn't directly measure the effect of having a degree vs having exactly the same experience/education but no degree. This is because the person who gets the degree after 4 years might on average have worked a lot harder, and learned a lot more than the person who studies for 4 years but doesn't get the degree.

-----


Equality at the speed of light limited timescale is of relatively small economic value to the world. They are basically equalizing prices faster than you could ever learn about them.

The service of arbitrage is useful, but there is a bit of a winner take all here and a race to the bottom (meaning highest cost way of accomplishing the service). No one may care if it's equalized in 1ms vs 200ms, but the party that can do it in 1ms is going to take all the gain from the spread.

(I don't really blame the arbitrageurs; the markets should be doing batched sealed bid or other mechanisms to equalize participants; and avoid diverting massive amounts of funds to floating balloons between trading centres)

-----


there is a bit of a winner take all here and a race to the bottom (meaning highest cost way of accomplishing the service)

It's true that the fastest arbitrageur takes most of the profit, but when we say the cost is going up (i.e. the "arms race"), that means a bigger chunk of the arb profits (which are basically fixed, regardless of cost) are going to network providers, NIC vendors, FPGA vendors, and so forth. The costs to investors are coming down as the chances of buying a mispriced instrument become smaller and smaller.

-----


None of this is simply "arbitrage" as HFTers want the public to believe. The major brokers are perfectly capable of buying and selling at the best prices across any non-darknet market with even rudimentary order routers. What's happening is HFTers are gaining informational advantages and then exploiting them in microseconds. Based on realtime orders, they'll infer that someone wants to buy share abc at price x, deviation y, and then bet on that happening. HFTers can even infer which brokerage firms are placing the orders based on technical data including lag times and data-sharing partnerships.

-----


I see this argument often. How useful is this function vs taking lots of talented maths/compsci phds out of banking and into something else?

My guess is the system is utterly broken and we are wasting precious man hours gaming it.

-----


Should we stop making videogames too, because playing a game does nothing for the world.

Should we stop making music? If all musicans picked up trash on the side of the road, we would have a cleaner world. We can just replay 90s music forever.

-----


We can have them work on getting people to click on ads.

-----


If you want to argue in favor of a centralized system of allocating brain power from each according to his ability and to each according to his need, fair enough. Let's try it and see how it works out.

-----


MIT made about 70 million last year from its patents [1]. I'd guess that patent is no barrier for this technology to be adopted if there's enough practical value in it.

1. http://web.mit.edu/tlo/www/about/office_statistics.html

-----


I'm pretty sure most people have taken the certicom patent on using this technique for "escrow" as pretty strong evidence that it was an intentional backdoor.

Esp. coupled with its insanely slow performance and NSA's failure to point out that the selection of the 'random' numbers could be used to backdoor the cryptosystem. (especially when they continued to fail to point that out and support the cryptosystem while embargoing the patent for national security reasons).

But indeed, I'm not aware of any stronger proof. ... but people go to jail on evidence less circumstantial than this all the time. How high a bar must be set before we can just say "backdoored" without a page of footnotes?

-----


I basically agree with your conclusion, but it sounds like they did not embargo the patent: https://projectbullrun.org/dual-ec/patent.html ("recommended against a secrecy order"). Or am I confused about the meaning? Anyway, it at least shows the NSA was institutionally aware of the possibility of backdooring, and other cryptographers knew about it, yet NSA pushed for its adoption.

-----


Bitcoin works right without "the internet" or even an IP network, you can sneaker net around the Blockchain, if you like.

But indeed, Bitcoin-- and the technology in it-- doesn't generally solve the hard problems the web presents (just like the prior distributed system technology before Bitcoin didn't solve Bitcoin's issues). There is a lot of seriously misplaced hype in this space.

A bit of pedantry on your last comment: "The biggest problem with the blockchain is that every (at least veryfing) node need a full copy of it" -- this isn't true. Please see section 7 of the original Bitcoin whitepaper "Reclaiming disk space".

It's still not a suitable mechanism to store arbitrary data, however.

-----


Funny. If the story was different and arguing something on the basis of floating point; I would have been posting saying that its very unlikely that the firmware was using floating point (or even running on hardware with a fast FPU).

-----


For single precision single argument functions you can exhaustively test to obtain data about the accuracy of the results.

-----


> the accuser needs to prove that you previously heard

Yes, indeed there are corner cases; and ugly outcomes. At the limit anyone can sue anyone for anything. But by broad strokes, both in theory and in practise the situation around copyright is far more clear, and appears to produce less collateral damage.

-----

More

Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: