Did #CCP overplay its hand with Xi
I want to say the time is right for regime change
China had a chance and Xi messed it up
Right?
Xuebing Du

@theartofmadeline
KIROKAZE
NASA
Misplaced Lens Cap

⁂
tumblr dot com
No title available
let's talk about Bridgerton tea, my ask is open

titsay
Keni
Peter Solarz

Andulka

Kiana Khansmith

izzy's playlists!
YOU ARE THE REASON
he wasn't even looking at me and he found me
One Nice Bug Per Day

Product Placement
will byers stan first human second

seen from Kenya

seen from Hungary
seen from United States
seen from Uzbekistan
seen from Australia

seen from Netherlands
seen from Ukraine
seen from United States

seen from Türkiye
seen from Italy

seen from Algeria

seen from Colombia
seen from United States
seen from United States
seen from United States

seen from United States
seen from United States
seen from Switzerland

seen from Australia
seen from Türkiye
@vpathak
Did #CCP overplay its hand with Xi
I want to say the time is right for regime change
China had a chance and Xi messed it up
Right?
Backdoor Roth IRA
Step by step guide : http://thefinancebuff.com/the-backdoor-roth-ira-a-complete-how-to.html
But better to cleanly separate deductible and non-deductible contributions by having a different account, eg: http://thefinancebuff.com/solo-401k-self-employment.html
Xml security wrapper
Fix centos keyboard on laptop
hold down the control and function key at the same time (bottom left of my hp laptop keyboard) then, while holding them down, hit the shift key on the right 2 times. That should do it, works for mine whenever I accidently set it for french symbols.
http://ccm.net/forum/affich-152804-help-my-keyboard-is-completely-messed-up
Crowdfunding Is More Likely to Replace Ads Than Micropayments
The rollout of iOS 9 and along with it adblocking plugins for mobile Safari has re-ignited the debate over the ethics of removing ads from pages. Marco Arment who released the paid Peace adblocker previously wrote a piece laying out his views arguing that publishers have crossed a line with ads and trackers that are too intrusive and disruptive. In response there are now pieces bemoaning the end of independent publishers and the web altogether. And inevitably micropayments are proposed as an alternative to ads.
I continue to be skeptical though that micropayments are the right way to finance content. The reason can be found in Kenneth Arrow’s work on the “information paradox” from 1962! I don’t know how much a piece of content will be worth to me, so I am not willing to pay for it until I have read it. But then of course I have already consumed the content and now my willingness to pay for it drops radically.
This insight explains why it is so difficult to charge for small pieces of content. Their value will vary widely across readers and ex ante any one reader doesn’t know the value. It also explains why it is a lot easier to charge for say a blockbuster movie or a big production value video game – there are enough potential customers who anticipate enjoying the content enough that they are wiling to pay the price *before* experiencing the content. Finally, this also explains why charging for a subscription bundle is a superior strategy for some types of content, such as Netflix and HBO – for some math see this paper by Yannis Bakos and Erik Brynjolfsson.
All the talk about how the actual costs of making a payments are the reason why micropayments haven’t taken off is therefore likely a red herring. Even newfangled super low transaction cost blockchain based systems do not get around Arrow’s Information Paradox.
How then is journalism to be financed? As I wrote in 2014, I continue to believe that crowdfunding is the answer. Since then great progress has been made by Beaconreader, Kickstarter’s Journalism category, and also Patreon. Together the amounts are still small but it is early days. Apple’s decision to support these adblockers may well help accelerate the growth of crowdfunding and that would be a good thing – I don’t like slow page loads and distracting ads but I will happily support content creation directly (just highly unlikely to do so through micropayments while reading). All of this provides one more reason to support Universal Basic Income – a floor for every content creator and also more people who can participate in crowdfunding.
But the underlying hypothesis can be questioned.
I buy a bestseller to read - not because I know it is worth it by having read it - but instead I can deduce it is good because others have verified and reviewed it for me. So the paradox is not quite as serious as it is made it out to be.
Ethics of Interview Question Sharing
I have observed some job interviews involve an ‘ethical test’ where the particular question is not asked for the ‘correct answer’, but instead is a decoy to understand your ethical values.
Then I observed this article about a famous question Goldman Sachs has been asking in its inteviews: http://finance.yahoo.com/news/heres-secret-solving-notorious-interview-174750555.html
Which leads to a conundrum. I think the first guy/gal who shared the question with his/her friend about to interview at Goldman Sachs was perhaps behaving unethically, but at what point did it become common knowledge and hence okay to write an article about?
How would you separate legitimate coaching and preparatory help from unethical insider secret sharing (which is another thing the finance industry gained notoriety for).
Fedora audit log (with love from Russia)
Had an intersting start to the day, when trying to debug an unexpected slowness in performance, tried to use tcpdump, and got some ssh connections to an unexpected ip address.
Existing security measures
Let me add my sshd is configured in the following security enhancing ways:
Disable password login. i.e. login only through authorized public key. This makes it irrelevant if someone knows my password. Logging in remotely requires you know the private key, like this in sshd_config:
PasswordAuthentication no
Disable root login. regardless of the above, do not permit root login from sshd, i.e.:
PermitRootLogin no
Additionally send a banner on ssh login. Not quite sure why this is recommended, but my guess is that this may prevent automatic detection of login success. But then if this true, the login banner should be same as a failed login response :-)
What is the connection in tcpdump doing?
Now going back to the tcpdump. The log had a few lines like this:
05:32:35.950912 IP 213.80.224.38.52649 > chakra.ssh: Flags [P.], seq 1:24, ack 1, win 2720, options [nop,nop,TS val 34981273 ecr 65564289], length 23 05:32:35.953602 IP chakra.ssh > 213.80.224.38.52649: Flags [.], seq 24:1372, ack 24, win 227, options [nop,nop,TS val 65564877 ecr 34981273], length 1348
The problem was why IP 213.80.224.38 was connected to my box? Geo IP shows it is from Russia http://www.geoipview.com/?q=213.80.224.38&x=0&y=0
The next steps were quite obvious 1. Stop sshd ( service sshd stop ) 2. Analyze the audit log (/var/log/audit/audit.log)
The audit log had an apparently troublesome entry like:
type=CRYPTO_KEY_USER msg=audit(1434101555.951:10101): pid=11213 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=c4:80:ba:39:6d:f1:be:fc:c0:39:f6:9d:fa:97:4a:23 direction=? spid=11213 suid=0 exe="/usr/sbin/sshd" hostname=? addr=213.80.224.38 terminal=? res=success'
Are my ssh keys compromised
It turns out to be a false alarm. See the fp="" pattern, which shows the fingerprint of the key attempting the login.
Is this a key I authorized? Simple to tell. Just cat all the authorized keys on the system onto a file in /tmp. And do the following:
split -l 1 keys ls x?? | while read name; do ssh-keygen -lf $name; done
Fortunately none of the fingerprints matched the one found in the audit log line.
So what happened?
It turns out the line to search for successful login is not the CRYPTO_KEY_USER line, but a line with type=USER_LOGIN . The following command had only a few valid entries which I could verify:
cat audit.log* | grep USER_LOGIN | grep -v 'res=failed'
But what about the failed logins? There were several, including from the IP address in 213.80.224.38 faithfully trying to connect from Russia at regular intervals.
And the tcpdump line? Well a failed ssh login attempt does include a successful tcp connection to sshd. I believe thats what was observed. More so because one can set up a failed login attempt and observe these exact entries in the auudit log and the tcpdump output.
Puzzle
Which brings us to the puzzle. Why would anyone spend network bandwidth trying to ssh login with a ssh key ? (The chances I generated the same key as they have are too close to 0 to even imagine.)
Any other explanation than irrational affection or such?
At Facebook’s first-ever privacy summit Wednesday, experts were divided on nearly topic at hand — including the definition of privacy itself.
Whats a good definition of privacy in the online social universe?
Algarve Caves, Portugal, Photography http://bit.ly/1FsP2uj
Git identity
Git throws up this message if you didnt set it up properly:
Your name and email address were configured automatically based on your username and hostname. Please check that they are accurate. You can suppress this message by setting them explicitly:
git config --global user.name "Your Name" git config --global user.email [email protected]
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author
How can I reset all the prior commits of this repository in a similar manner?
It is difficult being a marketplace
Becoming a marketplace is perhaps the most tempting market position which causes many startups to fail. The basic idea behind these ventures is to have a revenue model where buyers and sellers give you commission, and you reap super-normal benefits because being the (only or popular) market place forces both sides of the transaction to be present. And you hold the key which can block them.
We dont have to look hard to find successful businesses operating on this principle. Ebay is perhaps the most obvious example. And there many others as well - with different kinds of goods.
However, attempting to become a market place has its pitfalls. Because both sides of a transaction are addressed by you, there needs to be a balance struck between the interests of the two sides. Failing which, one party will become disaffected, and be prone to leaving and possibly suing your company.
What is more, the bias may be systematic, making it likely that (many participants on) one side of the transaction will suffer and leave, thereby reducing the value of the market as a whole.
I found this interesting situation while researching a website called careershowcase,com . It seems to have started with a fine concept - of linking up job seekers and companies via job fairs - but became biased towards the company (being easier to reach, and perhaps being the paymaster). It ends of being a ripoff report and a poorly visited site.
The question is how could a startup guard against such a scenario? Being a market is tempting, but failing to be a market is very common too.
"i) representativeness, which is usually employed when people are asked to judge the probability that an object or event A belongs to class or process B; (ii) availability of instances or scenarios, which is often employed when people are asked to assess the frequency of a class or the plausibility of a particular development ; and (iii) adjustment from an anchor, which is usually employed in numerical prediction when a relevant value is available" Thinking, Fast and Slow by Kahneman, Daniel
Despite privacy policy, RadioShack customer data up for sale in auction
The only things that are scarce in the world ... are the things that are difficult, and the only things that are valuable are the things that are scarce.
A wishful almost nostalgic piece on labor unions. But a more thoughtful analysis on what kind of labour union is needed in the current era would have been more useful.
Job fairs
While trying to understand the micro-level dynamics of how job fairs work, the most obvious thing was to identify the main problems people complain about. Here are a few links outlining some issues:
http://andrewhudsonsjobsblog.com/2010/11/08/the-problem-with-job-fairs/
http://work.chron.com/problems-job-fairs-12144.html
http://everydaylife.globalpost.com/problems-job-fairs-13929.html
Diagnosis of the problem
Marketing distractions. People looking to sell to job seekers will be hovering around (apparently schools do this)
Lack of information about what is available. If you spend time finding information then you have less time to interview many employers.
Not enough time to stand out. The environment is structured around candidate to recruiter information flow. The recruiters face the problem of excessive choice but limited time.
No preparation tips. It could have helped if candidates had a general idea of what the recruiters expect. Then they could prepare a bit or choose to avoid the recruiter and save time.
Conclusion
The problems originate from a combination of lack of appropriate information for the candidate and a lack of incentive for recruiters to make the information public. This is the core of the problems 2 to 4 above. By its structure, it looks like having real time collaborative information sharing between candidates could make this market more efficient.
Privacy is a human right
adapted from the Universal Declaration of Human Rights http://www.un.org/en/documents/udhr/