Yes, but you can double down on this stuff or introduce it in places where it hasn't yet manifested. It's perfect precisely because these are natural inefficiencies.
I don't know, and the specific percent isn't the point. I'd encourage you to critically read bios of any Silicon Valley idols you might have, with an eye towards this.
My personal epiphany came about 10 years ago. I was in an incubator in SF, and some investor came to give a talk about fundraising. They heavily emphasized that many startups do a friends-and-family round to bridge them to a proper seed round-- nothing major, just get 20k from 5 family members and you should be good until you have something to show angel investors. My two co-founders and I (all from the Midwest) realized that we couldn't even come up with five people to ask for 20k because all of us came from pretty modest families.
These are the types of privileges that get glossed over in success stories. To be successful you, more likely than not, need to either have money or have connections to money. Everyone likes a good underdog story, but those founders are more like lottery winners than anything else.
So, coming from that lens, it's hard to take advice seriously from "successful" entrepreneurs. It's sort of our industry's equivalent of "just stop eating avocado toast and you'll become a millionaire."
Does anyone know who runs these sketchy archive sites? They have a lot of data on political news readership.
Also, it asks me to complete a captcha and sticks me into a loop distinct from the usual google captcha loop (continues looping even after green checkmark indicates success). This makes me suspect the site is a captcha solution farm (present fake captcha to user, send solution to some bot that needs a captcha solved somewhere).
There isn't a clear answer to that but here's what Gene Spafford wrote in 2006:
> So where did the “change passwords once a month” dictum come from? Back in the days when people were using mainframes without networking, the biggest uncontrolled authentication concern was cracking. Resources, however, were limited. As best as I can find, some DoD contractors did some back-of-the-envelope calculation about how long it would take to run through all the possible passwords using their mainframe, and the result was several months. So, they (somewhat reasonably) set a password change period of 1 month as a means to defeat systematic cracking attempts. This was then enshrined in policy, which got published, and largely accepted by others over the years. As time went on, auditors began to look for this and ended up building it into their “best practice” that they expected. It also got written into several lists of security recommendations.
> This is DESPITE the fact that any reasonable analysis shows that a monthly password change has little or no end impact on improving security! It is a “best practice” based on experience 30 years ago with non-networked mainframes in a DoD environment—hardly a match for today’s systems, especially in academia!
I've heard variations on this idea which all stem back to that same kind of scenario of a DoD facility where things like access were limited and, for example, a spy who cracked or shoulder-surfed a password might have to wait some period of time to use it, none of which makes much sense in our modern security landscape. I haven't seen anything definitive about the origins but it's very hard to find an actual security expert who thinks it's a good idea (as opposed to a compliance process enforcement person who might have had this trained into them) and these days I'd really be focused on how you could make WebAuthn mandatory.
>Back in the days when people were using mainframes without networking, the biggest uncontrolled authentication concern was cracking.
When we first got our terminals, at first, shared terminals, there was absolutely no guidance on passwords. Password security wasn't part of the consciousness. At least in my corporate experience in the 80's. Especially with all the data being on tapes. A security utopia, briefly.
Password rotation still makes technical sense today. The benefit is that it limits the utility of stolen credentials.
That’s basically all an MFA token is: a rapidly rotating second password. In fact the widespread availability of MFA options is one reason memorized passwords don’t need to rotate anymore. Just implement MFA instead.
Another reason is that forced rotation of memorized passwords gives users an incentive to create passwords that are simpler, and therefore easier to steal in the first place. So the technical advantage was nullified by a human factors disadvantage.
Security models from the dawn of computing, which operated on assumptions that no longer hold true, including passwords being stored in plaintext in /etc/passwd, then later, crypted in /etc/shadow. If the /etc/passwd file were stolen, then you'd have everyone's password. By forcing the password to be changed every X days, then even if an attacker got a copy of /etc/passwd, those passwords would not work after N days.
"Arc gives scientists no-strings-attached, multi-year funding, so that they don’t have to apply for external grants, and invests in the rapid development of experimental and computational technological tools."
Fantastic. This is desperately needed. Thanks Patrick C, Vitalik, et al, for funding this.
I agree. It'd be the same with Covid too if the risk was high. Ultimately the reason so many don't want a Covid vaccine is because the risk of hospitalization is only 1.6% and is well below 1% if you're young and otherwise healthy. Or if you already had Covid and have natural immunity you're about as protected as the vaccinated (<1% chance of hospitalization).
If the risk of hospitalization or death was 10%? 30%? Almost everyone would want the vaccine except the real hardcore anti-vaxxers. You wouldn't have to mandate or otherwise coerce people to take something if the threat was that credible generally. Few resist the smallpox vaccine, for example.
The threat is very credible. Just as the misinformation and bullshit campaign is very powerful. To the point where even a credible threat isn't enough to get people to act in their own best interest. With odds approaching 1:400 across the whole population of death and substantially higher of a serious bout of disease it is quite amazing how many people continue to downplay this because of the age factor.
If the odds were that good for the lottery I'd be playing.
The fear campaign is very powerful too. People radically overestimate the risk. A large % of the population overestimates it by 48.4%!
"For unvaccinated hospitalization risk, 2% of Democrats responded correctly, compared with 16% of Republicans. In fact, 41% of Democrats replied that at least 50% of unvaccinated people have been hospitalized due to COVID-19."
The problem is that many people who think that they are 'healthy' without comorbidities that make covid worse are, quite frankly, deluded.
"Nearly 40% of American adults aged 20 and over are obese. 71.6% of adults aged 20 and over are overweight, including obesity." (National Health and Nutrition Examination Survey, 2017-2018; Harvard School of Public Health, 2020).
So 71.6% of American adults are at elevated risk for severe Covid. Because even just being overweight increases your risk of hospitalization if you get it.
So IF the unvaccinated have the same demographic profile as general US adults, then 71.6% have an elevated risk of hospitalization if they catch Covid because they are overweight and unvaccinated.
You will notice that there is no political affiliation in that conclusion. Also, risk is not actuality, and levels of comorbidities vary from person to person, so population risks and personal risks are different.
Now, as to how many have actually had covid and been hospitalized I will admit that there is a perception difference based on political affiliation. But for that data, I will respect the actual statistics, not my perception based on displayed attitudes.
Basically, the problem is that a lot of adults think that they aren't fat, or don't know they have high cholesterol, etc. and are declining the vaccine because they are 'healthy'.
Thank you for this link. I had never heard of the ancient mechanical clock mechanisms. "The arc of progress" really is a fiction. Human knowledge needs to be passed down and nurtured. Same with culture.
