Wow, I have been looking for a resource like this for years. I had put the question more in the form of, what year did they call it in Rome what we now call the year 1 AD? Now I know it's Augustus 30 or something like that.
I would like to see this in a timeline format where all the different eras can be shown along side each other.
The existence of a configuration that limits attestation to a probabilistic phenomenon seems like a very thin foundation to stand on here - if it can be changed to requiring 100% attestation rate in the future I think it will be changed as soon as it is feasible to do so.
I haven't reviewed the proposal enough to see how they implemented that, and if it was done in a cryptographic way that prevents changing to 100%, then that could work. But the fact remains that control of our browsing computing environment is diminishing under this proposal.
It seems to me that “if it can be changed to 100% attestation rate in the future, it will be done” is a slippery slope argument and assuming bad faith on behalf of the proposal writer.
I think if it were changed to be 100% then it would be problematic. Also it seems the proposal writer would also agree that some form of opt out is required to make it viable so as to not forbid unknown clients.
I think its important to stay away from considering potential “what ifs” that completely defy the intent of the spec. For an example of why this isn’t effective discourse, we could have a potential addition to the spec to explicitly block users from certain countries. That’s not great but also its easy to understand why its not worth debating that point (even though it does sound scary).
If you had said that 5 years ago, I would have believed you, but the latest trend of megacorporations and billionaires moving against the interests of their users and ignoring their complaints has changed my stance on that.
Google is a big dog and will not care about our yapping. If it's allowed to do as it will without consequence then it will do so, and there is nothing that individuals can do to stop it other than to cease using their products.
Part of the job of web specification development is to determine what potential bad actors could do in the future. If a spec was proposed that easily allowed blocking users from certain countries, I would want that listed in the potential risks. Mitigations and technical requirements are introduced into specs all the time that only exist to stop a potential future attack.
I don't understand how a probabilistic holdbacks can be effective if you can requests for the attestation token multiple times. If the holdback percentage is 10%, the probability of getting no attestation for 10 calls in a row would be something like 0.1^10 = 1e-10. This seems trivial to implement and use to block users.
Granted, I don't fully understand how they intend to holdback, but even if they cache the results of the attestation such that 10 calls in a row fails to attest, they can't cache it infinitely. Website can employ traditional fingerprinting techniques/cookies in combination with attestation to build pretty foolproof systems to not serve the user based on attestation results.
This too. Maybe Google is willing to say something like "okay, for the duration of today, no WEI for you"; but unless they're doing something a lot more clever than the spec suggests, the "fallback" could very well be "retry the request until it succeeds and sends an attestation token."
Google would need to make holdbacks persistent enough that you couldn't retry them and get a different result. Even if they do, there are other problems, but... I mean, randomly failing requests is definitely not enough to guarantee that attestation would be optional. And there are no details I see in the spec that suggest to me that Google is planning to do something different.
How would you even differentiate between retries? If you isolate it by domain, the website can redirect you 10 times, each collecting an attestation token. They could perform statistical analysis with cookies. Websites could even force logged in users to conform to a particular browser (banking apps already do this). It's difficult for me to understand how the authors can miss these implications. They even said that with holdbacks the websites can still perform statistical analysis. Statistical analysis is not just a tool for aggregate data. It can be applied to a single client with enough other identifiers.
The "explainer" does actually address this, by talking about "a small percentage of (client, site) pairs". In other words, a particular browser, going to a particular site, will always and forever either enable holdback or not.
So, no, you couldn't continually request attestation from the one site. Instead, you could create 20 separate top-sites and load them all in tiny iframes. :)
Even if requests to separate domains didn't work, a 5% user loss is likely something that many websites can afford to ignore.
Remember that Firefox has at least a 3% marketshare. Safari has somewhere in the neighborhood of 20%. If websites are willing to go Chrome-only in that environment, permanent holdbacks won't change anything for those websites.
Particularly not if the solution to those holdbacks is "reinstall your browser and the holdback will probably go away." Which... they'd need to be unless Chrome starts tracking users to figure out who should have what holdbacks :)
The only way that holdbacks matter is if they affect 100% of Chrome users -- ie every single one of your customers/readers will at some point not send you attestation at some point for your website. And even then... telling them to refresh the page becomes a problem.
But it it's only a subset of users, then just banning 5% of users (especially from ad-supported platforms) seems perfectly feasible for a company and would probably be a preferred solution for some of them.
----
User: "Hey, for some reason when I browse Reddit nothing loads."
Support: "Yeah, very rarely a new Chrome install will do that. If you create an account and sign in, and then you send us some verification documents like an ID so we know you're not a scammer, then you'll still be able to browse. Otherwise just reinstall Chrome."
User: "Is there anything else I can do?"
Support: "No, we have to protect our ad integrity. If reinstalling the browser doesn't help, contact Google about it."
----
> Instead, you could create 20 separate top-sites and load them all in tiny iframes. :)
I have vouched for this article because it blew my mind.
I had no idea that there are left-leaning, feminist-identifying women who held such views.
I wish this article laid out a more substantive foundation for why the author holds their views. I tried to look into the book she mentioned, and I do worry that there's a bit of a echo-chamber effect going on here, because somehow the book was featured by Tucker Carlson? [1]
But it seems that there's a lot of passion here about protecting women-only spaces. I can respect that.
I think you may find this article of interest, it's a decent backgrounder to this point of view, and hopefully gives insight into why many left-leaning feminist women have adopted this view or are moving towards it:
Holly Lawford-Smith's book Gender-Critical Feminism expands on this in much detail. Kara Dansky's book, that you cited, is an enlightening read too, with more of a focus on US law and politics, as her linked blog post is. If you would prefer a more philosophical treatment of this topic, may I also recommend Kathleen Stock's work Material Girls.
> I had no idea that there are left-leaning, feminist-identifying women who held such views.
They're among the most vocal and out there group among the feminists, they're hard to miss.
> because somehow the book was featured by Tucker Carlson?
That should be a big clue. These aren't feminists looking out for other women, these are feminists looking for ways to elevate themselves at everyone else's expense.
Frankly it blows my mind to see this bigotry on hackernews, yet here we are.
I find it interesting that so many commenters here have reacted to this female-centered perspective with such knee-jerk emotion, throwing around accusations of bigotry rather than engaging intellectually with this feminist viewpoint.
At least there was one commenter who approached the issue with intellectual curiosity, marvelling at a point of view he'd never before encountered, and on that basis I consider this article having been well worth posting.
It's prison. You don't want them fighting and fucking, you keep them separate, not based on sex, not orientation, not identity, not race, (they will largely self-sort along those lines anyway), but rather on the key thing that actually matters: their ability and prediliction for causing violence/problems/injury/the thing you're trying to avoid.
The person in question like to fight people of a certain skin color, gender, identity, orientation, favorite food, etc? Keep the INDIVIDUAL that's causing a problem separate, not whatever demographic they belong to.
Can't keep them separate? Sounds like you overcrowded your prisons, which is an entirely separate issue. Trying to blame gender or sort the problem through the lens of sex/identity/gender just means you know have 3 separate groups that are fighting and fucking amongst each other. Good job, just wasted a bunch of time and resources on some virtue signalling.
Additionally it would be better to try to actually reform and treat people instead of just punishing them then tossing them aside, then wondering why it's so hard to keep the peace in the prison. But yes, the Trans people are the problem /s.
> It's also a test of absolute statements about bigotry
No, it's a dog whistle based on a false premise. You don't call for nuance with an "absolute test". You do that to feign an air of tolerance while pushing forward the narrative.
So I Answer with nuance about said shades of gray, and your response is that you don't want to read that much and "Its a binary question".
> For the record, the narrative I'm pushing here is "shades of gray
Fine. Let's assume that's true.
> Convicted formerly-male rapist, now identifies as female. Which prison do they go to
With information given, it doesn't matter, but generally default to male for violent criminals.
Reason: You prioritize protecting others from violent offenders over the offender themself when push comes to shove, which is what you're forcing by framing the question in such a way.
If we modify the question slightly to remove the implication and give enough actual information to make a determination, we'd specify who the male had raped. You send them to the opposite. Unless it's both/unclear, in which case, you refer back to my default.
It's not a hard question. But the way you frame it is straight out of a fascist handbook (Throw the "paradox" of tolerance in their face while strictly framing the question in a way that does not allow for nuance), especially while trying to advocate for "shades of gray" while insisting on reducing the discussion to a binary question. It's not productive discourse.
So no, the narrative here you're pushing is not "shades of gray", it's literally binary.
Hang on, we agree on where the prisoner should go. Obvious slam dunk case.
Why am I a fascist for it and you're not?
Yes I am deliberately winding you up here but maybe you're overattached to some narrative points? It comes off just like the people raving about groomers.
You still haven't picked up on the fact that I'm addressing your choice of manner to engage as a troll, not on the merit of subject at hand because I knew this wasn't about that anyway.
I don't know if you're a fascist, but you're using textbook fascist tactics to very poorly try to "gotcha me" before I called you out for not engaging in this topic in good faith, which you've now admitted multiple times.
To be clear, nobody is “formerly-male”. Gender reassignment through hormones and surgery doesn’t actually change sex.
The answer here depends on what you think the purpose of segregated prisons is. If you think it’s to reduce the risk of females being attacked by males (because the overwhelming majority of sexual assault is done by males to females), then males (regardless of gender) must go to male prisons.
Are you clear on the difference between sex and gender? Some people think prisons are supposed to be segregated by sex, with gender being less relevant to the purpose of protecting females.
Doesn’t really matter what they identify as. If they’re male they should go in the male prison. Identifying as something doesn’t change the physical attributes that make males a potential threat to females.
What a lot of people don’t understand about this flavor of feminism is that it isn’t about gender, or directly about trans people. It’s about the primacy of sex in defining and defending women as a class.
Social roles, gender, clothes, appearance, identification, personality… none of these things are what makes a woman a woman.
How do you vouch for posts? I didn't know that was a feature, and I have 900 karma which should be enough, but it doesn't show up the next to the flag (https://www.ycombinator.com/blog/two-hn-announcements/). The flags make sense though, it's too explicitly political and has opinions many on the site don't like.
This is called gender-critical feminism, a predominantly left-liberal movement that left-progressives in the US don’t distinguish from right-wing anti-trans people like Tucker Carlson. In the UK there is a clearer demarcation between being gender-critical and being anti-trans.
It is based on the idea that violence/harassment/oppression of women is rooted in sex (biology), not gender (social roles) and therefore that sex is the more important and meaningful way to define and protect womanhood, and thus that “woman” means “adult human female”, and is not something that can be identified into.
How can it be possible that there is @AI tagging in groups within the E2EE context? The AI generation must run on server side, probably through an OpenAI API, so the text of the conversation must be available to the backend to be able to generate the AI response. What am I missing?
I have personally taken a tour of the NIF at Livermore. The guide was an old hand, who constantly remarked about the efforts of NIF towards "stockpile stewardship," ie the maintenance of the US arsenal of nuclear weapons. It seemed like NIF was all about the stockpile stewardship first, and fusion research was a secondary consideration.
The capability of the NIF to get positive energy from the energy that they impart on the Hohlraum itself is neat, but I constantly discount any milestones that Livermore/NIF report, because the inertial confinement approach has such higher barriers to commercialization than tokamak style approaches, that I just consign it to "boondoggle" in my head.
Yeah, the lasers could be 20x more efficient, and yeah, they probably could figure out how to pump 10s of targets into the chamber per second, but the energy extraction is just completely missing from the considerations. The engineering challenges are a whole 'nother level for NIF, a big barrier to usability.
Seems like energy extraction would be similar to other D-T designs: surround the reaction chamber with molten FLiBe or lead-lithium and run some coolant pipes through it.
> surround the reaction chamber with molten FLiBe or lead-lithium
So manufacturing fusion reactors would use a lot of lithium, which is already in short supply. That would be an interesting complication with the demand of lithium for electric vehicle batteries. Maybe the Li supply situation will be eased by then.
The quantity of lithium required is miniscule, but would require a fair bit of enrichment to eliminate the Li-6. The limiting resource is the inner wall for which no known material other than double the annual world production beryllium is even close to sufficient
Personally my money is on SPARC as a demo plant and its planned successor ARC as a commercial power plant prototype. Unlike ITER these systems use high field strength superconducting magnets, which directly translates to a much smaller machine for the same energy gain. Because of the smaller machine size, it can be built much faster than ITER. The company building SPARC plans to achieve first fusion around the same time as ITER, and since their machines are smaller, they should be able to move faster. That said ITER will be fantastically useful for proving a lot of science, and I am happy we have so many viable fusion projects in the works.
ARC's volumetric power density is just 40x worse than a PWR's reactor vessel, vs. 400x worse for ITER. Neither appears to be on a route to an economical power plant.
I’m not sure I follow, but you’re saying the power plants are very large relative to their power output, and this size correlates to cost, thus making them so expensive that they are not economical?
You’re probably right, but I guess what I’m saying is that we’ve never had a fusion power plant that produces net energy gain at any cost. I believe SPARC is on the path to doing so. It will still take a long time to make fusion actually affordable. For what it’s worth I am a huge advocate of wind and solar power. But fusion is neat and I’m excited for us to get to a point where we actually have sustained Q total greater than 1.
Yes, that's right. View it this way: a fission power plant and a DT fusion power plant are pretty much the same, except for the reactor. The fusion reactor is many times the size (and mass) of the fission reactor, made of much more sophisticated materials, with a much more complex design, operating at higher stresses (loads on supports of the magnets, thermal power/area at the wall, neutron flux). So how is it that it's expected the fusion reactor will produce power more cheaply than the fission reactor? Note that fuel is today a small fraction of the cost of power from a fission reactor.
Ah, yeah that is totally valid. My thinking is not exactly that fusion power will be cheaper than fission any time soon, but that the technology has the potential to deliver safer power, and as important as wind and solar are to our transition over the next few decades, I believe that fusion has the potential to deliver much higher levels of power than wind and solar, allowing for new uses for electricity previously considered impractical. I wonder what kind of new manufacturing processes we can come up with if we have enough power to deliver huge amounts of process heat, for example.
I agree with you that in a practical sense fusion power will not be economical in the next 50 years, but then solar power was not economical for most of my life either. I am excited for the technology to get to the point where at the very least it is producing power, as this will stimulate more investment in lowering the costs, and has been such a dream for longer than I have been alive.
Solar and wind potential is enormous. The current world average primary energy demand is 18 TW, but the Earth is constantly being struck by 100,000 TW of sunlight. In no sense is a shortage of sun and wind an argument for fusion.
As for safety, the problem with fission isn't safety, it's cost. Trading off economics to obtain better safety is solving the wrong problem.
If fusion is not to be economical for 50 years, it will be competing against renewables (and storage) that have gone fully down their experience curves. In a world fully powered by PV, on the demonstrated historical experience curve, the LCOE from PV could be below $0.01/kWh (in today's dollars). Fusion will have a very difficult time competing against that.
I'm a complete layman when it comes to ICF, but I'm assuming that there is a scaling factor between surface area and volume that would eventually help here? As in, the lasers initiate fusion on the surface of the fuel pellet, which propagates the fusion into the interior of the pellet in a chain reaction / positive feedback kind of way. So that if you increased the surface area of the pellet by a factor of 10, you'd get 100 times more total output energy (since there is 100 times more mass in a pellet with 10 times the surface area). So you'd need 10 times the current input power, but would get 100 times the output power.
That won’t work, I don’t think. You can’t make the pellets much larger because laser nonuniformities and hydrodynamic instabilities will kill the implosion; there will be no fusion at all. But that’s not a problem, you see, because in a commercial reactor you’ll have a pellet factory making the required one million targets per day, and they will be injected into the chamber 10 times per second, with practically no down time. And each shot will have gain > 100 to get net energy out.
I have been using fastmail as a single personal account for the past year or so, so I don't have much to add to your technical assessment. However, I have been considering changing providers because of the political position of the Australian government. I've done a cursory search just now and can't find anything to back up my opinion, but my impression is that they have a pretty permissive stance on gov't access to data or just crappy Internet privacy laws, which I disdain. I have been thinking about making the jump to protonmail as my provider instead.
Basically any company is going to turn over any data they are legally required to do so. The US is not that much different. Plus the US has a law that says any data older that 6 months does not need a warrant! I see a law was introduced to prevent that, but I could not tell if it passed the Senate and was signed.
I find this really cool, kudos to the author for trying to build up an understanding from the actual data.
I find it interesting to see that the median temps in these select cities don't seem to be wandering up that much. I wonder if there is some statistical tool to analyze the slight upward angle on the linear regressions of the medians.
I am surprised that these data do not show a more extreme departure. I believe that we are getting hotter temperatures, etc etc. But perhaps my observations are colored by the media on this - if I were a lizard, would I see climate change?
> I find it interesting to see that the median temps in these select cities don't seem to be wandering up that much.
I can think of three possibilities:
1. The cold days have been getting colder, and the hot days have been getting hotter. The median temperature could still be somewhat constant in this scenario if the not-too-cold and not-too-hot days have temperatures that haven't changed much.
2. Even if the cold days have stayed roughly the same temperature, spikes and outliers in the hotter temperatures could still fail to move the medians that much. Consider that the median is often used to actively reduce the contribution of outliers to the data. Then it becomes a question of whether or not those spikes and outliers are meaningful or important.
3. Climate change is just a hoax (not something I believe, but it's certainly a "possibility").
> TLDR: The old maintainer appears to have sold the extension to parties unknown, who have malicious intent to exploit the users of this extension in advertising fraud, tracking, and more. In v7.1.8 of the extension (published to the web store but NOT to GitHub), arbitrary code was executed from a remote server, which appeared to be used to commit a variety of tracking and fraud actions. After Microsoft removed it from Edge for malware, v7.1.9 was created without this code: that has been the code distributed by the web store since November, and it does not appear to load the compromised script. However, the malicious maintainer remains in control, however, and can introduce an update at any time. It further appears that, while v7.1.9 was what was listed on the store, those who had the hostile v7.1.8 installed did NOT automatically receive the malware-removing update, and continued running the hostile code until Google force-disabled the extension.
I think that it has some really nice advantages, but it has some glaring issues that make its use case somewhat limited.
When you are defining some component and you can define exactly the query that the component will need in the same place, that is great.
However, doing normal things like file uploads introduce clunky extra steps like sending a mutation to get back a url that you then make the upload request to. Clunky.
Further, in the past my team has experimented with trying to do multi-model transactions with I think Apollo graph ql library, and it was not readily possible. That was back in 2020, maybe things have improved since then?
That's a subset of CRPGs, which simply stands (as the sibling notes) for "computer role-playing game". It's not the entirety of the genre by any means.
I would like to see this in a timeline format where all the different eras can be shown along side each other.