Thursday, August 25, 2022

Extended shower thought: Fish would be bad swimming instructors

Obligatory epistemic status: Speculative and hard to test but falls out an as implication under current worldmodel.

Just a shower thought I've had on my mind for a while:

Fish would be bad swimming instructors (for humans).

This remains true even after adjusting for/overcoming the differences in body types and ability to speak your language.

What do I mean? Well, to be sure, fish are good at swimming. And normally, that's what's you want in a swimming instructor...

...but not here. While fish are good at swimming, they have always been good at swimming. They were deft swimmers before they reached any point of being able to reflect on their selves or what they are doing. They have no appreciation for what it's like not to be a good swimmer.

What does "learning swimming" involve (for humans)?

Fish, being fish, never had to make the transition from being a natural biped to one that has repurposed its body for motion in water, which is what humans have to go through to "learn swimming". They never had to start from a mentality that finds walking somewhat natural -- and swimming somewhat unnatural -- and then adjusts its appendage motion in a way more suited to the latter.

We can imagine any kind of instruction session between fish and humans (as above, appropriately adjusted for language) to be fraught with peril. The fish might try to point out deficiencies that hold back the human. But it has never had to think about such deficiencies, because it has never needed to distinguish between the right way and the wrong way.  It was always just "the way" that came instinctually.

The fish might nearly lash out, frustrated that the human attempts an obviously ineffective means of water locomotion. But it has no idea why those flawed attempts are wrong. They just feel wrong.

The fish will happily demonstrate the "right way", just by doing it. But identifying the difference between its "right way" and "what humans do" would be a learning experience in itself, something it has no natural advantage in, as it was never part of the fish's "learning process for swimming".

The converse is true -- humans would be bad at teaching fish to walk (with the appropriate apparatus) or otherwise move on land. (But note the parallel isn't perfect as humans generally do have to struggle and learn how to walk, but not in any way that involves formal instruction.)

Implications for human-human interaction

So far, this insight feels (and, well, is) just idle speculation. But there are implications for ordinary life.

There will be times when someone is a "natural" at some skill. They're good at it. And that is their only teaching qualification. And they try to teach a non-natural that skill. They are then bad at teaching. The missing piece is the learner's mind is very different from what the natural is capable of filling in. Such a teacher will constantly show them how to do it "right" but not be able to identify the difference between what they're doing and what the learner is -- except by drawing on some kind of unrelated, general intelligence.

(I won't give any specific examples of such a skill, because those become contentious issues in their own right and detract from the general point. But I've definitely been on both sides -- learning from someone who has no understanding why they're good at it, and grasping to communicate something I do without ever thinking about it.)

You can also run into this problem when you become skilled at something. You can sometimes assimilate the skill so well that you are effectively a natural, by forgetting the whole process by which you learned it. You may lose the perspective you had as a beginner and are no longer able to relate to them.

Part of why I enjoy teaching what I know is that I seem unusually resistant to this process, and have vivid memories of the hurdles I overcame as a newbie.

Sunday, August 15, 2021

Refuting arguments no one cares about: Exploiting the "help" in the pandemic vs the wildfires

I don't think anyone actually wanted to learn about this, but it's stayed on my mind for being "an argument that's wrong and I can prove".


A while ago I made fun of a Facebook friend (call her D) for her "let them eat cake" cluelessness. This was during the 2018 (?) California wildfires when she made a big post saying how thankful she was that, in miserable air conditions, she could "still get her groceries" through delivery services. That prompted me (and, among others, another FB friend, "E") to drop our jaws and say, "Um, you don't care that you're just offloading all that suffering to poor workers that can't afford to just stay home, and will be breathing the lung-destroying air in your stead?"

(And, to be sure, there's the argument that someone total utility is increasing by virtue of how said workers still have the option to expose themselves to risks for money, and the counterargument about "well why have OSHA that workers can't opt out of ..." which is its own topic but didn't really appeal to me or E at the time.)

So far, so good.

But later, during the pandemic, it came out that E, for similar reasons, didn't feel comfortable just getting delivery so she could stay home when we were being asked/mandated to.

Those ... situations don't seem analogous at all to me, and I don't think someone should feel bad for ordering delivery during a pandemic like in an air quality emergency like wildfires. Here's why:

A) In a wildfire, you are shifting all of the hazard of the smoke onto the people who bring your deliviers.

B) But in a pandemic, moving to delivery reduces the hazard for everyone, including the delivery people.

In Kantian terms: If "everyone did it", then everyone would still benefit in case B). But in A), all the avoidance by the rich "D" personas would be matched by losses to those who still have to deliver.

To elaborate on B: the way a delivery service works, every worker involved has less Covid-spreading contact than than if everyone were shopping at a grocery store. The warehouses that set up the goods for delivery can, for their part, refactor and apply inexpensive countermeasures to reduce those worker's exposure. Furthermore, with everyone moving to delivery, you get economies of scale, allowing everyone to afford the delivery service.

So, to me, it didn't didn't seem like you were doing anyone a favor out of solidarity to keep getting your grocerys through in-person shopping.

Thursday, April 1, 2021

Leaked Google initiative: No more passwords!

I have an inside source that's claiming Google will be rolling out a new replacement for passwords and other secrets for authenticating users. They shared the upcoming blog post/press release with me. They're moving to a more "holistic" authentication system? Let's see if this pans out. In any case, here's the not-yet-released announcement.


Are you who you claim to be?

User logins protect websites from malicious actors, like spammers and trolls. So when you go online, only people with legitimate credentials can access the useful features of the site -- and others can't impersonate you. For years, you've used logins -- such as a username and password -- to prove to the site that you are who you claim to be, like this:

Some go even further and add a second factor to authenticate with, like an SMS code or one-time-password generator like you might have in the Google Authenticator app.

But, we figured it would be easier to just directly ask our users who they are -- so, we did! Following on our earlier success with No CAPTCHA reCAPTCHA, we’ve begun rolling out a new API that radically simplifies the login experience. We’re calling it "Credential-Free Authentication" and this is how it looks:

On websites using this new API, a significant number of users will be able to securely and easily verify their identities without (separately) having to provide credentials: no password, no rotating code. Instead, with just a single click, they’ll validate who they claim to be.

A brief history of user authentication

While the new login API may sound simple, there is a high degree of sophistication behind that modest interface. Authentication has long relied on attackers not having critical secrets, like a password or random number generator seed or other private information. You may have heard the traditional formulation, that authentication requires you to provide something you have, something you are, or something you know.

However, our research recently showed that it's about as likely for the genuine user to be missing the credentials as it is for a malicious actor. How many times have you forgotten your password or encountered a bug with your password manager? (Not GPM, of course!) Thus, challenging users for credentials is no longer a dependable test.

Furthermore, attackers are often able to steal user credentials, forcing providers to rely on a secondary layer of fraud identification, so as to lock accounts when users behave suspiciously. You've seen this if you've ever had a credit card declined for an unusually large or remote purchase.

Introducing Credential-Free Auhentication

That got our security engineers thinking: if we already have to analyze a user's behavior in order to catch account compromises, why not just use that as the authentication? It would cut two carrots with one knife! After all, an attacker might be able to guess your password or your credit card information, but they will never be able to mimic the full depth and breadth of how you interact with websites, from your browing history, to your cookies set, to the way you move your mouse.

Following the "No CAPTCHA" model above, we developed an Advanced User Analysis backend for logins that actively considers a user’s entire engagement with the the Internet to determine who that user is. This enables us to rely less on "Do you have the secret?" and, in turn, offer a better experience for users. Now, users can just click a radio button, and in most cases, they’re logged in. In fact, you'll rarely have to log in at all, because sites will "recognize" you, just like you don't have to show your ID to go into an event venue a second time if the bouncer recognizes you.

But are you really that person?

However, authentication challenges aren't going away just yet. In cases where our tracking cookies and other behavioral metrics can't confidently predict who someone is, we will prompt the user for additional information, increasing the number of security checkpoints to confirm who the user really is. For example, you might need to turn on your webcam or upload your operating system's recent logs to give a fuller picture.

Adopting the new API on your site

As more websites adopt the new API, more people will see Credential-Free Authentication. Early adopters, like Snapchat, WordPress, Twitch, and several others are already seeing great results with this new API. For example, in the last week, the number of support tickets for account resets on WordPress went down by 90%. Twitch reported similar figures -- and also was able to unmask several sockpuppets who had been manipulating discussions and vote totals.

To adopt the new CFA API for your website, visit our landing page for more.

Good users, we'll continue to keep the internet safe and easy to use. Bad users, it'll only get harder to hide yourselves and take over legitimate accounts -- sorry we're (still) not sorry.


Edit: Yes, this was an April Fools joke.

Saturday, November 7, 2020

How they handle multi-episode stories in a TV series

Related to: Expecting Short Inferential Distances (yes, linking LW is still a thing).

Below are some remarks I've made in scattered form in several forums, but I thought I'd collect them here.

Problem: A TV series will run for many episodes, and the writers will want to build up a storyline over many of them, which is necessary for a satisfying payoff. But viewers don't necessarily watch it all at once and keep the whole thing in their heads.

I call this the "narrative equivalent" of expecting short inferential distances (see the link above) -- just as people are used to an explanation not requiring a lot of steps, they don't expect a given scene or episode to need a lot of previous viewing to understand.

So, how do writers solve this problem? Here are the four general ways, with examples (feel free to offer more TV series for a category!):

A) Don't bother #1: Each episode is self-contained.

This is known as the "episodic" approach, as opposed to serial. Each episode can be understood without knowing anything about the preceding episodes, so there's no need to worry about this problem at all.

Examples: Star Trek (at least the original or TNG), South Park, The Simpsons (earlier seasons)

Downside: It's hard to feel investment when you know nothing will matter, that things will just return to where they were at the end. It also limits how much build-up (and corresponding payoff) the story can have.

B) Don't bother #2: It's the viewers' job to keep up.

Each episode just assumes you have the entire previous history in your head, maybe with some small reminders of previous relevancies for assistance.

Example(s): Game of Thrones

Downside: It only works for really devoted fans who will binge the whole thing and try on their own to stay up to speed.

C) Formal recaps

You've seen them: the narrator says, "Previously, on [this TV series]...", and then you get enough short clips to establish the relevant context for current episode.

Examples: 24 (after season 1), Battlestar Galactica, Burn Notice

Downside: A lot of people don't like them and think they're cheesy. (I've never understood this mentality, but there it is.) It also may force you to reveal what things from previous episodes will be relevant, taking away their surprise when revealed. There is a slight break in immersion since you have to go "out of the world" for them.

D) In-world recaps

Same as the previous, except you're not taken "out of the world" to do it; instead, there is a scene, within the story, that doubles as exposition of the things a formal recap would cover.

Examples: Breaking Bad, Bojack Horseman

Downside: It heavily constrains how you write the story and forces in pointless scenes that shatter immersion because they're retelling things -- and more slowly! -- the characters should know.

Well, there you have it. That about summarizes the different ways writers handle (or avoid handling) long storylines!

Wednesday, April 1, 2020

An HTTP status code to say "you messed up but I'll handle your request anyway"

So apparently, the Internet Engineering Task Force is going to introduce a new HTTP status code. Just like there's the 404 for "File not found", we're soon going to have "397 Tolerating", similar to a redirect.

The way it would work is, if you send a request that violates some standard, but the server can identify the probable intent of your request, it will reply with a "397 Tolerating" to say, "oh, you messed up, and here's how, but I'm going to reply to what I think you meant".

This is much better than the options we had before, which were either a) unnecessarily reject the request, or b) silently reply to the intended meaning but with no notice that was happening. This lets you tell the client you're tolerating their garbage!

My contact at IETF send me an early draft of the RFC, which you can access at the link below.

RFC 8969: HTTP Status Code 397: Tolerating

Pastebin Link

Wednesday, March 18, 2020

My presentation on using SAT solvers for constraint and optimization problems

Because of the virus we had to hold this meetup virtually, and I was slated to present there for the Evening of Python Coding. Since we made a recording of it, I can now share. Enjoy my not-ready-for-prime-time voice! (Yes, I need to update my profile picture ... badly.

Friday, May 31, 2019

Solving my first (Ghidra) reverse engineering challenge

I was pointed to this challenge by this article, and had heard about the NSA's new Ghidra reverse engineering tool. I was able to solve it without reading much of the article! Here's what I did.

Setup: They give you a compiled ELF binary that runs a program that prompts you for a password. It will tell you if you guessed correctly.

I was going to use this as a change to learn the Ghidra tool, with help from the article.

First problem: It's compiled to run on Linux Debian x86. I was doing it on a MacBook. So, it wouldn't run.

I noticed that Ghidra offers you the option to export the binary as C code (which makes sense, as part of Ghidra's reverse engineering is to convert a binary into assembly and slightly-more-readable C-like code). So, I figured I could just compile that to run on my Mac.

It didn't work though, since Ghidra exports an incomplete version of the code that uses some invalid types, and doesn't define all of its labels properly, which required a lot of manual work that was increasingly appearing like it would take too long.

So I figured I'd just run the binary in a Docker container. I found the Debian i386 version and pulled it down. (I had a long side diversion here getting a setup so I could edit files on my machine that would appear as I want in the Docker container, but the details are uninteresting besides this clever hack for getting the "copy file" command into your docker one-liner.)

So, I was able to run the binary.

Second problem: Somehow, it thought I was using a "debuguer" -- which I would be, at some point, but is strange, because I wasn't using one yet:

Don't use a debuguer !

I looked through the decompiled code to see where it might be doing this and found:

lVar1 = ptrace(PTRACE_TRACEME,0,1,0);
if (lVar1 < 0) {
    puts("Don\'t use a debuguer !");
    /* WARNING: Subroutine does not return */

Hm, okay, well that "if" statement maps to this part of the assembly:

0804868c 79 11 JNS LAB_0804869f

That is, according to this handy reference, "Jump if not sign." Well, whatever "sign" is, I want it to do the opposite -- change "JNS" to "JS", so it "jumps if sign" and skips that block -- the one that gives the mean message and exits the program.

I haven't figured out a good way to format that line, but 0804868c is the (hexadecimal) location within the binary, 79 11 is the hex version of the binary command itself, JNS the assembly term (just a mnemonic device) for that command, and LAB_0804869f is the argument passed to the command -- in this case, a label for where to jump to in the program.

According to that spec, the JNS command maps to 79, and if I want it to be JS, I need to replace it with 78. But...

Third problem: I don't have an easy way to edit binaries.

A convenient way to look at them is as a hex(adecimal) dump in a "hex editor", but I hadn't done that for a few months. Hex editors are useful because they show you the raw hex, the offset where it appears in the file, and, off to the side, the ASCII/text equivalent of that hex. Fortunately, I found this comment, showing how to repurpose my text editor, vim, to double as an easy hex editor. I can just open it up, edit the hex values, save, and it updates everything.

You can then run a utility, "gobjdump", to see the code as assembly and verify that e.g. JNS changed to JS as expected.

Fortunately, when I ran that edited binary, it did what I wanted: not accuse me of using a debugger, and proceed with the rest of the program.

The rest of the hurdles are similar: there's some if-test that can send the execution into a block that you don't want it to. Fortunately, this binary is structured ... stupidly, from a security perspective. It has that same kind of if-block for validating whether you entered the right password. Right afterward, if the check succeeded, it prints the password. Not your input, no -- it prints the correct password, which you can later validate on an unmodified run.

So, it's just a matter of tweaking the code so that the you always enter the block that outputs the password. (They were smart enough not to have the password itself appear as an obvious string in the binary, at least.)

Once I saw the output, I could submit it at the challenge site and very it was correct.

Now for something harder!