Monday, November 28, 2016

Machine learning and black swans


Machine learning is all about prediction based on historical data. Does it take into account black swans -- unpredictable events that occur out of the blue and are completely random and thus can't be predicted? It doesn't. How accurate is machine learning in general then?

Let's take the famous turkey. For a thousand days it's been fed, but on the 1000 and 1st day it was killed, cooked and eaten. What would a machine learning algorithm make of it, is it able to predict it being killed based on the first 1000 day? Not only is it unable to, but also it'll predict, obviously, that the chance of death is infinitely small, if not zero. 

Saturday, November 12, 2016

My VPN service is somewhat ready

https://murasakinoki.com 紫の木

It functions like clockwork, although it's not completely ready yet and even the name isn't final either. The authentication mechanism is done via a temporary token which you receive on your email, with no password. It's built in Elixir/Phoenix framework.

Update:
The website has moved to omagatoki.co It's pronounced Oooo .... magatoki.

Thursday, October 27, 2016

Are you really the one who ownes your data of your facebook account?


The other day I listened to an story of a man who had been sued by facebook and had courage to stand up to the company click-click. In his story he mentioned that most companies in Silicon Valley absolutely love the fact that very few people read terms of use when they sign up at a website. 

Facebook how it's displayed for me in Cambodia

Facebook's terms of use and supposedly terms of use of other Internet giants as well state that the company is the party which owes the user’s data. Not the user. The user is out of luck. This means that after you've signed up at facebook, your private data, pictures, videos and other stuff belong to facebook. Who among users is actually aware of that?

Thursday, October 6, 2016

A zero-knowledge system with encryption on a client can also be insecure.

Client-side encryption is considered more secure than server-side because in the 1st case you rely on your own whereas in the 2nd one you rely on a server. A server might not do encryption a right way, it might even not do encryption at all but claim it does.

Suppose, there's a web site where you can encrypt a message with a password. The encryption process is done on a client by javascript and a password is never sent to the server. The server only stores an encrypted message. Is it more secure compared to a version where you'd send your password to the server, it'd encrypt and save it with a salt in a database? Yes, because we can't know what's going on the server.

However, even so encryption is done on a client by javascript, it's still vulnerable. That is, the server might occasionally and intensionally inject malicious code into the javascript file  which does encryption for some users or slightly modify it. Not for all of the users, not for each request, but once in a while and only for randomly chosen users. The malicious code might send a plain text password to the server. Since a user  has used the website for a long time, he trusts it, therefore he won't bother to inspect each response and the source code of javascript. Furthermore, a user might even not be aware of this thread and thus might end up having his password leaked and a message decrypted by the owner of the website. 

Tuesday, October 4, 2016

Too much technology will have eventually spoilt us.


Hundreds of years back humans were dependent on physical health. Nowadays it no longer matters that much due to technology. And this trend continues. We still take value out of our memory, smartness, creativity, appearance and different kinds of skills. For example, you’re skillful in communication. I envision that sooner or later we’ll have some kind of a flash-stick which you plug in into your head and upload the information you need to learn a certain skill. And Bob’s your uncle – in a few minutes you’re able to communicate as affectively as a person who has been working hard to improve their communication skills for years.

A robot in a mobile-phones shop in Taiwan

Sunday, September 4, 2016

Why Upwork sucks

Have you known that at Upwork if your customer doesn't bother to leave you a feedback, your job success goes down? If you have a number of jobs without a feedback, that affects your job success even more badly.

Have you known that if your customer doesn't bother to end a contract and instead pauses it or a contract is paused by Upwork and remains paused for a couple of months or so, your job success goes down as well?

Have you known that if your former Elance customers haven't ended the contracts at Elance.com when you had worked for them there and thus the contracts have been paused and automatically moved to Upwork, your job success goes down because currently there’s a bug at Upwork which doesn't let you to end those contracts? They’re not visible in your private “My jobs” section, but they are in your public profile and are shown as "in progress".

Have you known that if your customer doesn't ask you directly to refund them some money and instead opens a dispute, your job success goes down? No matter what the reason is, no matter who is guilty. For example, a job can’t be completed because a customer’s server has broken down. You might well be willing to return some money if your customer asks you to do so. But because the customer doesn't ask you for whatever reason and instead opens a dispute, your job success goes down.

Have you known that even an hourly paid contact doesn't guarantee that you'll get your money, although Upwork claims it does? If your customer opens a dispute, your money will be returned to your customer.

How sane are Upwork's programmers and management? Why is a newbie freelancer with 10 hours and a single job so far considered to be a top freelancer by Upwork's standards, whereas the one with thousands of hours and tens of jobs has a poor job success rate even though the majority of the jobs they've had thus far, have been successful with the rate 5* or close to it including the most recent ones?

Why does a freelancer have to be responsible not only for themselves but also for their customers?

Wednesday, August 31, 2016

An easy explanation of the difference between concurrency and parallelism


Sometimes it takes a long time to acquire understanding of something and finally I've understood the difference between parallelism and concurrency.

Suppose you have 3 huge bags you have to move from your house to your friend's house. You want to save money thus you don't take a taxi and decide to go on foot caring the bags only by yourself. They're so huge, however, that you can only carry one bag at a time. The city you're in is safe enough so you can leave them on the street and no one will steal them.



Concurrency: you carry one bag 10 meters, quickly return to the place where you left your 2nd and 3rd bags, grad the 2nd one and carry it 10 meters, then again quickly come back, grab the 3rd one and carry the same 10 meters. Then you take the 1st bag again, carry it for 10 meters, come back and grab the 2nd one, carry it and take the 3rd one. And so on and so forth until you bring all of them to your friend's house.

Parallelism: you ask two your brothers to help you out and you three take those three bags at the same time, one bag for each person, and bring them to your friend's house.

Asynchronism: it's not directly related to these 2.