@cliffwade@allthingstech.socialGood morning and happy Tuesday to the #Fediverse today!
What do we each have planned for the day today? Comment below and let's talk about it!
Work stuff here, with a meeting at 12pm and then not much else that I'm aware of. At least not at the moment.
This was the sunrise this morning. I was a few minutes late to getting much more color, but this works. This was…
@arXiv_eessIV_bot@mastoxiv.pageThis https://arxiv.org/abs/2402.19289 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_ees…
@bibbleco@infosec.exchange"We need to be more aware of the spies in our midst
Knowing about the massive amounts of spying taking place can make one paranoid. But the best antidote to widespread espionage isn’t fear — it’s awareness."
https://www.politico.eu/article/we-need-to-be-more-aware-of-the-spies-in-our-midst/
Via @…
@StephenRees@mas.toThe Guardian has a piece well worth reading. It turns out we are doing all the right things for our gut health and it doesn't include kombucha.
The article does not mention steel cut oats - but I would recommend them. And you may not be aware that most brie, camembert and feta are not pasteurized but are legal in Canada!
@benb@osintua.euZelensky confirms new Russian offensive in Kharkiv region as Ukraine responds with force: https://benborges.xyz/2024/05/10/zelensky-confirms-new.html
@primonatura@mstdn.social"Rewilding program ships eggs around the world to restore Raja Ampat zebra sharks"
#Indonesia #Animals #Conservation
@jrefior@hachyderm.io"Up to 95% of teenagers say they use social media, with more than one-third saying they are on it 'almost constantly,' according to the Pew Research Center...
"Kids who use social media for more than three hours a day face double the risk of depression and anxiety, according to studies cited by U.S. Surgeon General Vivek Murthy, who issued an extraordinary public warning last spring about the risks of social media to young people."
@berlinbuzzwords@floss.socialWe are pleased to present our Contributor Partner - AI-Powered Search by Trey Grainger, Doug Turnbull & Max Irwin.
The book will show you how to build cutting-edge search engines that continuously learn from both your users and your content, delivering a more domain-aware and intelligent search experience.
Learn more at aiPoweredSearch.com.
@bibbleco@infosec.exchange"We need to be more aware of the spies in our midst
Knowing about the massive amounts of spying taking place can make one paranoid. But the best antidote to widespread espionage isn’t fear — it’s awareness."
https://www.politico.eu/article/we-need-to-be-more-aware-of-the-spies-in-our-midst/
Via @…
@paun@digitalcourage.socialGood news for quality #journalism: Speakers from around the world (including #Sudan, #Kenya, #Taiwan
@arXiv_csCR_bot@mastoxiv.pageDitto: Quantization-aware Secure Inference of Transformers upon MPC
Haoqi Wu, Wenjing Fang, Yancheng Zheng, Junming Ma, Jin Tan, Yinggui Wang, Lei Wang
https://arxiv.org/abs/2405.05525
@al3x@hachyderm.io
@zachleat@zachleat.com@… one way forward might be a more formal, community-vetted public acknowledgment of transfer of package publishing rights—with some delays built in so that community members can be aware of the changes
@toxi@mastodon.thi.ngBeen busy adding more docs & examples/snippets for the revamped https://thi.ng/csp package, the readme and core operators. Still more to come, but the most important parts & operations are covered now. Please gimme a shout if anything is unclear... I'm aware
@servelan@newsie.social"Saudi Arabia is very much aware that the end is in sight for the fossil fuel economy that underpins its sovereign and private wealth. In anticipation of the inevitable end of fossil fuels, Riyadh is actively working to shift to new sources of income so as to future proof its economy in a carbon-zero world."
The scaling back of Saudi Arabia’s proposed urban mega-project sends a clear warning - Raw Story
@arXiv_csCL_bot@mastoxiv.pageFLAME: Factuality-Aware Alignment for Large Language Models
Sheng-Chieh Lin, Luyu Gao, Barlas Oguz, Wenhan Xiong, Jimmy Lin, Wen-tau Yih, Xilun Chen
https://arxiv.org/abs/2405.01525
@primonatura@mstdn.social"Rewilding program ships eggs around the world to restore Raja Ampat zebra sharks"
#Indonesia #Animals #Conservation
@arXiv_csAR_bot@mastoxiv.pageThis https://arxiv.org/abs/2309.00304 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csAR_…
@cowboys@darktundra.xyzDak Prescott ‘aware’ of Jerry Jones’ comments on possible contract extension https://www.yardbarker.com/nfl/articles/dak_prescott_aware_of_jerry_jones_comments_on_possible_contract_extension/s1_17236_403…
@chris_hayes@fosstodon.orgMade a #chatgpt bot for creating XKCD-style graphs. It actually works pretty okay!
@mguhlin@mastodon.educationLinkShare: AI Literacy Day: https://tceajmg.micro.blog/2024/04/29/linkshare-ai-literacy.html
@Techmeme@techhub.socialGoogle researchers observed 97 zero-day exploits in the wild in 2023, up 50% from 62 in 2022; 48 were used by espionage actors and 10 were financially-motivated (Jonathan Greig/The Record)
https://therecord.media/zero-day-exploits-jumped-in-2023-spyware…
@patrick_townsend@infosec.exchangeGDPR and the Right To Be Forgotten (RTBF) and other Rights
A bit of a longer read.
I recently had the opportunity to engage a bit here on Mastodon on the question of data privacy and the EU General Data Protection Regulation (GDPR). I’ve had a chance to think about this a bit more and am providing the following thoughts. This is not a complete analysis of data privacy under GDPR, but I hope it will be helpful for organizations or agencies who fall under this regulation. I appreciate those who commented previously (references below).
First, some disclaimers:
- I am not a lawyer. I recommend you talk to one if you are developing software that handles private information or are simply storing or sharing private information.
- I have read the entire GDPR and recitals, but I am not current on recent legal refinements.
- I have also read other data compliance regulations such as CCPA and at one point I read all of the data privacy regulations of all 50 US states.
- Why did I do this? My company was subject to GDPR and a number of other privacy regulations and we were selling a data security solution. Our customers had a reasonable expectation that we would help them meet compliance regulations.
- We developed internal policies and procedures to comply with GDPR.
- We honored all GDPR requests related to RTBF.
- We consciously designed systems that supported and enabled GDPR compliance.
- We invested in and partnered with a blockchain start up and designed and developed for IPFS.
Some definitions might be helpful. GDPR refers to individuals (individual people like you and me) as Data Subjects. The rights granted are granted to individual users and consumers. Organizations that collect private information about Data Subjects are Data Controllers. When we stored information in our CRM we were a Data Controller as defined by GDPR. It takes a bit of reading to get used to these definitions, but they are fairly straightforward.
Context is important when understanding a regulation like GDPR.
I benefited from my time living in and starting a business in Europe (West Germany, in the 1980s). This part of the world had experienced unspeakable horrors during WWII and were living very close to the repression that existed just across the border in eastern Europe. Repressive regimes abuse confidential information and weaponize secrecy in order to exert control over others. My colleagues from Germany, Italy, France, the UK and Poland understood this in a fundamental, human way. I see GDPR as a natural expression of their desire to protect their nations, their communities, their families and themselves. This is why I deeply respect the EU’s right to promulgate these privacy regulations.
Under GDPR the individual becomes the ultimate owner of their private information. There is no implied ability of a Data Controller to override that right (with some exceptions, see below), or to assume that any rights granted to a Data Controller by an individual are permanent and immutable. An individual can give a Data Controller permission to store their private information, and, importantly, an individual can revoke that permission. This is a fundamental difference with how we in the US tend to think of privacy. It is very important to fully grasp this concept if you are planning to do business in the EU.
The Right To Be Forgotten (sometimes called the Right To Deletion) gives the individual the right to ask for their data to be removed from a Data Controller’s system and for that to occur in a timely fashion. But it is only one right defined under GDPR. There are others:
- Right to opt in or out of data sharing.
- Right to change data sharing permissions.
- Right to know with whom data has been shared.
- Right to correct data.
- Right to assume data is pseudonymized, usually with encryption.
- Right to be informed in a timely way of any data beach.
This is not a complete list of the rights and responsibilities conferred under GDPR, but these are probably the most well-known, and probably where many organizations fail to implement proper controls.
Of course, there are exceptions to data privacy rights under GDPR. Some of them are:
- Legal requirements to retain data (tax history, etc.).
- Some freedom of information requirements.
- Some public knowledge aspects.
- General public health and safety.
Please note that GDPR does not provide an exception to the rules because your technology prevents you from meeting RTBF deletion requests (looking at you, blockchain and IPFS). There is no programming around these requirements and clever developers do not get a magical pass to ignore them.
It is also important to understand that RTBF is still being refined. This is a bubbling pot of legal activity. In my opinion the direction seems to be in favor of protecting Data Subject’s privacy rights and enforcing RTBF.
GDPR applies to the EU countries and to anyone doing business in the EU. There are lots of other privacy regulations that are similar to GDPR. In the US, there is the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act of 2020 (CPRA). The UK, Australia, New Zealand and many other countries also have privacy regulations that are similar in intent. Once you start absorbing the requirements of these regulations you start to think of private information in a new way.
Ok, now for some recommendations:
If you are a software developer creating that killer app and the next big Unicorn, build in GDPR support right from the beginning. We know how difficult it is to “bolt on” security after the fact. It is equally hard to re-engineer applications to meet GDPR. So, get it right from the beginning and avoid some angst as you approach an IPO or a global rollout.
If you are a business and have dreams of scaling your business beyond your local community, think about how you collect, store and share information about individual consumers. It is almost certain you are going to run into some flavor of GDPR at some point and you will want to be prepared. If you are not covered by GDPR, CCPA or other privacy regulations now, you may soon be.
If you are using social media platforms as a part of your marketing strategy (who isn’t ???) be sure you understand how your social media provider meets GDPR. Sharing sensitive data with social media and big data brokers can be a GDPR nightmare. Make sure your social media partner has processes in place to meet GDPR data deletion requests.
It was previously mentioned here that developer tools like git and Gitlab would likely not come under GDPR controls. I think the point was that tools like git and Gitlab are not typically used to collect information on individuals, and I think that is correct. It is not that GDPR exempts developer tools from its compliance scheme (it doesn’t), it is just that it is rare to use developer tools to store a lot of personal information. One caution: be careful about test data that you might store as a part of automated testing routines. Don’t store test data with information about real people! Anonymize or tokenize the data before adding it to git.
What about Web3 technologies?
Web3 technologies like blockchain and IPFS can make it extremely difficult (nearly impossible) to meet GDPR requirements for RTBF. If your application ingests data to blockchains and/or IPFS, or provides a public gateway to allow this type of data ingestion, I would recommend implementing application logic to prevent sensitive personal data from being added. I’ve built blockchain and IPFS applications and there is no effective delete function. If you have to store sensitive data, I would recommend against using these technologies.
Lastly, remember that you will probably need proper legal advice (that is not me!) related to GDPR and other compliance regulations. Governance and compliance are proper components of a business plan and software design process.
Here are some resources that may be helpful:
EU General Data Protection Regulation (lots of resources here):
#GDPR #CCPA #CPRA #Compliance #Security #BlockChain #IPFS #Software #SoftwareDevelopment #Programming
@rokku@soc.saiyajin.spaceas a long term customer of hetzner over many many years it is very sad to me that the marketing bullshit bing is getting more and more. in the early days this wasn't. you got cheap servers with good hardware and a technical aware support. but today he products are sometimes strange built and the marketingblabla is tough to read. #hetzner
@toothFAIRy@scholar.social#NRSD2024 We need stakeholders to become more aware of the why sustainable and open #ResearchSoftware matters, human infrastructure that needs to be in place to support this, facilitate training and learning in this area, set up appropriate policies, sort out responsibilities between the researchers and supporters, amongst other things.
Sounds like some homework for after the conference...
@arXiv_csIR_bot@mastoxiv.pageTowards Group-aware Search Success
Haolun Wu, Bhaskar Mitra, Nick Craswell
https://arxiv.org/abs/2404.17313 https://arxiv.org/pdf/240…
@andres4ny@social.ridetrans.it
@arXiv_qfinRM_bot@mastoxiv.pageThe Oxford Olympics Study 2024: Are Cost and Cost Overrun at the Games Coming Down?
Alexander Budzier, Bent Flyvbjerg
https://arxiv.org/abs/2406.01714 https://arxiv.org/pdf/2406.01714
arXiv:2406.01714v1 Announce Type: new
Abstract: The present paper is an update of the "Oxford Olympics Study 2016" (Flyvbjerg et al. 2016). We document that the Games remain costly and continue to have large cost overruns, to a degree that threatens their viability. The IOC is aware of the problem and has initiated reform. We assess the reforms and find: (a) Olympic costs are statistically significantly increasing; prior analysis did not show this trend; it is a step in the wrong direction. (b) Cost overruns were decreasing until 2008, but have increased since then; again a step in the wrong direction. (c) At present, the cost of Paris 2024 is USD 8.7 billion (2022 level) and cost overruns is 115% in real terms; this is not the cheap Games that were promised. (d) Cost overruns are the norm for the Games, past, present, and future; they are the only project type that never delivered on budget. We assess a new IOC policy of reducing cost by reusing existing venues instead of building new ones. We find that reuse did not have the desired effect for Tokyo 2020 and also look ineffective for Paris 2024. Finally, we recommend that the Games look to other types of megaprojects for better data, better forecasting, and how to generate the positive learning curves that are necessary for bringing costs and overrun down. Only if this happens are Los Angeles 2028 and Brisbane 2032 likely to live up to the IOC's intentions of a more affordable Games that more cities will want to host.
@trochee@dair-community.socialThis article is one enormous [citation needed]
> “I’m more optimistic because we have been using the tool a lot, and some of the insights we’re starting to get from a scientific standpoint are things that none of our scientists were aware of,” he added.
Moderna CEO says AI will help scientists understand ‘most diseases’ in 3 to 5 years | Semafor
@arXiv_csRO_bot@mastoxiv.pageThis https://arxiv.org/abs/2402.18002 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csRO_…
@akosma@mastodon.onlineFriendly reminder. https://akos.ma/blog/how-to-use-a-microphone/
@wemic@social.linux.pizzaCheck on some old GitHub hosted developer roadmaps today looking to share them with some of my #codeInPlace students.
Found out it got really sofisticated in the past few years, with a full web interface, progress tracking, profiles and badges, and a lot more roadmaps!
All while, as far as I'm aware, staying free and community-made. Very cool! Check it out:
@grifferz@social.bitfolk.comI'm a member of the libdem party. Am I wrong to feel a bit weird about their decision to just increase my monthly donation unless I opt out?
(I'm aware this is fine according to the Direct Debit guarantee. I don't mean legally. I mean morally.)
If any of the charities I'm involved with took such a decision I don't think people would accept it. They'd have to do an appeal that required an action to increase contribution.
@arXiv_csNI_bot@mastoxiv.pageNetwork Intent Decomposition and Optimization for Energy-Aware Radio Access Network
Yao Wang, Yijun Yu, Yexing Li, Dong Li, Xiaoxue Zhao, Chungang Yang
https://arxiv.org/abs/2404.18386
@Kencf618033@social.linux.pizzaIt was the week that was. Compressor gave out on 13-year-old Subaru. State lifetime 100% disability was suddenly and unexpectedly at bureaucratic risk, as in not receiving any prior notice whatsoever, whereupon scary letter. And mother is getting more muddled –granted, she's aware of this. #adulting
@jvschrag@hachyderm.ioI wrote a short article about power dynamics at work, and how they can affect teamwork and psychological safety. A lot of these dynamics are invisible (to the more-powerful), so it's good to be aware of them.
https://sites.google.com/schrag.ca/consultin…
@rokku@soc.saiyajin.spaceas a long term customer of hetzner over many many years it is very sad to me that the marketing bullshit bing is getting more and more. in the early days this wasn't. you got cheap servers with good hardware and a technical aware support. but today he products are sometimes strange built and the marketingblabla is tough to read. #hetzner
@arXiv_csNE_bot@mastoxiv.pageThis https://arxiv.org/abs/2303.00614 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csNE_…
@arXiv_csHC_bot@mastoxiv.pageCan humans teach machines to code?
C\'eline Hocquette, Johannes Langer, Andrew Cropper, Ute Schmid
https://arxiv.org/abs/2404.19397 https://arxiv.org/pdf/2404.19397
arXiv:2404.19397v1 Announce Type: new
Abstract: The goal of inductive program synthesis is for a machine to automatically generate a program from user-supplied examples of the desired behaviour of the program. A key underlying assumption is that humans can provide examples of sufficient quality to teach a concept to a machine. However, as far as we are aware, this assumption lacks both empirical and theoretical support. To address this limitation, we explore the question `Can humans teach machines to code?'. To answer this question, we conduct a study where we ask humans to generate examples for six programming tasks, such as finding the maximum element of a list. We compare the performance of a program synthesis system trained on (i) human-provided examples, (ii) randomly sampled examples, and (iii) expert-provided examples. Our results show that, on most of the tasks, non-expert participants did not provide sufficient examples for a program synthesis system to learn an accurate program. Our results also show that non-experts need to provide more examples than both randomly sampled and expert-provided examples.
@arXiv_statML_bot@mastoxiv.pageThis https://arxiv.org/abs/2312.08083 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_sta…
@arXiv_csIR_bot@mastoxiv.pageThis https://arxiv.org/abs/2404.11982 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csIR_…
@arXiv_csDB_bot@mastoxiv.pageThis https://arxiv.org/abs/2310.04268 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csDB_…
@arXiv_csGR_bot@mastoxiv.pageLFS-Aware Surface Reconstruction from Unoriented 3D Point Clouds
Rao Fu, Kai Hormann, Pierre Alliez
https://arxiv.org/abs/2403.13924 https://
@arXiv_csCL_bot@mastoxiv.pageThis https://arxiv.org/abs/2403.04521 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCL_…
@arXiv_csSD_bot@mastoxiv.pageFrequency-aware convolution for sound event detection
Tao Song
https://arxiv.org/abs/2403.13252 https://arxiv.org/pdf/2403.13252
@arXiv_eessIV_bot@mastoxiv.pagePre-training on High Definition X-ray Images: An Experimental Study
Xiao Wang, Yuehang Li, Wentao Wu, Jiandong Jin, Yao Rong, Bo Jiang, Chuanfu Li, Jin Tang
https://arxiv.org/abs/2404.17926 https://arxiv.org/pdf/2404.17926
arXiv:2404.17926v1 Announce Type: new
Abstract: Existing X-ray based pre-trained vision models are usually conducted on a relatively small-scale dataset (less than 500k samples) with limited resolution (e.g., 224 $\times$ 224). However, the key to the success of self-supervised pre-training large models lies in massive training data, and maintaining high resolution in the field of X-ray images is the guarantee of effective solutions to difficult miscellaneous diseases. In this paper, we address these issues by proposing the first high-definition (1280 $\times$ 1280) X-ray based pre-trained foundation vision model on our newly collected large-scale dataset which contains more than 1 million X-ray images. Our model follows the masked auto-encoder framework which takes the tokens after mask processing (with a high rate) is used as input, and the masked image patches are reconstructed by the Transformer encoder-decoder network. More importantly, we introduce a novel context-aware masking strategy that utilizes the chest contour as a boundary for adaptive masking operations. We validate the effectiveness of our model on two downstream tasks, including X-ray report generation and disease recognition. Extensive experiments demonstrate that our pre-trained medical foundation vision model achieves comparable or even new state-of-the-art performance on downstream benchmark datasets. The source code and pre-trained models of this paper will be released on https://github.com/Event-AHU/Medical_Image_Analysis.
@arXiv_csNE_bot@mastoxiv.pageThis https://arxiv.org/abs/2303.00614 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csNE_…
@arXiv_csCR_bot@mastoxiv.pageStructuring the Chaos: Enabling Small Business Cyber-Security Risks & Assets Modelling with a UML Class Model
Tracy Tam, Asha Rao, Joanne Hall
https://arxiv.org/abs/2403.14872
@arXiv_statML_bot@mastoxiv.pageThis https://arxiv.org/abs/2312.08083 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_sta…
@arXiv_csIR_bot@mastoxiv.pageKnowledge-Aware Multi-Intent Contrastive Learning for Multi-Behavior Recommendation
Shunpan Liang, Junjie Zhao, Chen Li, Yu Lei
https://arxiv.org/abs/2404.11993
@arXiv_statML_bot@mastoxiv.pageThis https://arxiv.org/abs/2312.08083 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_sta…
@arXiv_csIR_bot@mastoxiv.pageSIGformer: Sign-aware Graph Transformer for Recommendation
Sirui Chen, Jiawei Chen, Sheng Zhou, Bohao Wang, Shen Han, Chanfei Su, Yuqing Yuan, Can Wang
https://arxiv.org/abs/2404.11982
@arXiv_csIR_bot@mastoxiv.pageContent-Agnostic Moderation for Stance-Neutral Recommendation
Nan Li, Bo Kang, Tijl De Bie
https://arxiv.org/abs/2405.18941 https://a…
