Software developer, racing fan
704 stories
·
26 followers

Push versus Pull

1 Comment and 3 Shares

Once in a while you’ll hear of someone doing a digital detox, which implies there’s something toxic about being digital. And there can be, but “digital” misdiagnoses the problem. The problem mostly isn’t digital technology per se but how we use it.

I think the important distinction isn’t digital vs. analog, but rather push vs. pull, or passive vs. active. When you’re online, companies are continually pushing things at you: ads, videos, songs, shopping recommendations, etc. You either passively accept whatever is pushed at you, and feel gross after a while, or you exert willpower to resist what is being pushed at you, and feel tired.

Information overload

I find it relaxing to walk into a library with millions of books. There’s an enormous amount of information in a library, but it’s not being streamed at you. You have to actively access it. An electronic catalog is far easier to use than an analog card catalog, and the introduction of digital technology does not induce stress. If anything, it reduces stress. (As long as the catalog is not down for maintenance.)

A single web page can induce a stronger sense of information overload than an entire library, even though the former contains a negligible amount of information compared to the latter.

Twitter vs RSS

Twitter can be stressful in a way that RSS is not. Both are digital, but RSS is more active and Twitter is more passive.

RSS gives you content that you have deliberately subscribed to. Your Twitter stream contains updates from people you have chosen to follow, but also unwanted content. This unwanted content comes in several forms: unwanted content from people you chose to follow, retweets, and worst of all tweets that people you follow have “liked.” You can turn off retweets from people you follow, but you can’t avoid likes [1]. Twitter also has ads, but I find ads less annoying than the other unwanted content.

When an item shows up in your RSS feed you make a choice whether to open it. But Twitter content arrives already opened, including photos. I’ll subscribe to someone’s RSS feed even if I’m interested in only one out of twenty of their posts because it is so easy to simply not read the posts you’re not interested in. But if you’re only interested in one out of twenty things people say on Twitter, then your stream is 95% unwanted content.

Instant messaging vs Email

Instant messaging and text messages are more stressful than email, at least in my opinion. This is another example of passive versus active. The more active option, while perhaps less convenient, is also less stressful.

IDEs vs editors

An IDE (integrated development environment) is a program like Visual Studio that helps you write software. There are scores of menus, buttons, and dialogs to guide you in developing your code. If you’re doing the kind of software development an IDE is designed for, it can be very useful. But I also find it stressful. I feel like options are calling out “Pick me! Pick me!”

Text editors stay out of your way, but they also don’t offer any help. The Visual Studio IDE and the Emacs editor are both enormous programs, but the former feels more passive and stressful to me. Emacs, for better and for worse, is more active. It has thousands of commands, but they’re not staring at you on buttons. You have to type them. This makes it much harder to discover new features, but it also makes the software more peaceful to use.

Here’s what the two programs look like when you open them. First Visual Studio:

Visual Studio 2015 screen shot

And now Emacs:

Emacs screen shot

Digital vs online

Using a computer is not the same thing as being online. As far as I know, nobody talked about the need for a digital detox before the web. People who say they’re worn out by digital technology are mostly worn out by social media. Computers have a few other uses besides being social media portals.

In the television series Battlestar Galactica, the protagonists had a rule that computers must not be networked. Computers were essential, but they must never be networked, in order to prevent attack from Cylon androids. Some people have a sort of personal Battlestar Galactica rule, working for long periods of time without an internet connection.

An alternative is to make disciplined use of an internet connection, for example, using it for email but not for social media. Unplugging the network cable takes less decision making and less discipline, but it’s harder to do. For example, it’s common for software to not have local documentation, so you may need to go online for help.

Conclusion

Much of the stress attributed to digital technology comes from passive use of the technology rather than the technology itself. There are benefits to walking away from computers periodically that this post hasn’t discussed, but most of the benefits of a digital detox come from a social media detox.

[1] Now you can block likes: here’s how.

Read the whole story
vitormazzi
10 hours ago
reply
Brasil
luizirber
1 day ago
reply
Davis, CA
Share this story
Delete
1 public comment
LeMadChef
16 days ago
reply
Good analogies. I haven't ever felt the need to "digitally detox" but I regularly go through all my device notifications, and make sure to enable "night mode" (no notifications during sleeping hours) and I think that is helpful.
Denver, CO

Quantum Computing and Cryptography

1 Comment and 3 Shares

Quantum computing is a new way of computing -- one that could allow humankind to perform computations that are simply impossible using today's computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would break the RSA cryptosystem for any key length.

This is why cryptographers are hard at work designing and analyzing "quantum-resistant" public-key algorithms. Currently, quantum computing is too nascent for cryptographers to be sure of what is secure and what isn't. But even assuming aliens have developed the technology to its full potential, quantum computing doesn't spell the end of the world for cryptography. Symmetric cryptography is easy to make quantum-resistant, and we're working on quantum-resistant public-key algorithms. If public-key cryptography ends up being a temporary anomaly based on our mathematical knowledge and computational ability, we'll still survive. And if some inconceivable alien technology can break all of cryptography, we still can have secrecy based on information theory -- albeit with significant loss of capability.

At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it's easier to smash a plate than to glue all the pieces back together, it's much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind -- one-way functions and trap-door one-way functions -- underlie all of cryptography.

To encrypt a message, we combine it with a key to form ciphertext. Without the key, reversing the process is more difficult. Not just a little more difficult, but astronomically more difficult. Modern encryption algorithms are so fast that they can secure your entire hard drive without any noticeable slowdown, but that encryption can't be broken before the heat death of the universe.

With symmetric cryptography -- the kind used to encrypt messages, files, and drives -- that imbalance is exponential, and is amplified as the keys get larger. Adding one bit of key increases the complexity of encryption by less than a percent (I'm hand-waving here) but doubles the cost to break. So a 256-bit key might seem only twice as complex as a 128-bit key, but (with our current knowledge of mathematics) it's 340,282,366,920,938,463,463,374,607,431,768,211,456 times harder to break.

Public-key encryption (used primarily for key exchange) and digital signatures are more complicated. Because they rely on hard mathematical problems like factoring, there are more potential tricks to reverse them. So you'll see key lengths of 2,048 bits for RSA, and 384 bits for algorithms based on elliptic curves. Here again, though, the costs to reverse the algorithms with these key lengths are beyond the current reach of humankind.

This one-wayness is based on our mathematical knowledge. When you hear about a cryptographer "breaking" an algorithm, what happened is that they've found a new trick that makes reversing easier. Cryptographers discover new tricks all the time, which is why we tend to use key lengths that are longer than strictly necessary. This is true for both symmetric and public-key algorithms; we're trying to future-proof them.

Quantum computers promise to upend a lot of this. Because of the way they work, they excel at the sorts of computations necessary to reverse these one-way functions. For symmetric cryptography, this isn't too bad. Grover's algorithm shows that a quantum computer speeds up these attacks to effectively halve the key length. This would mean that a 256-bit key is as strong against a quantum computer as a 128-bit key is against a conventional computer; both are secure for the foreseeable future.

For public-key cryptography, the results are more dire. Shor's algorithm can easily break all of the commonly used public-key algorithms based on both factoring and the discrete logarithm problem. Doubling the key length increases the difficulty to break by a factor of eight. That's not enough of a sustainable edge.

There are a lot of caveats to those two paragraphs, the biggest of which is that quantum computers capable of doing anything like this don't currently exist, and no one knows when -- or even if ­- we'll be able to build one. We also don't know what sorts of practical difficulties will arise when we try to implement Grover's or Shor's algorithms for anything but toy key sizes. (Error correction on a quantum computer could easily be an unsurmountable problem.) On the other hand, we don't know what other techniques will be discovered once people start working with actual quantum computers. My bet is that we will overcome the engineering challenges, and that there will be many advances and new techniques­but they're going to take time to discover and invent. Just as it took decades for us to get supercomputers in our pockets, it will take decades to work through all the engineering problems necessary to build large-enough quantum computers.

In the short term, cryptographers are putting considerable effort into designing and analyzing quantum-resistant algorithms, and those are likely to remain secure for decades. This is a necessarily slow process, as both good cryptanalysis transitioning standards take time. Luckily, we have time. Practical quantum computing seems to always remain "ten years in the future," which means no one has any idea.

After that, though, there is always the possibility that those algorithms will fall to aliens with better quantum techniques. I am less worried about symmetric cryptography, where Grover's algorithm is basically an upper limit on quantum improvements, than I am about public-key algorithms based on number theory, which feel more fragile. It's possible that quantum computers will someday break all of them, even those that today are quantum resistant.

If that happens, we will face a world without strong public-key cryptography. That would be a huge blow to security and would break a lot of stuff we currently do, but we could adapt. In the 1980s, Kerberos was an all-symmetric authentication and encryption system. More recently, the GSM cellular standard does both authentication and key distribution -- at scale -- with only symmetric cryptography. Yes, those systems have centralized points of trust and failure, but it's possible to design other systems that use both secret splitting and secret sharing to minimize that risk. (Imagine that a pair of communicants get a piece of their session key from each of five different key servers.) The ubiquity of communications also makes things easier today. We can use out-of-band protocols where, for example, your phone helps you create a key for your computer. We can use in-person registration for added security, maybe at the store where you buy your smartphone or initialize your Internet service. Advances in hardware may also help to secure keys in this world. I'm not trying to design anything here, only to point out that there are many design possibilities. We know that cryptography is all about trust, and we have a lot more techniques to manage trust than we did in the early years of the Internet. Some important properties like forward secrecy will be blunted and far more complex, but as long as symmetric cryptography still works, we'll still have security.

It's a weird future. Maybe the whole idea of number theory­-based encryption, which is what our modern public-key systems are, is a temporary detour based on our incomplete model of computing. Now that our model has expanded to include quantum computing, we might end up back to where we were in the late 1970s and early 1980s: symmetric cryptography, code-based cryptography, Merkle hash signatures. That would be both amusing and ironic.

Yes, I know that quantum key distribution is a potential replacement for public-key cryptography. But come on -- does anyone expect a system that requires specialized communications hardware and cables to be useful for anything but niche applications? The future is mobile, always-on, embedded computing devices. Any security for those will necessarily be software only.

There's one more future scenario to consider, one that doesn't require a quantum computer. While there are several mathematical theories that underpin the one-wayness we use in cryptography, proving the validity of those theories is in fact one of the great open problems in computer science. Just as it is possible for a smart cryptographer to find a new trick that makes it easier to break a particular algorithm, we might imagine aliens with sufficient mathematical theory to break all encryption algorithms. To us, today, this is ridiculous. Public- key cryptography is all number theory, and potentially vulnerable to more mathematically inclined aliens. Symmetric cryptography is so much nonlinear muddle, so easy to make more complex, and so easy to increase key length, that this future is unimaginable. Consider an AES variant with a 512-bit block and key size, and 128 rounds. Unless mathematics is fundamentally different than our current understanding, that'll be secure until computers are made of something other than matter and occupy something other than space.

But if the unimaginable happens, that would leave us with cryptography based solely on information theory: one-time pads and their variants. This would be a huge blow to security. One-time pads might be theoretically secure, but in practical terms they are unusable for anything other than specialized niche applications. Today, only crackpots try to build general-use systems based on one-time pads -- and cryptographers laugh at them, because they replace algorithm design problems (easy) with key management and physical security problems (much, much harder). In our alien-ridden science-fiction future, we might have nothing else.

Against these godlike aliens, cryptography will be the only technology we can be sure of. Our nukes might refuse to detonate and our fighter jets might fall out of the sky, but we will still be able to communicate securely using one-time pads. There's an optimism in that.

This essay origially appeared in IEEE Security and Privacy.

Read the whole story
jepler
8 days ago
reply
A great overview of what quantum computing appears to mean for crypto, er, cryptograpy. (ugh I hate how you have to write "cryptography" because "crypto" somehow got coopted by coin bros)

But, come on—as long as we're positing aliens who can break an infinite key size AES variant computationally, I don't know why number-theoretic cryptosystems stand. One Time Pads depend on random numbers, and sufficiently advanced aliens would be able to control or predict the output of any physical RNG, even if we think have a physics-based proof that it's impossible. (worst case, they just have to simulate the whole universe to do it..)
Earth, Sol system, Western spiral arm
acdha
8 days ago
I realize this is old-man-yells-at-cloud territory but I refuse to cede “crypto” to the tulip bulb fetishists
vitormazzi
2 days ago
reply
Brasil
Share this story
Delete

Saturday Morning Breakfast Cereal - Modern Epic

3 Comments and 16 Shares


Click here to go see the bonus panel!

Hovertext:
It occurred to me after drawing this that's it's basically a summary of The End of History.


Today's News:
Read the whole story
vitormazzi
4 days ago
reply
Brasil
popular
4 days ago
reply
Share this story
Delete
3 public comments
jprodgers
1 day ago
reply
Cuts deep in unexpected ways.
Somerville, MA
jlvanderzwan
4 days ago
reply
Just one more way in which Superman/Clark Kent changed storytelling I guess
WorldMaker
4 days ago
reply
The secret identity was inside us this whole time
Louisville, Kentucky

Big Health

1 Share

Todos los médicos coinciden: hacer ejercicio es importante. Si se busca perder de peso, lo ideal es hacer 40 minutos de ejercicio moderado por día, dicen los expertos.

Yo me pregunto: de dónde sale ese número? Qué pasa si camino 39 minutos por día? No sirve para nada? O tal vez el efecto es proporcional? Es lo mismo hacer ejercicio de día que de noche? Es lo mismo para hombres y mujeres? Cómo cambia con la edad?

Los axiomas tipo el de 40 minutos vienen, en el mejor de los casos, de estudios randomizados. El problema es que en general las muestras son chicas (frecuentemente decenas de personas), y no contemplan demasiadas variables.

Afortunadamente hay mejores soluciones. Millones de personas usan relojes inteligentes, o dispositivos como el Fitbit. Fitbit tiene registros de 150.000 millones de horas de pulso cardíaco, junto con datos de edad, sexo y peso de los usuarios. Ese enorme repositorio de información permite hacer estudios mucho más fidedignos que cualquier muestra.  El periodista David Pogue tuvo acceso a la base de datos, y reporta algunas conclusiones de un análisis que hizo sobre la frecuencia cardíaca en reposo, un indicador de diversos riesgos. En general, cuanto menor la frecuencia en reposo, menor el riesgo.

Cómo afecta el ejercicio la frecuencia en reposo? Pogue lo muestra en algunos gráficos. Alcanza con 100 minutos semanales para que la frecuencia baje en 4 pulsos por minutos. Como es de esperar, los siguientes 100 minutos semanales tienen un menor efecto. Hacer los 100 minutos todos juntos no es tan beneficioso como repartirlos.

Las conclusiones del estudio de Pogue son básicas, pero lo interesante es que finalmente empezaremos a ver recomendaciones basadas en datos reales.

 

 

 



Read the whole story
vitormazzi
9 days ago
reply
Brasil
Share this story
Delete

Photo

2 Comments and 12 Shares


Read the whole story
vitormazzi
14 days ago
reply
Brasil
popular
15 days ago
reply
Share this story
Delete
1 public comment
StunGod
16 days ago
reply
I'm incorporating this for my captchas from now on.
Portland, Oregon, USA, Earth

Saturday Morning Breakfast Cereal - We Are Here

1 Comment and 10 Shares


Click here to go see the bonus panel!

Hovertext:
I am prepared to lend this speech to any commencement speaker free of charge.


Today's News:
Read the whole story
vitormazzi
16 days ago
reply
Brasil
Share this story
Delete
1 public comment
rraszews
16 days ago
reply
Ironically, this is all creationists think biologists do all day.
Next Page of Stories